We are proud to present to you the "WOMEN OF CYBERSECURITY" issue of eForensics Magazine. Our goal in creating it was to showcase women that are present in the cybersecurity space, and the amazing work they do. Some of you might be worried at this point that this is not a read for you, but don’t fret - this is a regular issue of the Magazine, it just so happens that all authors were women. Well, “just so happens” is a little understatement. It was very challenging for us to put it together, for many reasons, and we have some thanks to give before we take you on this ride.
First and foremost, we would like to thank all wonderful women that participated in this issue. You are all awesome, each and every one of you. Your work and your dedication are really inspiring!
Second, we are so, so grateful for our betatesters, reviewers, and proofreaders; we may be the ones publishing this, but thanks to your help we can be really proud and confident with what we’re putting out there.
Alright, so what’s waiting for you inside? First, Paige Ishii will discuss the possibility of forming partnerships between information security and business, and she means partnerships, not just tolerating one another. Then, we’ll take a trip to Japan to see what’s going on in digital forensics there. With so much focus on Europe and America we thought it might be interesting to take a closer look. To finish the warm-up before more technical pieces, Micaela Gallerini will share with you her thoughts on essential social engineering techniques for forensic professionals.
After that, Mari DeGrazia will explain to you exactly what does the phrase “Trust, but verify” mean. The article ends on a technical note, as Mari shows you some practical examples that illustrate the problem. Then we will take a deep dive into risk assessment with Georgia Weidman, focusing on mobile devices this time, and finally have an epic battle against APTs with Cecilia McGuire.
Once you’re done, we’ll check what Carly Wood has to say about starting out in cybersecurity, which, as some of you may realize, can be a great challenge. To compliment that, we would to invite you to read our interview with Tracy Lenzner. We believe that her vast experience in recruitment for digital forensics will allow you to gain some valuable insight into what digital forensic specialists should expect when planning their careers.
We close the issue with two amazing articles that deal with the theme of this publication: women in cybersecurity. First, we have Cynja’s Heather Dahl proposing an awesome way for women to champion cybersecurity - and become champions themselves. And then, to finish it off, Jane Farkland dissects the role and position of women in cybersecurity and gives you a looking glass to thoroughly examine all intricacies of the topic. We strongly recommend you read it, especially since she gives good advice every step of the way.
That’s it! We hope you’ll like the issue - please don’t hesitate to send us your feedback. Apart from comments, social media, and e-mail, you now have one more way to do that: in the bottom right corner of our website there is a small tab that allows you to chat with us, live. Use it, we would love to hear from you! And we promise it’s really us and not a bot :).
Enjoy your reading!
Is Building a Partnership between Information Security and the Business Possible? by Paige Ishii I often think company information security departments get a bad rap. Here’s why. When was the last time you heard your Security Department or your CSO say to the business: “Sure, no problem, we can do that! Go ahead and do (fill in your potential leak of data here) and we will think about the ramifications and potential breaches in security and regulatory requirements later!”
Japan: A Vivid Epitome of Management Problems in Digital Forensics Author has requested to remain anonymous Japan, newly growing in the field of digital forensics, is now encountering management difficulties that stem from cultural, as well as technical concerns. I would like to describe its historical background and technical specifications, which might be a vivid epitome of problems that most agencies have in the management of digital forensics today.
Trust, but Verify: Why, When and How by Mari DeGrazia We’ve heard it murmured in forums, and written in blog posts and forensic books; trust, but verify. The origin of the phrase is the Russian proverb, “Doveryai, no proveryai” and has been echoed in the forensic community. What exactly does trust, but verify, mean?
Breaking into CyberSecurity
by Carly Wood Cyber security is a growing field that will only continue to grow as technology becomes the center of the universe in the everyday world. With this increase in popularity comes an equal increase in job opportunities as well as the creation of new roles to combat the equally increasing cybercrimes that develop alongside this growing technology.
Essential Social Engineering for Forensics by Micaela Gallerini Social engineering is very often combined with the black hat, research and obtaining information for blackmail, identity theft, and scams for example; however, many do not know that it can also be used in forensics.
Assessing the Risk of Mobile Devices in the Enterprise by Georgia Weidman Mobile risk is here. We all know it. Naysayers like to point out that no breach has ever been attributed to a mobile attack, however, they cannot convincingly affirm whether intrusion detection systems are even monitoring mobile attacks and whether their systems are capable of detecting rogue exfiltration points on their networks.
Seeing the Invisible: Advanced Persistent Threats by Cecilia McGuire Deep in the depths of digital trenches, concealed war prevails. Forces assemble of expert hackers to punch through perimeters, launching the next-generation of malware attacks. Boundaries are dissolving, opening the perimeter to conquest. Navigating through the virtual maze leads assailants to the doors of national security, government, defense, banking and retail through to the critical infrastructure services, health - all verticals targets for compromise.
Interview with Tracy Lenzner by Marta Strzelec, Marta Sienicka, Marta Ziemianowicz
Women in tech by Heather C. Dahl As women in technology, we are the target audience for campaigns so often designed to teach girls how to code, study STEM subjects in school, and motivate girls to pursue technology as a career. These programs are extremely important for us to participate in because positive female role models will inspire a girl’s imagination to dream of amazing accomplishments she might not otherwise consider. I know this from personal experience, having been raised by a mother in technology. My mom was the one who first introduced me to the career I have today.
Women in Cyber Security: Standard not Exception by Jane Frankland Mother Teresa said: “We ourselves feel that what we are doing is just a drop in the ocean. But the ocean would be less because of that missing drop”. I live by this quote. It’s powerful. It inspires me and it’s one of the reasons why I do what I do. Let me explain.