Harry McLaren is a managing consultant at ECS who gives a presentation on cybersecurity engineering. Cybersecurity engineering involves building systems, deploying configurations, integrating systems, and developing solutions to protect against, detect, and respond to threats. It is important for engineering projects to consider people, process, technology, the end user, support requirements, and how the solution fits within the business and IT strategies. The presentation provides examples of scenario walkthroughs and best practices for engineers, such as using automation, version control, containers, and cloud technologies.
2. Harry McLaren
•Alumnus of Napier University
• Active Student Mentor
•Managing Consultant at ECS [Security]
• Splunk Enablement Lead, Engineer & Architect
• Previous Roles:
• Security Engineer, SOC Analyst, IT Technician
3. Coming Up:
•Definition of [Cyber]Security Engineering
•NIST Security Framework
•It’s All About the PPTs!
•Scenario Based Walkthrough
•Best Practices for Engineers in 2018
•Resources
~25mins
6. Types of Engineering (Not Exhaustive!)
Systems
Deployment &
Configuration
Systems
Integration
Setup of
Automation &
Orchestration
Solution
Development
7. It’s All About the PPTs!
Successful
Projects
People
Process
Technology
8. People & Process
• Who’s the end user?
• Who’s going to
support it?
• How extensible is it?
• What are the training
requirements?
• How do people feel?
• Building champions!
• How does it fit within
the businesses IT?
• How does it align to
the company strategy?
• Does it leverage best
practices for
design/build/deploy?
• How resilient to
change is the solution?
9. Scenario Walkthrough
1. Business Has Problem: Security Monitoring
Desperate Data Sources, Data Siloed,
Cross-Functional Use Cases, Legacy “Big Data”
Choose a Technology:
2. Magic???
3. 1-12 Months Later…
Success!
11. Integration into Other Systems
• Data Collection
• Data On-boarding
• RESTful API
• CMDB
(Identities & Assets)
• Workflow / Ticketing
• Contextual Analysis
12. Setup of Automation & Orchestration
• Automated Build
• Auto-scaling
• Responsive Actions
• Version Control
• Configuration
Management
13. Solution Development
• Data Analytics as a Service
(DAaaS)
• Self Service
• End-to-End Business
Support & Development
• Centres of Excellence
• Solution Champions
14. Best Practices for Engineers in 2018
• Outcome based
Development
(Lean/Scrum/Agile)
• Version Control (VCS)
• Configuration
Management (CMS)
• Development &
Release Frameworks
(Route-to-Live)
• Capture Knowledge
• Build Lab Environments
• Containerisation for
Rapid & Mobile
Development
• Leverage Cloud Agility
• Consider Multi-Cloud
• Facilitate the Business,
Don’t be a Blocker
15. Resources
• Splunk/ Data Analytics
• Intro to Splunk
• Free 2-day Course
• Threat Hunting
• Agile based
Development
• Version Control 101
• Configuration
Management 101
• Getting Things Done
Methodology
• Cloud
• Free AWS Tier / Training
• Free Azure Tier / Training
• Starting with Docker
• Starting with Python
• Starting with Go
17. Cyber Scotland Connect
•Community Directed Group (What Do You Want?)
Shape Us
•Slack! (Website Coming Soon!)
Connect with Us
•Seeking Contributions (Speaking, Practical Labs, Etc)
Share with Us