By Bret Piatt
Apr 17, 2018
This past Saturday, April 14, episode 81 of Cyber Talk Radio hit the air on 1200 WOAI and iHeartRadio streaming. I was joined by Andy Pilato, CNF Technologies CTO, to discuss effective cyber training.
How did you get into information technology and cybersecurity? Interested in learning more about effective cyber training? As we kick off the show, Andy tells us about his background as a contractor for the Air Force Computer Emergency Response team where he got hands on training in a computer security lab. In training, he focused on testing the security of their network from the offensive side. This is also called penetration testing where you are trying to find the flaws in your system to better protect your business or organization. How do you train someone from zero to be able to compete in a cyber competition like CyberPatriot? You first need to understand how the system is built before understanding the flaws. One commonly used tool is a Honey Pot to attract hackers. According to Wikipedia and computer terminology, a honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. What does CNF Technologies do? The company is led by Roxanne Ramirez as CEO and strives to help secure our nation through world class research, development, integration, and operation of cyber technologies. We recently had Angel Crockett, another female cybersecurity CEO in town on the show, check out that episode here. To close out the first half of the show, Andy shares example scenarios for phishing attempts and how hackers go about gaining access to your cell phone.
In the second half of the show, we dig into effective cyber training and the best ways to teach people. What are exploits and metasploits? Metasploits are similar to lock picking tools for computers. Andy talks more about security specific training and the different tools that are helpful to utilize. Many times security teams will use traffic generators for intrusion detection to parse out the people in the system that are in the network to do bad things. When a hacker gets into a system, they almost always get in laterally. That’s when you need a honey pot! Identifying someone’s cyber experience is hard to do, many companies do in-house training. A few pieces of advice that Andy gives is to find a mentor and figure out what your good at whether it is analyzing, monitoring or being on the attack-side. Knowledge of setting up a network/system helps you figure out how people can get into a network maliciously. If you haven’t heard of CyberPatriot, check out their website and get involved as a mentor! Listen to the episode replay to learn more about CNF Technologies and different cyber training tools, go here!**
Contact Cyber Talk Radio via our request a topic or be a guest form.