Welcome back to Destination Cyber Season two. Hey there, my cyber explorers. Today we are diving into a journey that spans continents, decades, and so the most high stake cyber environments on the planet. Joining me is Prescott pe, principal consultant at Cosset. Imagine a career that’s taken you from building security operation centers across Asia and Europe to advising governments and enterprises on cyber threat intelligence.
That’s Prescott’s story with over 25 years in the field, his master of turning complex challenges into actionable strategies and our mentor who has helped shape the next generation of cybersecurity leaders. So Prescott, you have been in the field of cybersecurity for over 25 years now. So tell us the story of the moment you realized cybersecurity was your thing.
What was the scene? Who were you with and what confused you at first?
When I first came across cybersecurity, it was when I was at university at Monash University doing computing degree, and actually I was doing a computing degree and a finance degree at the same time and found finance a bit boring. It really interesting, and I remember doing a subject and reading a book on cybersecurity and like, yep.
That’s it. That’s exactly what I want to be be doing. It sounds really interesting and that you’d be constantly learning and being challenged. I think that still holds true 25 years later. But I guess, you know, the funny thing about that story was yeah, I. Focused on that and set my goal on, on getting a, a job in that field.
When I left uni, I got a graduate position in the public service in Canberra. I moved to Canberra and they said they had, you know, roles available in, in cyber teams. And then when I got there on my first day, like, oh no, actually we didn’t have a role available, so we’re gonna put you in software development for the study.
And I was so crushed that coding software development wasn’t exactly where I wanted to go. But I think that’s one of those things you learn through life is that. Sometimes you just gotta put in the hard work. So I spent six months learning how to code at an enterprise level, and then opportunity arose.
I shown enough, um, promise that I got to move into the, the security team. So I was in, you know, sort of mid 2000 and yeah, been loving working in slab security ever since then.
That sounds very fascinating. So you were doing finance first as well? Or what made you choose that decision? Finance in 90. That’s a very good combo.
Yeah. Well, yeah, there’s a lot of cybersecurity requirements in finance. I didn’t think about that specifically back then, but I think the younger version of me was probably trying to hedge bets a little bit. And think about what types of industries might be recruiting graduates. The banks certainly seem to do a lot, but to me it was also about broadening my skill base.
So doing the finance degree. You know, there were subjects on management and marketing and you. Those sort of things have read really helpful for my career. I love to learn and adapt to changes in my environment. So yeah, getting a broad base of knowledge has definitely helped me sustain my career.
No, that is a very good point.
The adaptation. I think that is like the key requirement that everybody needs to be agile in their thinking. The other thing I wanna talk about, you said you read a book and that sort of, uh, led you into choosing cybersecurity. So would you say that you’re an avid reader?
Yes. Particularly back then, I think.
Once, you know, started into the phase of life where having a family and there’s lot of other responsibilities, a lot of that drops away. But certainly had my fair share of, you know, both, you know, work related books and fictional books as well. Yeah, over the years.
Alright, so would you walk me through your first so shift and what did you think you would be doing versus what actually happened?
So you said that you sort of got into the software development first and you had to learn a language. What was that language? And then when you went to a security. What did you do?
Yeah, it was a really obscure object oriented programing language that I, I was learning called eel. You’d never probably even heard of it these days, but just say again.
You know, it sort of teaches you the basics of how to do things, and I think that’s really important is when it comes to technology, is understanding. The capability and not so much, you know, the prescribed steps that you need to take for each type of application or language that you’re learning. It’s how do I get the theory and the, the basics down?
And then you can apply that to a number of things throughout your career. But yeah, I remember really early on in my, my role in, in government, we, we didn’t even call them socks back then. It was just the information security team. So we, not long after I, after I started the I Love You Virus came out.
Started, you know, just worming through everyone’s email. I’m like, oh my God, how do we stop this thing? So that really brought it to my attention that we could really have an impact and secure the organization by doing some really, really small things. Sometimes you need to take those small wins because it could be quite overwhelming working in a, in a SOC team or security operations team.
So, yeah, taking small wins helps keep you motivated and on the path. A lot of the times working this office, it’s just alert after alert, and you don’t, you don’t think about obviously the, the context, the broader, broader picture. So having those key moments where, oh, here’s something I, I really achieve, and maybe write up a report on it to say, this is what happened.
Here’s what I learned. Here’s how we can protect the organization further. There are ways that you can. Help just provide you some context of what you’re doing.
So you mentioned there was a virus that came around, and so how did your team react to this? What, was there like a lot of panic at that time? Or did you guys have a incident response plan in mind?
Okay, this, this, this.
Yeah. This was probably well before incident response plans came out. I think we had some real basics in terms of documentation. Yeah, a lot of that is figuring out on the fly, which is not ideal for SOX teams. Fast forward. So today, and a lot of organizations will have specific playbooks for specific threats.
I think we understand the the threat actor landscape a lot more and what organizations are trying to do to access your information. But yeah, back in those days it was you rich, flying blind and just needing to, to react. I think that something really interesting about that is that. It really forced us to think outside the box and problem solve a lot more.
So we had to adapt our skills and, and make sure we’re learning. Sometimes you can get a little bit stuck procedurally with SOPs and playbooks and it, it’s good to be able to have a consistent, repeatable way to, to handle those things, but quite often you’ll see more genius psych analysts get, no, this is what I have to do.
These are all things I need to look at, where sometimes you need to broaden your thinking a little bit more.
That all sounds very intriguing. So what does a typical day look like for you now at Sive, and what parts of your calendar you think are sacred and what are the interruptions?
I love what I do at sif.
I’m a principal consultant for cybersecurity, specializing in security operations and cyber threat intel. I’ve had 25 years experience in the security operations space, as you mentioned before, and then probably more specifically the last. Three or four years, been working a lot more in the cyber threat intel space, although touching that, that area for the last.
So 10 or so years managing teams, collecting cyber threat intelligence. What I love about my day and, and is a small company we’re based in Australia, in New Zealand, is that every day is a little bit different. And that’s, that’s something that’s been a hallmark of working in cyber for 25 years, is it’s never the same thing day in, day out.
You’ve always got something being thrown at you to change and adjust. So part of my role is to help clients with. Their security operations programs and look at how can they improve their, their practices with, you know, lifting their maturity and their capability and achieving their security outcomes for their organizations, or helping them tailor a cyber threat intelligence project to their organizational risks.
Needs. And so I do a lot of that, that sort of client facing work. The part that really gets me motivated is helping communities and advising, mentoring those, those sort of roles. So, you know, in this role I’m able to do some community work, whether it’s, you know, coming onto to podcasts or running webinars, speaking at at conferences.
Coif allows me to. Be able to share my knowledge and experience. So every day I’m doing tiny little things, whether that’s helping out with a, a local university program or just having catchup coffee with someone trying to help them progress their career. These are all things that, that really help me manage my day.
What is the, the sacred time for me as a parent? You know, making sure I’m there for my kids is a, is a really big one, and I’ve probably been. Really guilty of overworking myself 24 7 around the clock in, in security operations space over the last 25 years. So being there for the, the kids and every day just about doing the school pickup and drop off.
So that’s locked out in my calendar and that’s time, you know, I can just check in with the kids, see how things are going before, before getting back to work.
So you mentioned cyber threat intel. So before you became sort of principal consultant before that, how did are they in your life look like? Was it like monitoring the cyber threats and flagging the alerts or was it something more?
Yeah, I guess in the the past I’ve have teams who have been doing that sort of work, where I really came into it over the last three or four years as I was working with the Australian Signals Directorate on the national Cyber Threat Intelligence sharing program. Through that we were able to work with around 400 organizations around the country to connect up to asds threat, intel sharing program, and they could download and then consume Intel.
So, so my role there was to. Be, I guess, a technical lead and work with those organizations on what does threat intelligence mean? How can they can consume it, and how they can also contribute back from a community perspective as well. As I mentioned, that’s, that’s really important to me because cyber threat intelligence is at its base.
A form of communication where you are taking information in front of, provide context to help other people and organizations. And one of those things that’s really effective is when you’re a part of an ecosystem where you receive some intelligence, you can augment that and then on share it to others so they can protect themselves as well.
That’s lovely. And how do you sort of balance the usability and while you share the information with the organizations and how do you clear out the technical depths to them and, but when you mentioned organizations, what sort of organizations were involved? Was it like more of government side or was it like private?
What was the client base like?
I work with all shapes and sizes of organizations on that, on that program, whether that’s your federal government department, state and local. I work with a SX 100 companies. We worked with small IT providers, even, even like a couple of, two or three person companies who are just really motivated to consume trade intel and, you know, help their, their clients as well.
So, yeah, we’ve got a really broad exposure to both security operations programs and cyber threat capability across the country. I think it’s a really great initiative. What, what I really wanna see emerge from that is how do we build more of a community around threat sharing? Just recently released a a white paper, which people can go to.
Check out our website, coif.com, and there’ll be a link there where we. I try and provide some, some guidance around how organizations can have those conversations internally to open up cyber threat sharing. Because quite often it can be, there’s a lot of reluctance from organizations to say, Hey, I’ve seen this on my network.
It’s impacted me. I’m worried about the risks of sharing out that sort of information. So that’s something I love doing as part of this, this job is contributing to, to researching, uh, white papers on how people can, you know, build these sort of ecosystems themselves.
That is a very good initiative. And how many people do you think would be engaging with that?
We engage with people all around the globe on this. Even though we’re just a Australian, New Zealand company, we’re working with customers in the United States, Europe, elsewhere in Asia. How to share for Intel. I think that in the last three to four years has been a bit of a, an uptake. And yeah, most organizations have a threat intelligence function now, whereas in the past it might’ve been just.
One guy receiving emails in a corner of the room and, and then sharing on some, some relevant information, whereas a lot of the, the tooling and integration work has been done in, in most sort of, you know, medium to large enterprises. In the small and medium space, it’s still a bit of a, a challenge because most small organizations won’t have a, a, a cited program as well.
So that’s where they rely on, you know, upstream providers like telecommunications or, you know, incident response capabilities to, to help provide some advice in that area.
Okay. So you mentioned there were multiple countries, so how do organizational expectations sort of change regionally? So are there any surprising cultural differences that you have to face and how do teams operate?
It’s definitely having, yeah, worked in security operation centers in the United States, Japan, India, Europe. There’s very, very different expectations. Or how you just manage tho those functions and, and how you communicate. So sometimes it can be really frustrating when you, you don’t understand from a cultural perspective, you know, why people are asking certain questions or behaving in or in certain ways.
But my advice in that is just to ask the questions and. Be open and communicative to say, here’s my interpretation of, you know, why this is needed. Really, really challenging when, you know, for 15 years is working in a follow the Sun soc, where we’d, you know, hand over a shift from the US to Australia and then we’d hand over a shift to.
Europe and then there was an India team, uh, running in the middle as well. So having to deal with, this is how this group likes information presented, and this is how another group does, was really challenging. I think the best way to tackle that is to build those interpersonal relationships, advocated for doing a soc cultural exchange at one point where we.
Took some of my team, sent them to Europe, some of the European team to the US and US team to, to Australia, and that really helped to build that social fabric when the teams are, are remote and crossover only very briefly for, for certain times of the day.
Is there still a moment, like any story that still makes you, like, smile or cringe when you think about going into like different countries and integrating?
One thing I was really nervous about, I I, when I was working at Verizon. We set up a new team in the US and new, so kind of got sent over there in. 2008 for, for three months. My daughter was only six months old at the time, and we were able to take her across. It was, that was a great experience. But, you know, I remember wandering to the office and I had to do some recruiting for, for SOC analysts.
Then, like, I have no idea what the US employment market is like and how that that differs from, from Australia. Also did interviewing for psych analysts in India and Germany and Switzerland as well. And they’re, they’re all very different in how people are, you know, behaving in their expectations in the workplace.
So it was actually really, you know, a small personal win for me to say, look, I can actually, you know, do this at an international level. And that gave me a lot of confidence as I progressed my career. So, you know, I highly recommend people to. Take up opportunities to travel and work remotely and understand how different cultures work because we’re all big one, big global community, especially when it comes to, to cybersecurity.
And even more so within Australia. Everyone knows everyone, uh, within a couple of degrees of, of separation in this field. So yeah, building and, and maintaining those networks and relationships is absolutely critical to having a, a strong professional career.
That is very true. Networking is at like the core point for everyone.
So you mentioned hiring some junior analysts. So if you were, let’s say, mentoring a junior analyst in that exact situation, so what would you tell them?
I think that for, uh, junior analysts, it’s, it’s really challenging environment at the moment with, you know, a lot of AI and, and automation. So organizations are, are really doubling down in, in that area.
And I think a, a lot of, uh, probably university graduates are thinking, well, how do I. How do I make my mark when a lot of the technology is gonna be, be driving the conversations and, and the, the analyst work and think a lot of that just really comes back to thinking about critical. Thinking problem solving skills because these are the areas that we really need analysts to be able to, to link all the different events together that you, um, ai, LLM or you know, just people who are, who are just following the procedure don’t really seem to, to understand.
So yeah, critical thinking skills, asking the, the five why’s of why did this happen? Okay. Why did that happen? What led to this and, and one running those chains of analysis are, are really important.
It’s very fascinating that you mentioned the five wise ’cause. Uh, recently even I was in one of my university projects and they mentioned us that this technique with five wises, it led you to reach through like the root cause of a problem.
And then you mentioned something about automation and how it’s changing the field. So five years from now, what do you think so will look like? Would it be more automation or do you think it will be still human orchestration that’s involved in there?
It’s gonna be definitely hybrid. We’re already working with some customers in the cyber threat intelligence space where they just want to do all those integrations to the technology stacks like the seams and their, their saw functions where all the logs and for and workflows are being collated.
So they want to minimize the need for human oversight and involvement. And a lot of that is driven from a a cost perspective. Organizations are very. Conscious of how much they’re spending on their threat intelligence programs or SOC programs in general, and how they’re getting value. From those as well.
But there’s always gonna be a place for humans in the loop to be able to review, check, use our own logic. So I, I really do think that being aware of how these technologies work, what their limitations are and how to stitch the capabilities together is gonna be really important for so analysts over the next five years, as you mentioned.
So you mentioned that there are two skills that are really important, one of them being problem solving, that students must realize how to critically think and solve a problem. The other one being connecting the dots. Are there any other skills that students should have given that things are changing at a fast pace with AI coming?
So what should they focus beyond?
I think one of the really important areas is to think about how you can continue to improve communication skills and being able to articulate the value of the work that you’re doing. Quite often there’s some disconnects between what’s happening on the ground and executive levels, so being able to translate.
What’s happening technically within a security operation center, for instance, what does that mean for executives and what does it mean for risk to the organization? I think people who can have those sort of conversations and, and skill up on their communication techniques will be really effective on the future.
I know I’ve talked a lot about sort of soft skills like critical pq and problem solving and communication, but they’re really the core capabilities that are difficult for people to just pick up and learn. You have to do that over an extended period of time and practice it. Indeed. You know, I, I struggled for those things for a long time until.
I started putting myself out there a bit more and, okay, I’ll do a webinar, I’ll go present, and those sort of things and challenging myself constantly has sort of got me to that point where, you know, I’m, I’m really loving. Being able to share and mentor with other people.
That is a very good point that you shared.
So coming out of comfort zone, essentially, I think students at my age as well, we are very hesitant and like you mentioned, some things happening at executive level, something else is happening at technical level and how do like build those, but. We get very hesitant when asking those question as to feel like, oh, this, this would be like a dumb question.
And how do I articulate? So what was your sort of encouragement for like putting yourself out there?
Look, I think it’s an evolution of a few different things, but yeah. One thing I’ve learned through my career is that, um, making mistakes is actually one of the best ways that you can, you can learn. So.
Even though you might feel like you’re being a bit silly at, at the time by asking those, those questions. For an experienced manager like myself, that’s actually a really strong indicator that someone is thinking about, okay, how am I going to approach this problem? How I, how am I gonna solve it and communicating about it.
I would rather. Walk someone through a few times how to, how to something within the, within the SOC team rather than them just come to us. Yeah. When there’s been a, a mistake made because, well, you do learn in, in those circumstances, um, being proactive on the sharp foot is a really strong indicator that, that someone’s gonna, you know, have a great career.
So I’m curious, did that sort of change the way you work today? A
hundred percent. Yeah. I was for a long time, really focused on being the best. Technical analyst that I could possibly be learning up all the skills on all the firewalls, all the intrusion detection systems, all the gateway components. I thought that was the path to growth for me, and that’s how I could be really effective and contribute to an organization.
Um, I remember when I started in, in my first, you know, managed services sock at, at Verizon. I guess other people believed in me and saw a bit more than what I. So in myself being a bit of an introvert, that that’s pretty frequent and we, we have a lot of introverts in the, the cybersecurity field, but being open and hearing that feedback from others and believing that they could see something in me was, was really important.
I remember, you know, we, we had some, some team members from uh, Belgium team tomorrow and do some training with us. And I remember sitting on the plane next to Frank Gunther and he’s like, we’d really loved you to be the team lead for the so here. And I was like, blown away. I’m just a technical guy. You know, I, I don’t really know if I have those sort of skills, but he’s like, no, I can, I can see it in you that you’ve got that, that capability to be able to lead the team and, you know, think outside the box and bring people in and engage them and make sure they’re working together as a cohesive unit.
And a lot of that sprung from my technical capability. But I didn’t even realize that myself until, you know, others would, would help provide that viewpoint and mentor me as well. So, uh, mentoring was a, was a huge part through my career even as I grew in a manager, as a manager, I had my boss, Jeremy, provide me some really, really strong mentoring that helped ground me in.
What a business needs from a team. So that was absolutely a turning point in my career. So really thankful for all those people who have mentored me. It’s really funny, I do some work with the University of Canberra now, and that’s as a result of the mentoring relationship I had when I started at the graduate.
I was assigned a, a mentor, Jeanette, and maintained a relationship over, over 25 years and. Like, Hey, can you come and talk to the students at the University of Canberra? So yeah, even, even that long, 25 years, I’m still getting benefit out of those mentoring relationships.
Those are some very good points you touched on.
So the first one being, you said you prac, you learned in your own time building your technical knowledge over the time. So how would you do that? Was that on a weekly basis?
Yeah, there’s a few different ways you can learn. Some of that is on the job training, learning from others, learning from formal education.
So the formal education for me was a, was a big one as well. Whether that’s, you know, taking training courses that work are offering. Both from a technical perspective and a professional perspective, I’d always be putting my, my hands up for those. Uh, yes, it requires some work out of hours to run through material.
Make sure you understand it. But there’s a huge payback for me. I’ve now done four university degrees, I think, including the MBA, and every time I’ve done that, you know, I can see a step forward in my career. So formal education is absolutely key. Coming back to learning from others. I think that that’s sort of where the mentoring part fits in, but also just being a great teammate and helping each other out in the workplace.
You can learn a lot from, you know, those interpersonal relationships. And then there’s the own self-study exploratory investigation. I saw a post from Mike home this morning talking about how important it is for people, even in this day and age, to run up labs at home, to be able to experiment and play.
That’s one of the ways that I started as well, is just building a home environment, experimenting, trying to bring in some of the technology and just see how it works. Yeah. Some of that had to do with my own time, but I think that the benefits paid for itself.
Well, thank you for sharing that. I might touch up on building the home environment soon as well.
I have none of those set up and genuinely, I’ve been talking to a lot of recruiters and they do mention that having a your own home lab environment, it gives you a lot of talking points when you’re selling yourself in an interview to sort of talk about what you’re doing and what’s what you’ve been up to.
That was a also an interview question I would ask people from the SOC is, you know, describe to me what your home environment was like. And you know, maybe it’s a bit creepy, but what we really wanted to see is just do you have that personal investment in being curious and wanting to find out about how the technology works so that you can learn and apply that in other areas.
And you mentioned that you sort of had mentoring and you stayed in touch with them, and that led to further offic. So how do you stay in touch? Is it more of like coffee chats or just the engagement in their, on their post or something they’re doing in life? How does that sort of relationship build up over time?
I think the mentoring relationships particularly, um, need to be curated over time and you depending on, are you in the same city like location, it’s obviously hard to do. You can do virtual coffee chats and things like that, but being deliberate about how you are maintaining your relationships is, is really important.
It doesn’t have to be every day. Every week. If you’ve got someone who’s interesting in being a mentor for you, just talk about what, what does that look like? What’s the cadence? We catch up, you know, once every three or four months, once a year. So it, it is. Totally up to, uh, each individual, how that’s, that’s gonna work effectively probably early on in your career.
Uh, it needs to be a little bit more often and, and also having multiple mentors with different perspectives can be really, really interesting. But then as you, as you get a bit older and more experienced, it probably, you know, needs to be a little bit less. Or you may need a mentor in another area like business development.
Or running an organization. So keep on seeking out those people who can help you over time.
So if you had like a, something you want organizations to change and you had like a magic man and you just make, make it change in SOC or try cyber Straight intelligence space, what would that be?
It’s gonna sound really, uh, like a bit of a cop out, but maintaining documentation is one of those things that just no one wants to do and you don’t realize how important.
Having the right process and procedure is for an organization to be functional. Something you often find, and and particularly in cyber threat intelligence, is that. There’s some really good champions who just love to bits what they do, but a lot of it just sort of stays in people’s heads and it’s not formally documented.
And that process is developed. So when people leave that organization, they, they take that knowledge with them and then you can see that. The breakdown in the process and the procedure. So if I had a magic wand, that’s one of those things would be how do I, maybe LL elevens have a bit of a solution for that in writing policies and documentation.
Keeping that and maintaining it is one of the more challenging things to do for a security operations program because you’ve got analysts and engineers who just want to do their thing on the on, on the tools and the technology and do all the interesting research. I’d highly encourage looking at how you can get technical writers in.
To look at how to articulate what you are trying to achieve from your processes and practices to make sure that they’re consistent and repeatable. And maintain for the organization.
So you’ve been doing a lot of this work and if we talk about what are the drawbacks of this work, is it like a lot of burnout?
So I see like documentation would be burning out people or is there like any politics or something that you face maybe a lot of trouble? Is there any drawback that you feel like, oh, maybe I wish I could change that?
Cyber in general, it’s a lot of drawbacks from from the work. So it’s important about.
Thinking, what are the positives that you’re getting out of it as well? Having done a lot of shift work over the years, and not even just shift work, just organizational lines, working for an American company. I had, my boss was in Virginia, so I was often up late at night working on projects and and meetings and then working through the day Australian business hours and then working with our European Indian teams, you know, back during the evening as well.
I think. Setting boundaries is something that’s really important. Sometimes you get sucked into the the technical work, and that’s something I worked probably too late in my career about how to say no and how to manage my workload a bit effectively. So. That’s, that’s the real challenge. There’s always something to do and something going on.
There’s an incident that’s gonna strike. You have to work around the clock. We’ve been on calls with clients for 36 48 hours to to work through an incident response. So being able to make sure that you are taking the right breaks and that. You’re not just doing it all yourself. You’ve got colleagues who are sitting beside you, that you are documenting where things are up to so someone else can, can pick up and help out.
You can really burn out. It’s kind of interesting in 24 by seven socks, you see certain people drawn to be able to do that sort of work. I had one guy working for me for like 14 years doing shift work, 12 hour shifts rotating, and he just absolutely loved it. We had a, a lady who used to be a nurse, so she was used to doing sort of really intense work over a period of time and adapted that into cyber.
She wanted to get, get into that as well. So it’s not for everyone. If you’re able to, to set those boundaries and understand yourself first before taking on shift work, it can be really effective, especially when you get some, some blocks of time off to decompress and you just do things with life as well.
Yeah, that’s one advantage of, of having shift work. Depending on your, on your role, it’s probably less travel now than there there was in the past, because of all the remote connectivity and video calls that zooms and things we can do so. But for a lot of people, travel can be really challenging and I’ve found that over the past few years as I’m reprioritizing with family and kids that much less likely to want to travel.
But it can be exhausting. It’s a lot of money, but it’s still really important to do that sometimes to maintain those sort of face-to-face relationships.
Yep. It’s uh, lovely how you mentioned that different professions, people and how everyone can adapt and adjust to the cyber fields. ’cause it’s like the core skills at heart and the curiosity to sort of be there and then do all those roles.
So it doesn’t matter what profession you come from, as long as you have the drive to continue working for in the cyber fields. And it would all work out.
Yeah, no, I’ve done some mentoring with people from all sorts of different areas. One of my good friends came from a teaching background. And adapted into cyber.
We met at university and yeah, he’s doing excellent in his career. Now, another lady who did some mentoring with, she came from a chemistry background and applied some scientific methods into how she was analyzing things. So yeah. Absolutely love when you can see crossovers from different domains coming in into cybersecurity, and we really need that diversity in thought because sometimes if you’re a bit too narrow focused in in thinking, you’re not collaborating effectively in thinking about all the different angles to solve problems or resolve incidents.
So lastly, just ending with what are the non-obvious CV items or experiences and side projects that you look for when you are hiring like junior talent? So I know you mentioned about setting a home lab environment. Are there any more specific tools or technology that a student must be familiar with?
Yeah, I think documenting on your resume some things like open source. Programs that you’re playing with, how you’re leveraging AI and LLMs is also becoming increasingly important as well. So there’s quite a few things that we typically look for in resumes going through and doing some of the. The labs online, like blue team’s online for soc seems to be really popular these days as well.
But the, the big one for me, just going back to the soft skills, is really looking for how are you getting yourself out there? How are you going and networking and building capability. How are you communicating about the things that are really important to you? They’re all skills that I like to look for in, in resumes.
Sometimes it’s a bit intangible, but I’ve seen enough resumes over time to know that, you know, someone’s just gonna list out. Every single tool on their resume. Not sure they’re really understanding how that’s gonna be relevant to me as the person reading the cv, like to see how they’re solving problems, how they’re networking, how they’re participating in communities and groups, and solving challenges.
Thank you. Those are some great insights and I think a lot of students would benefit from that. I just wanna wrap up with the lightning round and this sort of like a rapid fire, a fun one. So whatever first comes to your mind. So starting off with what’s a single thing that a student should do starting this week?
This week go out and find a community group. It doesn’t have to be cyber related. Start building some networks and people that you can interact with over time.
R that. And what’s the weirdest on call snack that you have had?
Weirdest oncall snack. I. I think probably getting hamburgers delivered in the US to the sock.
Oh, I love that
completely transparent bag from all the grease in the burgers. That, that was pretty terrible. Yeah.
And one hobby and interest that you do do like outside of your working?
For me and my partner and my kids, it’s all about Lego. So we’re, we’re doing Lego botanicals with my partner and do some Star Wars Lego with my kids and my, oh my
God, I love that.
So that’s a, that’s a really way, just good way to get your fingers off the keyboard, think a bit constructively.
And it helps build creativity as well.
Yeah, exactly.
So what’s one cybersecurity myth that you wish would die tomorrow?
Hackers always wear hoodies.
Yes.
That’s why that I’ve got a black hoodie on at the moment, which is totally unintentional.
Yeah. A lot of threat actors are coming from in nation states. They, they, they wear uniforms. They might be legitimate businesses as well. There’s some. Organizations that, you know, provide help desk services for ransom weekends. So they’re very professional. It’s not just good guys in dark basements with hoodies.
It can be anyone. Even, I think today I saw an article about how LLMs are developing their own ransomware for delivery. So that’s gonna be an interesting challenge in the.
No, I feel like with the LMS growing a lot of things, cyber tread landscape are gonna change and evolve over the time. So men in suit as well can be hackers.
Good to know. Perfect. Well that’s all from my side. Thank you so much for your time, Prescott.
Alright, thank you so much. Chaahat.
