Jack Rhysider

So please, IT managers, stop thinking you're in some silo and your problems are just yours. Encourage and support your IT employees to go to conferences, meetups, talks, and workshops. It will help your business. Trust me. Omar has gone to conferences. You heard two of his talks at the beginning of this episode even. And he's gone to meetups and he's made friends across the sea in Costa Rica.

So please, IT managers, stop thinking you're in some silo and your problems are just yours. Encourage and support your IT employees to go to conferences, meetups, talks, and workshops. It will help your business. Trust me. Omar has gone to conferences. You heard two of his talks at the beginning of this episode even. And he's gone to meetups and he's made friends across the sea in Costa Rica.

Specifically, it was the conference called FIRST where he met them. And you can learn more about this at FIRST.org.

Specifically, it was the conference called FIRST where he met them. And you can learn more about this at FIRST.org.

While FIRST is just one conference in the world, there are so many more going on these days. In fact, I think any given week, you can find two or three security conferences going on somewhere in the world. So just Google cybersecurity conference near me and see what's coming up near you. And having these connections were very valuable in this situation. I mean, it was a force multiplier even.

While FIRST is just one conference in the world, there are so many more going on these days. In fact, I think any given week, you can find two or three security conferences going on somewhere in the world. So just Google cybersecurity conference near me and see what's coming up near you. And having these connections were very valuable in this situation. I mean, it was a force multiplier even.

Dominican Republic doesn't have the biggest cybersecurity incident response team in the world. And so knowing who to tap for help creates a battalion of people who can help you in different ways. One thing they did was compare their malware and indicators with other countries in Latin America to see who else has seen anything like this.

Dominican Republic doesn't have the biggest cybersecurity incident response team in the world. And so knowing who to tap for help creates a battalion of people who can help you in different ways. One thing they did was compare their malware and indicators with other countries in Latin America to see who else has seen anything like this.

Then he started creating a playbook with help from other nations to start remediating this. Of course, he was also calling up security vendors, the people who made the software that was supposed to be securing his network. He'd call up and say things like, hey, we pay you to block these attacks and you didn't. Please help us fix it.

Then he started creating a playbook with help from other nations to start remediating this. Of course, he was also calling up security vendors, the people who made the software that was supposed to be securing his network. He'd call up and say things like, hey, we pay you to block these attacks and you didn't. Please help us fix it.

And of course, the security vendors want to make their tools better. So they wanted like a sample of the malware and what methods they used to get in. And we're working quickly to fix their software so they would be able to block these attacks from continuing. continuing. And this was happening on Windows machines. They were getting infected even though they were fully patched and updated.

And of course, the security vendors want to make their tools better. So they wanted like a sample of the malware and what methods they used to get in. And we're working quickly to fix their software so they would be able to block these attacks from continuing. continuing. And this was happening on Windows machines. They were getting infected even though they were fully patched and updated.

So a call to Microsoft was important to show them what they were dealing with and to ask, how can you fix this? They were calling out to other network vendors too because their systems were compromised. And by the way, when you call up one of these companies to try to report a zero-day exploit, it's not easy.

So a call to Microsoft was important to show them what they were dealing with and to ask, how can you fix this? They were calling out to other network vendors too because their systems were compromised. And by the way, when you call up one of these companies to try to report a zero-day exploit, it's not easy.

The first person that you get, the first tier support tells you stupid things like, okay, sir, did you try rebooting the system? And you're like, come on, please, please, please, please, please connect me to somebody who knows what they're doing over there. And they simply cannot. So you need to ask for a manager. And then the manager doesn't know how to fix it.

The first person that you get, the first tier support tells you stupid things like, okay, sir, did you try rebooting the system? And you're like, come on, please, please, please, please, please connect me to somebody who knows what they're doing over there. And they simply cannot. So you need to ask for a manager. And then the manager doesn't know how to fix it.

And they don't want to admit that their software has vulnerabilities in it. So you go back and forth trying to troubleshoot it for days. It's tedious and time-consuming before they escalate it to the next tier support and eventually you get an engineer or a developer who knows this system inside and out and can recognize the problem and replay it and fix it right away.

And they don't want to admit that their software has vulnerabilities in it. So you go back and forth trying to troubleshoot it for days. It's tedious and time-consuming before they escalate it to the next tier support and eventually you get an engineer or a developer who knows this system inside and out and can recognize the problem and replay it and fix it right away.

It's just that that person is behind like eight layers of support tiers before you can get to them. Now there's this quote from Bruce Schneier that has frustrated me but also educated me on the reality of cybersecurity. The quote goes like this. You can't defend. You can't protect. The only thing you can do is detect and respond.

It's just that that person is behind like eight layers of support tiers before you can get to them. Now there's this quote from Bruce Schneier that has frustrated me but also educated me on the reality of cybersecurity. The quote goes like this. You can't defend. You can't protect. The only thing you can do is detect and respond.