As a cybersecurity incident responder, your life can go from zero to 100 in a heartbeat. One moment you are sipping a beverage reading the latest threat intelligence or getting the kids ready for bed; the next, you may be lunging for your “go bag” because you cannot remote in to the breached system. It’s all part of the game.
Seasoned incident responders can handle this jab: “Why would you want a job like this? Are you crazy?” The truth is, some thrive in it. Ask around, and you’ll find that incidents responders:
Are driven by a sense of duty to protect something important.
Appreciate (and even seek) challenges and problems.
Even if stressed, find a way to enjoy the chaos.
Love the constant change, which offers an opportunity to keep growing professionally.
But what is a day in the life of a cybersecurity incident responder really like – and what happens when the alarms start flashing?
How the Average Day Can Start
The Cybersecurity and Infrastructure Security Agency (CISA) gives a good run-down of the types of tasks to expect in this line of work, along with some core competencies. The U.S. Department of Defense also has a more detailed view.
Keep in mind: An internal incident responder (e.g., in-house) versus an external one (e.g., consulting firm) may have differing “pre-boom” activities. But when the incident hits, many tasks are similar.
What are some pre-boom tasks? Here’s a quick list:
Seeking vulnerabilities in code, networks, hosts and other types of i ..
Support the originator by clicking the read the rest link below.
