Evidence of Learning #2

Date:​ February 7th, 2020

Subject:​ Risk-Based alerting (RBA)

Analysis:
On January 30, 2020, I attended the annual North Texas Cybersecurity Group meeting.
This group meets on the last Thursday of each month. At this month’s meeting, an established
professional gave a presentation about Risk-Based Alerting. This concept refers to the
organization of threats for the employee as well as the customer. Currently, professionals have to
address concerns in the order they come, as there is no industry-standard process for organizing
the level of risk of each threat. Risk Based Alerting solves this issue. This algorithm organizes
the level of risk from 1-5 and displays this to the employees. From here, the employees can
address the high risk threats first, allowing them to better maintain the security of their company.
During the presentation, the professional presented this idea as well as the interface the
professional would see. This screenshots from this interface showed graphs and charts that
analyzed the level of threats and frequency, in order for both customers and employees to gauge
the effectiveness of their security to the common threats.

This alerting technique can clearly be utilized to revolutionize the industry. The
organization of risks is currently lacking in the cybersecurity industry, so this alerting system
would definitely boost the efficiency of employees in finding and correcting threats. Moreover,
the interface is customer-friendly as well, allowing customers to see the threats their security
department has protected from. This is great for marketing, as they can show potential customers
the effectiveness of their security measures. However, the two biggest drawbacks of this
technology are the price and the integratablity. Because this technique is relatively new to the
new industry, it's extremely costly for expanding businesses, especially those who have minimal
security budgets. Moreover, this security process has to be integrated into the current security
practices. This would require the companies’ current employees to be educated in this new
alerting technique, which would require additional training. Then, they would have to alter their
current processes to account for this new practice, which may or may not be feasible depending
on the size of the company.

In terms of the presentation overall, a lot of the concepts that were being discussed I was
unfamiliar with, as the presentation was geared towards educated professionals. Therefore, I
spent a lot of the time researching these new terms. This constant need of research prevented me
from understanding the entirety of the presentation and the concepts within it.
 After the presentation was over, I was given a chance to network with the other
cybersecurity professionals. This networking session was extremely successful, as I was able to
meet professionals who were willing to provide me with resources, such as overthewire.com, to
learn about these seemingly complex concepts. Additionally, many of them provided me with
their contact information in case I needed any additional help. This networking session was
extremely educational, as many of the professionals were willing to slow down and explain
many of the previous concepts that had gone over my head.

This cybersecurity group was extremely informative. Even though many of the concepts
had gone over my head at first, after processing and asking the other professionals questions
about the concepts, they have begun to make sense now. However, my lack of understanding of
specific cybersecurity terms prevented me from completely understanding the topic of
presentation. To conclude, I am looking forward to attending these meetings monthly to learn
about the ever changing world of cybersecurity.