{"id":258,"date":"2016-05-28T12:58:00","date_gmt":"2016-05-28T12:58:00","guid":{"rendered":"https:\/\/securityeverafter.com\/2016\/05\/28\/applied-lessons-learned\/"},"modified":"2023-03-05T16:36:22","modified_gmt":"2023-03-05T21:36:22","slug":"applied-lessons-learned","status":"publish","type":"post","link":"https:\/\/securityeverafter.com\/applied-lessons-learned\/","title":{"rendered":"Applied Lessons Learned"},"content":{"rendered":"

Applied Lessons Learned<\/h1>\n
What were the harsh and hopefully applied lessons learned that you would never forget and, more importantly, vowed never to repeat? Especially those of you who have been in information security for many years and perhaps a member of several different teams. Consider yourself encouraged to remember those “from now on I will Always and I will Never again\u201d lessons learned at your $OldJob<\/span>.<\/div>\n
<\/div>\n
I remember all too well when I decided to perform a network scan from a new laptop. I was so eager to use the latest equipment that I failed to record this shiny new device’s MAC and IP address. I tested it out, and everything seemed great – until the following day, when an enormous amount of scan traffic was detected inside a sensitive network. Our teams went into full incident response mode to determine what happened. After learning \u201cwho did it,\u201d the team responded graciously to me, and none of us made that mistake again.<\/div>\n
<\/div>\n
The following are a few ideas to consider to motivate you to action.<\/div>\n
<\/div>\n
1 – Never settle for \u201cwe have always done it that way\u201d. Assume nothing by asking many questions, such as \u201cWhen was the last time we compared the GPO to the written security policy\u201d?<\/div>\n
<\/div>\n
2 – Share regularly within your trusted communities in a way that does not put your organization at risk but demonstrates you are still learning and remain willing to contribute. Don\u2019t think you need to share all the gory details to make a difference with this approach. You will be much better off by leaving those out entirely.<\/div>\n
<\/div>\n
\n
3 – Behave like the Fresh New Guy\/Gal (FNG) regularly, especially if it has been long since you served in that role.<\/div>\n<\/div>\n
<\/div>\n
By leaning into this approach, you can not only\u00a0get wisdom as cheaply as you can<\/a>\u00a0but also and also help make our world a better place. What lessons are you actively trying to avoid learning over and over again?<\/div>\n
<\/div>\n
I recently posted this on the SANS Internet Storm Center website<\/a>.<\/span><\/div>\n
<\/div>\n
Subscribe t<\/span>o our email list<\/a> to get more cybersecurity content delivered to your Inbox!<\/div>\n","protected":false},"excerpt":{"rendered":"

Applied Lessons Learned What were the harsh and hopefully applied lessons learned that you would never forget and, more importantly, vowed never to repeat? Especially those of you who have been in information security for many years and perhaps a member of several different teams. Consider yourself encouraged to remember those “from now on I […]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[7,21,18,10],"tags":[],"jetpack_publicize_connections":[],"yoast_head":"\nApplied Lessons Learned - Security Ever After - vCISO<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securityeverafter.com\/applied-lessons-learned\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Applied Lessons Learned - Security Ever After - vCISO\" \/>\n<meta property=\"og:description\" content=\"Applied Lessons Learned What were the harsh and hopefully applied lessons learned that you would never forget and, more importantly, vowed never to repeat? Especially those of you who have been in information security for many years and perhaps a member of several different teams. Consider yourself encouraged to remember those “from now on I […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securityeverafter.com\/applied-lessons-learned\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Ever After - vCISO\" \/>\n<meta property=\"article:published_time\" content=\"2016-05-28T12:58:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-05T21:36:22+00:00\" \/>\n<meta name=\"author\" content=\"Russell\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@russelleubanks\" \/>\n<meta name=\"twitter:site\" content=\"@russelleubanks\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Russell\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/securityeverafter.com\/applied-lessons-learned\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/securityeverafter.com\/applied-lessons-learned\/\"},\"author\":{\"name\":\"Russell\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3\"},\"headline\":\"Applied Lessons Learned\",\"datePublished\":\"2016-05-28T12:58:00+00:00\",\"dateModified\":\"2023-03-05T21:36:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/securityeverafter.com\/applied-lessons-learned\/\"},\"wordCount\":358,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/securityeverafter.com\/#organization\"},\"articleSection\":[\"Leadership\",\"Operational Security\",\"SANS\",\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/securityeverafter.com\/applied-lessons-learned\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securityeverafter.com\/applied-lessons-learned\/\",\"url\":\"https:\/\/securityeverafter.com\/applied-lessons-learned\/\",\"name\":\"Applied Lessons Learned - Security Ever After - vCISO\",\"isPartOf\":{\"@id\":\"https:\/\/securityeverafter.com\/#website\"},\"datePublished\":\"2016-05-28T12:58:00+00:00\",\"dateModified\":\"2023-03-05T21:36:22+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/securityeverafter.com\/applied-lessons-learned\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securityeverafter.com\/applied-lessons-learned\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securityeverafter.com\/applied-lessons-learned\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securityeverafter.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Applied Lessons Learned\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securityeverafter.com\/#website\",\"url\":\"https:\/\/securityeverafter.com\/\",\"name\":\"Security Ever After - CISO\",\"description\":\"vCISO\",\"publisher\":{\"@id\":\"https:\/\/securityeverafter.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securityeverafter.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/securityeverafter.com\/#organization\",\"name\":\"Security Ever After\",\"url\":\"https:\/\/securityeverafter.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1\",\"width\":1169,\"height\":826,\"caption\":\"Security Ever After\"},\"image\":{\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/russelleubanks\",\"https:\/\/www.linkedin.com\/in\/russelleubanks\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3\",\"name\":\"Russell\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg\",\"caption\":\"Russell\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Applied Lessons Learned - Security Ever After - vCISO","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securityeverafter.com\/applied-lessons-learned\/","og_locale":"en_US","og_type":"article","og_title":"Applied Lessons Learned - Security Ever After - vCISO","og_description":"Applied Lessons Learned What were the harsh and hopefully applied lessons learned that you would never forget and, more importantly, vowed never to repeat? Especially those of you who have been in information security for many years and perhaps a member of several different teams. Consider yourself encouraged to remember those “from now on I […]","og_url":"https:\/\/securityeverafter.com\/applied-lessons-learned\/","og_site_name":"Security Ever After - vCISO","article_published_time":"2016-05-28T12:58:00+00:00","article_modified_time":"2023-03-05T21:36:22+00:00","author":"Russell","twitter_card":"summary_large_image","twitter_creator":"@russelleubanks","twitter_site":"@russelleubanks","twitter_misc":{"Written by":"Russell","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/securityeverafter.com\/applied-lessons-learned\/#article","isPartOf":{"@id":"https:\/\/securityeverafter.com\/applied-lessons-learned\/"},"author":{"name":"Russell","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3"},"headline":"Applied Lessons Learned","datePublished":"2016-05-28T12:58:00+00:00","dateModified":"2023-03-05T21:36:22+00:00","mainEntityOfPage":{"@id":"https:\/\/securityeverafter.com\/applied-lessons-learned\/"},"wordCount":358,"commentCount":0,"publisher":{"@id":"https:\/\/securityeverafter.com\/#organization"},"articleSection":["Leadership","Operational Security","SANS","Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/securityeverafter.com\/applied-lessons-learned\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/securityeverafter.com\/applied-lessons-learned\/","url":"https:\/\/securityeverafter.com\/applied-lessons-learned\/","name":"Applied Lessons Learned - Security Ever After - vCISO","isPartOf":{"@id":"https:\/\/securityeverafter.com\/#website"},"datePublished":"2016-05-28T12:58:00+00:00","dateModified":"2023-03-05T21:36:22+00:00","breadcrumb":{"@id":"https:\/\/securityeverafter.com\/applied-lessons-learned\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securityeverafter.com\/applied-lessons-learned\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/securityeverafter.com\/applied-lessons-learned\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securityeverafter.com\/"},{"@type":"ListItem","position":2,"name":"Applied Lessons Learned"}]},{"@type":"WebSite","@id":"https:\/\/securityeverafter.com\/#website","url":"https:\/\/securityeverafter.com\/","name":"Security Ever After - CISO","description":"vCISO","publisher":{"@id":"https:\/\/securityeverafter.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securityeverafter.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/securityeverafter.com\/#organization","name":"Security Ever After","url":"https:\/\/securityeverafter.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1","contentUrl":"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1","width":1169,"height":826,"caption":"Security Ever After"},"image":{"@id":"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/russelleubanks","https:\/\/www.linkedin.com\/in\/russelleubanks\/"]},{"@type":"Person","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3","name":"Russell","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg","caption":"Russell"}}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts\/258"}],"collection":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/comments?post=258"}],"version-history":[{"count":2,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts\/258\/revisions"}],"predecessor-version":[{"id":1734,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts\/258\/revisions\/1734"}],"wp:attachment":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/media?parent=258"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/categories?post=258"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/tags?post=258"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}