Data Driven Security - all about the analytics

I've been remiss in my blogging duties. I've had some changes in my life recently, but I'd like to get back to posting on a regular basis and there's not real a good reason why I should be able to do that. Allow me to rectify my absentmindedness by talking about the book Data-Driven Security by Jay Jacobs and Bob Rudis.

This was a wonderful book to read as an information security professional. As information security matures (and the world in general) metrics and analytics are going to become a bigger part of the field. We see sabermetrics taking over baseball and other sports for the simple fact that it helps organizations gain a deeper understanding of what the have, which leads to making better decisions. Those same strategies can help many professional fields, including information security.

Each chapter of the book covers a different scenario in which data is analyzed to answer an infosec related question. It also discusses the art of visualization and how to make communicating numbers more useful to people (*cough*executives*cough*). The book exposes the reader to the wonderful world of Python and R studio, both of which are used to analyze and make sense of the data, without requiring too much previous knowledge. Each chapter walks the reader through exercises utilizing pre-built Python scrips in R Studio, just enough to wet the petite.

What I really enjoyed about the book was that it was easy to read. It wasn't bogged down with numbers or big words. Of course, I'm not exactly a newb to reading about statistical analysis. Still, I think people with some interest in data-driven security will find the book a fairly easy read. It's a great starting point for those wanting to explore a discipline in security that is likely to become more and more relevant as security and data matures.

The Martian: A Fantastic Novel and now a Matt Damon movie

The Martian: A Novel is a book written by Andy Weir that has been turned into a movie set to release this November. The book is about an astronaut in the near future who gets left behind on Mars. He must learn to survive Mars' harsh environment while waiting for a rescue that could take years. The format is in the form of a journal logged by a character who deals with high stress situations by using humor, that is quite entertaining.

I first heard about the book on Adam Savage's podcast Still Untitled, I read it in February, and now I'm giddy after watching the trailer today.

There's also this video, which I found yesterday, giving a small peak into some of the humor from the book that I expect to get translated into the movie:

The movie isn't without its suspense and drama as Whatney, Matt Damon, must solve complex problems to continue to survive. I highly recommend the book, if you haven't read it already. According to Savage, who has talked to NASA personnel about the book, the technology and math in the book are solid. It's easy to read and also very affordable at $6 - $16 depending on the version you want, Kindle to hardcover. If you enjoy reading this is a must read for the Summer.


Three books that changed my life

Bill Brenner had a post back in February that talked about a series Jennifer Minella was doing that asked security professionals to name three books that changed their life. Since then security pros like Dave Kennedy (I read reworked from his list, which was pretty good) and Jack Daniel, among others, have contributed to the series. It's a wonderful series that gives a small peak into the mind of each person that has contributed. I don't expect to be asked to contribute my short list of books anytime soon so I've decided to go ahead and post my list here.

1. The Winter King by Bernard Cornwell

This story of King Arthur is unlike anything you've ever read. It's a well researched, gritty, and realistic take on a story that often times gets overly romanticized. The book follows the story of Derfel, one of Arthur's warriors (yes, warrior not knight) who interacts with all the characters in the original story: King Arthur, Merlin, Lancelot, Guinevere, and many others you've heard of and not heard of. It's a fantastic story and the best part is, it's only the first of three books in The Warlord Chronicles. The book changed my perception of the world and showed me that stories can be overly romanticized and that there is probably more to the story.

2. Band of Brothers by Stephen E. Ambrose

Growing up I watched WWII movies The Longest Day and A bridge too far quite a few times, so naturally when I discovered Stephen E. Ambrose I became hooked. I've read just about every WWII book Ambrose wrote. Band of Brothers was the book that stuck with me the most and at one point I even explored the possibility of joining one of the Army's airborne units. The movies are just as good as the book, but the book has so much more than what could be shown in the 10-hour HBO series. Richard Winters, a main character, of the book is someone I've come to draw inspiration from in both my work ethic and effort to become a good leader.

3. Feel the Fear and Do It Anyway by Susan Jeffers

This book changed my life completely. It taught me to recognize fear and embrace it. I was reading this book at the recommendation of a program that was teaching me how to talk to women. I got much more out of the book than just talking to women, though. I learned how to look at opportunities that made me nervous or fearful and embrace them, because it was an opportunity to grow as a person. Fear is something that we all deal with daily. How we handle and respond to it not only defines us as a person, but it can also shape us into a better person.