Safety Detectives interviewed Crystal Morin, Cybersecurity Strategist at Sysdig and previously threat research engineer on the Sysdig Threat Research Team, where she spent her time discovering and analyzing cyber threat actors who took advantage of the cloud.
Prior to joining Sysdig, Crystal started her career as a linguist and intelligence analyst in the United States Air Force. Sysdig, she spent four years as a contractor for Booz Allen Hamilton, researching and reporting on terrorism and cyber threats, while helping develop and mature Booz Allen’s cyber threat intelligence community and threat-hunting capabilities.
What you will learn:
- The growing importance of insider threats
- Do we really have a cybersecurity awareness problem?
- The true reason behind the (shrinking) skills gap in cybersecurity
What security threats are you solving with your products and services?
Sysdig is built on runtime insights and helps organizations prioritize the risks and vulnerabilities that matter the most in your environment. We make it faster and easier to correlate data during incident response through the use of our AI assistant Sysdig Sage and Attack Path Analysis, because attacks in the cloud are fast and we need to defend and respond faster than the bad guys to keep our enterprise customers and individual end users safe.
In your opinion, what are the most underrated cybersecurity threats businesses face today?
Insider threat is often underrated and overlooked. Our defensive cybersecurity postures are so concerned with trying to keep bad guys out, that we often forget they may already be in our network. Insider threats could be a disgruntled employee, an employee looking to make an extra buck, or the unintentional hiring of an adversary. These are malicious insider threats with access to sensitive or proprietary information and an intent to cause harm to the business, or profit from information sharing. There is also an insider threat that comes from negligence, which includes the inadvertent sharing of information via phishing, deepfake attacks, mishandling data, or network misconfiguration.
What’s your point of view on the current state of cybersecurity awareness?
Awareness? In my opinion, everyone and their mother is aware of cybersecurity. I’ve had jobs completely outside of the cybersecurity world and I was still trained, to some extent, on the basics of cyber safety for PII, proprietary information, and phishing. I’ve spoken to older generations and they, too, have a cybersecurity conscience these days. They know to be careful with emails and phone calls, where they are most likely to get wrapped up in some kind of attack.
One current problem is the skills gap in cybersecurity. What’s your take on that?
There’s hardly a skills gap in cybersecurity anymore. What does still exist will continue to narrow as more organizations shift from on-premises to cloud environments. The fact that cloud security information is more publicly available, allows new entrants a plethora of information so they can understand tools, concepts, and languages before even entering the workforce.
With cybersecurity and defense at the top of everyone’s priority list, the skills gap is closing and making it harder for adversaries to pull ahead because they need to be faster and more innovative than defenders to be successful.
In regards to the large number of open opportunities in the cybersecurity field, I believe the issue is with the hiring disconnect. There are many careers that can translate well to the cybersecurity field without explicit experience, technical degrees, or certifications. We just need to read between the lines to hire capable people from outside of security.
Your advice to someone wishing to start a career in cybersecurity?
I’ve mentored a lot of folks new to the cybersecurity field or wanting to break in. My advice is always different because everyone has different passions, strengths, and experiences. One thing that anyone can do, though, is read more. Start reading blogs and reports from security vendors and technical media outlets. Yes, it will be painful, but look up what you don’t understand and take notes.
Another thing you can do is find a mentor; whether it be a friend, coworker, or family member, or an expert you meet online. You can attend free webinars to learn and through these you can make connections and ask questions. Finally, play to the strengths you already have. You can break into cybersecurity through a position in sales, marketing, customer service, or human resources. You can find a career in cybersecurity, but you need to work for it and be flexible to get to your goal.
How is the cybersecurity landscape going to change in the next 5-10 years?
Predicting the future of cybersecurity is challenging to say the least. First of all, unpredictable trends will emerge and blindside us all. I can otherwise say that: attackers will continue to become more sophisticated, focusing their efforts on defense evasion; we will find a suitable place for AI and ML in identifying vulnerabilities, anomalies, and responding to threats; and governments and regulatory agencies will continue to provide more detailed guidance and stringent requirements to safeguard organizations and individuals.