← All talks

The Cybersecurity Mindset: A Ceaseless Erudition

BSides Vancouver · 202215:4869 viewsPublished 2022-07Watch on YouTube ↗
Speakers
Bishakha Jain
Tags
CategoryCareerCommunity
TopicCareer & Soft Skills
StyleTalk
About this talk
Cybersecurity is fundamentally a people-powered discipline requiring lifelong learning and intellectual curiosity rather than technical expertise alone. The speaker argues that successful security practitioners must adopt an exploratory mindset, embrace disciplinary diversity, and recognize that the field welcomes contributions from sociology, law, business, psychology, and numerous other domains. Drawing on her own career spanning penetration testing, management, auditing, and public advocacy, she demonstrates how continuous learning, resilience, and the willingness to think like both attackers and problem-solvers are essential to thriving in an endlessly evolving security landscape.
Show original YouTube description
Cybersecurity is defined as "People Powered Perpetual Innovation" in the book "Cybersecurity Leadership" by Dr.Mansur Hasib. However, it is usually glorified as more of a technical gamut rather than a holistic universe. The attribute that most miss by a mile is the right mindset to approach this stream. Cybersecurity is a vast and a deep ocean and there is no end to how many subsets of this esteemed branch of science can one conquer in the conquest for learning. One can be a technical person, an innovator, a media person, a law enthusiast, a management aficionado, and the list go on. And the fact that learning is a lifelong process more so when technology dynamics constantly keeps changing makes Cybersecurity a ceaseless erudition.
Show transcript [en]

thank you ashley for the introduction and hello everyone vishakha here so before we begin i will just introduce myself quickly really quick because i don't use slides after this so i am vishakha jan from india and i am the director and indian ambassador for cyber security global alliance and i work as a senior consultant with ibm as my day's job and i'm also the associate lead of education and awareness for wise india chapter wise is ibm's community its full form is women in security excelling and i am the brand ambassador and advisor for the women in cloud network and i am the ambassador for the international imposter syndrome awareness day and i also serve as the council

representative for the public safety and security council west bengal india so this are the few credentials that i hold in the industry and that's about me and now coming to the topic cyber security mindset a ceaseless erudition so let's break into uh the topic as to what is cyber security first and then i will go about explaining why on earth it's a ceaseless irritation and what does evaluation means it means learning and as a cyber security practitioner one is supposed to be a lifelong learner because no two days are the same and you have to think the unthinkables and do the undoables and stay vigilant every day is a new challenge and it's it's exciting as

as long as you're a lifelong learner so coming to cyber security what it is cyber security it is a state of being and it is defined as people powered perpetual innovation in the book called cyber security leadership by dr mansoor haseeb because while technology dynamics keeps changing it's the human factor that serves the weakest and the strongest link in the world of cyber security which happens to be a very deep and vast ocean in itself there are empty earth number of ways you can break into cyber security and that is why i say it's a ceaseless erodion because it's not a state but a process and earlier it used to be information security which used to be the 1991 model of

modern dynamic model in such a model data used to exist in three possible states transmission storage and processing because cyber security seeks to maintain confidentiality integrity and availability of systems and information we use three tools people policy and technology to achieve cyber security goals and people are the most critical element as i already mentioned and as a matter of natural security the critical role of people and innovation and cyber security must be recognized and accepted and that is why there is a major policy persistent in minds of many people that cyber security is a stem discipline stem equals science technology engineering and maths it is not it's a business discipline because disciplinary diversity of people

is essential for a successful organizational cyber security strategy people from almost all disciplines such as sociology linguistics psychology political science language arts business law finance criminal justice and foreign whatnot can succeed in some aspects of cyber security and they are most welcomed in this field and those who adhere to the jaundiced view that people are mailing to be the weakest link resort to more control cyber security programs and surveillance of people which creates a police state and stifle innovations you have to be very smart when working as a cyber security practitioner because there is the exploration and exploitation trade-off that is the fundamental dilemma wherever whenever you learn about the world by trying things out

and since it's interdisciplinary you can explore it to no extent if i share my own story i was first a technical person super technical person doing penetration testing in my first organization then moving on i got into management i pursued a degree in cyber security mba came to my recent organization where i served various roles i have been an auditor i have been a simulating fishing expert i have been a pre-sales engineer when time was required an educator a public speaker because that is why and what makes me here so there are multiple hands that i have done education what kept me going was the mindset of exploring things because there are so many strengths that we as

you uh individuals have but to use those strengths at appropriate places to help you walk the long run run the long run and walk the long mile is required and in my case i have been fortunate because i used to enjoy writing so that helped me as a person who used to contribute blogs i learned technical writing in the process i used to love speaking or listening to people once upon a time i also aspired to be a journalist so now i get to do all the public speaking i have been fortunate to train so many people and the fact that this all was possible was because i kept exploring i remained a student for life

and i i learned one thing very very beautifully that anything that you want to explore if you have the mindset of a hungry person who wants to explore break the things so when as a technical person i used to work all my bosses taught me was that i got to break the code because it's very myopic if you think as a tester all you have to do is pass or fail the case test case so what i used to do was i used to explore this code syntax could be different logic is very much important so now people are always saying that technical skills are difficult that is not if you explore the technical aspects of

cyber security technology is nothing but but ornamental mathematics so if you're good at calculation and if you're good at discerning the patterns identifying patterns it's the right place for you if you are somebody who loves to bridge the gap between the technical team and the business owners and a person who can uh be there out there help both of them come to a common stand cyber security is for you and if at all you are a person that loves speaking or sharing knowledge against cybersecurity is you we have so many great influencers around the world we have so many people who contribute to cyber security community and the fact that you can start from wherever you

want and every expert is important is what makes cyber security a very interesting discipline to be in you will find help whenever you need you can keep exploring whatever you want you can go through identify appropriate mentors who will help you walk through sail through the disciplines you are interested in and that will make cyber security a path you would wish to choose it's ceaseless because learning is a lifelong process and ideas rule the world and knowledge is power all three dimensions that i mentioned learning ideas and knowledge are quintessential part of psy of being in cyber security you cannot choose to go dinosaur with your learning you cannot be a subject matter expert for

just one thing and ignore the rest you have to be holistically acute and that is what will take you high up the ladder faster too and to be holistically approved you will have to constantly brainstorm identify as ideas where you can explore different mine um miniature mindsets and also ask for work be proactive because that goes a long way if you can understand the side of both both the side if you can break the things and then think from the mind of a hacker if you can think like a hacker if you can think like a person who solves the problem if you can behave like a resilient person who is not afraid to fail and then bounce back cyber security

is for you and also if you are somebody who loves to explore and also meet new people cyber security is again for you because we as cyber security practitioners are super privileged imagine me sitting at india at 3 00 am in the morning and talking to you all the way at vancouver that's a privilege because i belong to this domain i have the privilege of learning from the most best minds in the world and also giving back whatever little i know of this thing all i can say why this is a ceaseless irritation is because ignorance of basics is not a good idea you as long as you have your basics right there are infinite possibilities for all

of us to explore all we have to do is make our hands dirty try because having the hands-on experience a demonstrated history across various domain is powerful it makes you wiser it makes your concept stronger and it makes you a strong professional because you will be never be ex afraid to explore and you will never be afraid to take up new challenges and be a new person every day so that makes cyber security a ceaseless irritation do we have questions

i would also like to add a very beautiful learning that my mentor taught me her name is dr angelina garcley she says when you stop thinking the attacker starts thinking continual learning is the key to effective security management so you trust nobody and yet you trust that there are tools which can help you cover the un uncovered and explore the unexplorable be a new person every day be a hungry learner every day and just be enjoy the process it's too much fun to be here also

you can connect to me over linkedin and you can find me on twitter my twitter handle is euphoric bint and this is my linkedin link let me share in the chats so that was my time if i would love to answer any questions if you have any and if if there is any way that i can help you let me know so yes that's my time and that is why cyber security is easy simple people powered and comes with a lot of advantage and privileges this is my linkedin and this is my twitter

thank you john

um

you

Related talks

37:21
Building Security Champions
BSides Vancouver · 2021
42:33
Level Up the Happiness of InfoSec Teams
BSides Vancouver · 2022
27:44
Tips and Advice For Your Early Journey in Cybersecurity
BSides Vancouver · 2022
41:29
12 Monkeys, Curtains for Security Theatre
BSides Vancouver · 2022
56:51
How to Create a Cyber Security Culture
BSides Vancouver · 2022
23:27
Projects Sanity Check
BSides Vancouver · 2021
[ feedback ]