Nicholas Carroll
Nicholas Carroll is a seasoned cybersecurity professional with a career spanning over two decades. He currently serves as a Manager of Cyber Incident Response with Nightwing, leading a team of cyber threat intelligence and DFIR professionals defending Fortune 500 organizations and government agencies. Prior to this, he held the position of CISO for a state government agency, overseeing election cyber projects. His journey in IT and cybersecurity began at the help desk, providing him with a broad perspective on the field. But his skills earned in jobs outside of IT and cyber helped craft the success he has today. He is also a certified cybersecurity instructor, demonstrating his commitment to continuous learning and knowledge sharing to help grow the field.
Sessions
This talk explores cyber career pathways and draws from the personal journey of Nicholas Carroll, who started his career in entry level IT and ascended to the role of a CISO. We will delve into the challenges and opportunities that shape these kinds of career progressions, providing a roadmap for those starting in entry-level IT roles and aspiring to advanced cybersecurity positions. The talk will highlight the importance of continuous learning, certifications, and hands-on experience in climbing the career ladder. We will also discuss tools to help guide career steps including the Cyber Career Pathways Tool, a resource that helps individuals understand the tasks, knowledge, and skills needed to advance in their cyber careers. Attendees will gain valuable insights into transitioning from roles like IT Helpdesk to more specialized cybersecurity roles, and ultimately to leadership positions like CISO. The talk will conclude with practical recommendations for those looking to move up in their careers, emphasizing the importance of mentorship, networking, and staying abreast of the latest trends in cybersecurity.
The SIGMA rules' are an agnostic, text-based, open signature format written in YAML for creating threat detections, developed and open-sourced in 2017 by Florian Roth and Thomas Patzke. The project was conceived to address the challenges facing analysts when sharing and translating rule logic across the various SIEMs and EDRs tools.
This talk will cover how we have implemented the gift of SIGMAs in our hunting workflow to assist with sniffing out gremlins hiding in the network. Showing how SIGMAs can be used to create "guided hunts", using one logic that is translated into various query languages. The logic can be tuned as needed to a specific environment, then rules deemed production ready can be deployed as permanent detections. The goal is to share our process to help organizations who are looking for a method to start to mature their hunting programs.