ChatGPT: A Valuable Ally for Your Information Security Team

One of the best ways to learn to use ChatGPT and other systems is to simply ask them how they can help you. Here is an example:

Prompt: 

Please write a blog post with some examples of things that ChatGPT could do to help an information security team. For each thing, write one or more sample prompts that they could use to get started. Please output in plain text without any markup or specialized formatting.

Response:

Title: ChatGPT: A Valuable Ally for Your Information Security Team

In a digital age where threats to information security are ever-evolving, having a well-rounded defense strategy is crucial. Among the plethora of tools and resources available, ChatGPT, developed by OpenAI, emerges as a valuable ally for information security teams. Here are some ways ChatGPT could assist in bolstering your organization’s cybersecurity measures, along with sample prompts to kickstart these initiatives:

1. Threat Intelligence Analysis
– Sample Prompt: “Identify recent cyber threats relevant to our industry and summarize their characteristics and potential impact.”

2. Phishing Detection Training
– Sample Prompt: “Generate examples of phishing emails related to our company, and explain how to distinguish them from legitimate communications.”

3. Automated Reporting of Security Incidents
– Sample Prompt: “Develop a script for collecting and formatting data related to security incidents for easier analysis and reporting.”

4. Policy and Compliance Documentation
– Sample Prompt: “Help draft a comprehensive Acceptable Use Policy that aligns with industry standards and regulatory requirements.”

5. Security Awareness Training Material Development
– Sample Prompt: “Create engaging training materials to educate employees about cybersecurity best practices and organizational policies.”

6. Log Analysis and Anomaly Detection
– Sample Prompt: “Analyze these system logs to identify any unusual activities and potentially malicious behavior.”

7. Password Policy Enforcement
– Sample Prompt: “Develop a communication to educate employees about our new password policy and the importance of strong, unique passwords.”

8. Incident Response Plan Development
– Sample Prompt: “Assist in drafting an Incident Response Plan outlining the steps to be taken in the event of a security breach.”

9. Vulnerability Assessment
– Sample Prompt: “Provide a checklist for conducting a vulnerability assessment of our network and systems.”

10. Security Tool Evaluation
– Sample Prompt: “Research and compare different cybersecurity solutions to help us decide which tools would best meet our security needs.”

ChatGPT can be a remarkable asset for information security teams, aiding in a multitude of tasks ranging from threat intelligence analysis to policy documentation. By integrating ChatGPT into your cybersecurity strategy, you stand to not only enhance your defense against cyber threats but also free up valuable time for your security personnel to focus on more complex, critical aspects of your organization’s security posture.

Summary:

Learning to use these AI tools is easy if you ask them for help. Learning to use them properly will go a long way toward increasing your productivity. 

 

* Just to let you know, we used some AI tools to gather the information for this article, and we polished it up with Grammarly to make sure it reads just right!

Value of an ISSA Membership

One of the most common questions that mentees ask me is about membership in different groups and organizations. One of the most valuable in the Central Ohio area is ISSA (Information Systems Security Association International). Here are a few reasons why we believe in ISSA, their mission and their work.

Specific Value of an ISSA Membership

The ISSA is the community of choice for international professionals who are interested in furthering individual growth, managing technology risk, and protecting critical information and infrastructure.

A few key reasons that a Cybersecurity professional would want to join ISSA are listed below.

  • Chapters Around The World -ISSA provides educational opportunities and local networking for information security professionals. ISSA’s members can become your strongest allies when needed, and there are 157 chapters around the world.
  • Build Your Knowledge and Reputation – There are opportunities for active participation at Board and Chapter levels. You can use the ISSA Journal and KSEs to share your insights with the industry if you are an ISSA author or speaker. If you have innovative ways to solve problems, have applied security technology to address risks, or have case studies of how you have done it, then your ideas on security challenges, management, and innovation will go a long way in establishing you as a thought leader.
  • Network Like a Pro -Make new contacts and deepen old ones on a regular basis. ISSA offers a lot of networking opportunities beyond exchanging business cards. Forging lasting ties with others who have the same professional interests and concerns is one of the things you can do as you attend local chapter meetings, become involved on a committee or take a prominent leadership role. The sources of inspiration and ideas will come from these relationships. Networking contacts are a great resource for benchmarking security practices and validation of security product features.
  • Grow Your Career – The training you receive through the ISSA will give you a means to find potential career opportunities and can help get you noticed by those looking for someone to join their team. The ISSA sponsors many meetings and conferences that you can attend in order to earn CPEs for various certifications.
  • Learn for a Lifetime – The annual conference and chapter meetings are vital educational and professional resources that provide in-depth and timely information about the information security industry. Meeting and events can help you develop skills and solve problems. In addition to comprehensive workshops, seminars and knowledgeable guest speakers, there are presentations on new technologies. ISSA gives members additional discounts to security conferences.

Summary

In summary, I think that joining ISSA is worth every penny, especially if you want to progress from beginner to practitioner to expert. It’s among some of the best money you can spend in terms of ROI for growing your knowledge and your reputation in the community.

 

We’re Growing Again!

From social media:

Got #infosec skills? We’re looking for a new team member to join MicroSolved. Pen-testing, threat intel & innovation are core reqs. Ethics, rapid learning, positivity are must haves. #Columbus preferred. Get in touch!  

Here is a bit more information: 

This engineer will engage with clients to review technical systems/applications, perform vulnerability assessments/pen-testing, application assessments, cyber threat intelligence assessments, network segmentation analysis, validate technical findings and support customers with security issues across the attack event horizon. 

Projects will cover the scope of networks, applications, security devices, servers/systems and likely embedded systems/components. Deep enterprise network knowledge in one or more areas of networking and/or security is a requirement. Familiarity with NIST standards/cyber security frameworks is preferred. 

To apply, send a resume and cover letter to (jobs <at> microsolved <dot> com). Please, no recruiters and no phone calls. If you have questions, please reach out on Twitter to @lbhuston. 

Thanks! 

MSI is Hiring Again, Do You Want to Work with Our Amazing Team?

MSI is hiring for an immediate Full Time position in Columbus. The successful new team member will have basic network knowledge (routers, able to read packets, etc.), Linux command line use – especially text parsing, will love spending time reading and writing about interesting topics and must be a world-class communicator.

The initial position is coordinating and assisting on a large scale network migration project as a member of our Intelligence and Analytics practice. MSI will mentor the team member in growing their data analysis, intelligence analyst and security subject matter expertise. The growth path for this position has two different opportunities – 1. Focus on intelligence and analytics to develop deep engagement with our TigerTrax™ line of products and services. OR 2. Develop deeper information security expertise and join our security team in performing assessments and professional services. 

If you have an interest in analytics and/or information security and have been looking to move from basic networking into a field of specialization – this may be your opportunity.

Drop us a line on Twitter – @microsolved – or get in touch with us in some other way. The position will be filled shortly – so act fast. 

Applicants should get in touch. We will then discuss sending us a resume, cover letter and a ~300 word essay on why we should consider you as a team member. We hope to see you soon and we look forward to adding another amazing professional to our team.

Sadly, for this position, we need the professional to be in Columbus, Ohio. While we offer work from home capabilities, the specifics of this particular position requires a physical presence in the Columbus area.

Thanks, and get in touch! 

Hiring Data Analysts Who Love Security

MSI is growing again! We are interested in talking to folks about a full time position in our Columbus HQ to help our Intelligence Team.

If you dig being heads down with data, performing deep research and chasing threats around the Internet, this is the gig for you! These folks will be focused primarily on threat profiling, research of companies, crime rings and security news from around the world. The job requires you be familiar with Linux,  have an understanding of information security and to be a power user of the Internet. You should also enjoy python, BASH scripting, command line kung fu and staying bleeding edge current on security happenings. Light public speaking on webinars and conference calls, familiarity with the Mac and excellent writing skills are also preferred.

MSI is an interesting place to work. Our team is seriously dedicated to helping our clients. We are known for doing excellent work, thinking outside the box, going deep into a problem and laser focusing on customer success. Our conversations among team members are fast and full of high density data exchange. It is exciting, fulfilling and demanding work, but we do it with joy, precision and mindful innovation!

Sound like something you might enjoy? If so, get in touch. Send your resume and a cover letter that explains why you are the best choice for our team to aluck@microsolved.com. You can also touch base with me on Twitter if you have questions (@adamjluck). We hope to hear from you if you truly love deep diving on data and hammering out the truth from content all around the web!

Hiring Data Analysts Who Love Security

MSI is growing again! We are interested in talking to folks about a full time position in our Columbus HQ to help our Intelligence Team.

If you dig being heads down with data, performing deep research and chasing threats around the Internet, this is the gig for you! These folks will be focused primarily on threat profiling, research of companies, crime rings and security news from around the world. The job requires you be familiar with Linux,  have an understanding of information security and to be a power user of the Internet. You should also enjoy python, BASH scripting, command line kung fu and staying bleeding edge current on security happenings. Light public speaking on webinars and conference calls, familiarity with the Mac and excellent writing skills are also preferred.

MSI is an interesting place to work. Our team is seriously dedicated to helping our clients. We are known for doing excellent work, thinking outside the box, going deep into a problem and laser focusing on customer success. Our conversations among team members are fast and full of high density data exchange. It is exciting, fulfilling and demanding work, but we do it with joy, precision and mindful innovation!

Sound like something you might enjoy? If so, get in touch. Send your resume and a cover letter that explains why you are the best choice for our team to info@microsolved.com. You can also touch base with me on Twitter if you have questions (@lbhuston). We hope to hear from you if you truly love deep diving on data and hammering out the truth from content all around the web!

PS – Don’t worry, we know we have to train you. We are looking for people with strong core skills, an eagerness to learn and out of the box thinking. We’ll teach you the rest… 🙂

Interested in What We Do? Join MSI Now!

We are thrilled to announce the immediate availability for a new position at MSI. Yes, if you have what it takes, you can join our team! We are seeking a very talented, motivated individual who can come aboard and help us with tasks related to HoneyPoint and TigerTrax. The new position is detailed below. The successful candidate will be local to the Central Ohio area (must be able to be work from the Columbus HQ) and will be motivated, engaging and capable of self-directed work. Primarily, the position will be focused on helping clients with scoping and installation of HoneyPoint and performing TigerTrax engagements.

Future career options for the position would be a choice between pursuing a future position on the technical security team (including pen-testing, etc.) or to grow into the deeper intelligence/research team that currently is embodied by TigerTrax. While the initial position will expose you to both, together, we can help scope where your interests and talents lie. Management and team leadership are also possible in either career path, as well.

This is a full time salary position, with benefits and a wide range of flexible working arrangements once the proper skills and trust are built. It also includes profit sharing, 401K with match and a variety of other benefit packages.

Successful candidates will present a resume, cover letter and a sample of their professional writing. You can apply for the position by emailing these items (PDF format) to info <at> microsolved <dot> com. No calls or placement/recruiters, please.

Further details of the position:

The information technology analyst is a key member of the MicroSolved, Inc. team who specializes in our software and research tool set. This team member must be: 

  • proficient with research skills
  • knowledgeable of social media networks and formats
  • knowledgeable of basic networking skills
  • proficient with Windows, Mac OS/X and Linux at the command line
  • proficient with command line scripting (shell/Python) and be a power-user of the Internet 

The successful analyst should be detail oriented, enjoy reading, solving logic and language puzzles and be proficient with technical writing and technical reports. Occasional travel, including internationally, is required. 

This team member is responsible for research projects beginning with data generation through report preparation and delivery to the client. This team member is also responsible for the scoping and deployment of MicroSolved, Inc’s threat detection platform – HoneyPoint Security Server (HPSS). 

As always, thanks for reading, and I hope to see you on the team very soon!

Come Grow with MicroSolved

MSI is currently seeking two full time team members to help grow our information security offerings to our clients. 

We are seeking a sales person to assist current customers with their needs, conduct campaigns to identify new prospects, work directly with the security engineers to scope engagements and complete the process by closing engagements and working with the project managers to complete the work plan. The successful sales person will be detail oriented, friendly, self motivated and willing to engage with customers with a high level of passion and energy. Our sales process is mature, transparent and client focused and that has helped us become one of the oldest information security firms in the country. The sales position can be filled by someone located anywhere in the mid-west, as long as they are open to some travel to visit clients and occasional travel back to Columbus as needed. 

The other position is a security team member. This is a technical position, with the primary duties being penetration testing of networks, applications and electronic devices. Security team members also back up the risk assessment team, perform consulting duties and help with development of products and services across the MSI offerings. Some security experience is required, along with expected proficiency with operating systems, networking and some basics of coding/scripting. The security team member position should live in Central OH. We need physical presence for much of the work in our lab, so this person has to be close to HQ. 

To apply for either of these positions, please drop us an email with a resume, a short bio and few paragraphs that explain exactly what you bring to the table and why we should add you to our team. Email us at INFO(at sign)microsolved.com. Thanks for reading and we look forward to hearing from you! 

Help Us Help the World with Information Security

We are seeking a motivated, IT knowledgeable sales person to help our information security firm reach new clients and new markets. 
 
We have a strong history of excellent work, terrific products that stand out in the crowd, and an amazingly skilled and friendly team. We are a results oriented work environment with a laser focus on serving our customers well.
 
The position is full time, with benefits, and enjoys a salary plus commission and bonuses pay structure. The duties include maintaining current client relationships, conducting targeted marketing campaigns to connect with prospects, working with security engineers to help scope solutions to customer problems and closing sales for products and services. We have an open, well defined, mature sales process that includes ongoing feedback, real world metrics and shared goal setting. 
 
The successful candidate can be in Columbus, located somewhere else in Ohio or throughout the mid-west. To succeed in the position, you should be detail oriented, self motivated and be ready to engage with some of the most amazing clients in the world. 
 
Please provide a high level bio, a resume and a quick couple of paragraphs that explain the value you can bring to our team. We look forward to hearing from you! 
 
You can reach us via email at INFO(at sign)microsolved.com or via Twitter (@lbhuston).