TCD #004: Staying Updated In Cybersecurity

A big thank you to our sponsors who keep this newsletter free to the reader:

This week's issue is sponsored by The LinkedIn Operating System, by Justin Welsh. The best solution for growing your LinkedIn profile. You can take a look at it and grab a copy by clicking here.

I hope you’re having a good weekend. I’m going to be trying out a new format for this newsletter. I’ve experimented with a variety of different things, from actionable guides to frameworks. As a final point of call, what we’ll be doing here is splitting it somewhere between curation and actionable insights.

This week, we're going to be taking a look at different ways to stay up-to-date in cybersecurity. Part of my job involves staying informed about specific niches. I'm also asked quite frequently by other security researchers for my RSS feed or configuration, so I've decided to make this post.

Point Summary

• I use Google News and Alerts to monitor for specific keywords.
• I scroll through Feedly and save what catches my attention.
• I occasionally scroll through my Twitter feed to view popular tweets.
• I often engage in conversations on networks to see what's popular.
  

Configuring Google Alerts To Receive Notifications

Sometimes I try to stay up-to-date with specific keywords or niche areas of cybersecurity, such as Microsoft's Mark of the Web (MOTW) feature. So if I'm looking for all updates and developments related to this, I'll set a Google Alert for any publications that come out for this keyword.

This is fairly straightforward and easy to do but you have to know what you’re looking for specifically in order to get good use out of it. If you’re not specific enough, you will end up getting a ton of emails about useless updates and developments related to cybersecurity.

Browsing Curation With Feedly

I discovered Feedly a few months ago, and it is an amazing tool. It enables me to compile a list of news websites into one condensed feed. This is brilliant; every morning when I wake up, I go through this feed and highlight anything that catches my eye so that I can browse it when I have some free time during the day.

I use the default cybersecurity feed with over 100 different resources; however, I must note that it does miss a lot of crucial news sometimes, despite having a large number of sources in use.

Scrolling Through My Twitter Feed

A lot of people recommend Twitter and often view it as a must-have. While it is a valuable resource, I find myself using it less and less due to its lack of concentration and focus. I mostly use the search feature to check for any updates in relation to specific keywords.

Here's a random example that shows up on my feed after scrolling through it for a few seconds:

I’ve not not been able to create a list of people to follow for specific niches because it would be too extensive. However, I highly recommend looking for researchers or people proficient in specific areas of cybersecurity that you are interested in and following them.

Engaging In Discussions On Networks

This one is a bit more proactive, but I've decided to include it because it's part of my routine and an aspect of information gathering. I've been invited to many networks throughout the years as a result of networking. What I usually do is take a specific keyword, or phrase that I'm looking for—let's say CVE-2017-16259 for example—and enter it in the search feature of the chat program that I'm using to look across all networks for any specific mention of it.

This usually proves quite fruitful. Depending on the networks that you're on, there are usually allocated channels for news and updates. I'm not a member of any open networks because I find the content and discussion quality to be incredibly low. You're better off forming relationships with people and getting invited to networks that are pay-walled or invitation-only.

Quote Of The Week

"The only secure computer is one that's unplugged, locked in a safe, and buried 20 feet under the ground in a secret location... and I'm not even too sure about that one." - Dennis Hughes, FBI