SlideShare a Scribd company logo

Cyber Scotland Connect: What is Security Engineering?

Download as PPTX, PDF
H
Harry McLaren

Harry McLaren is a managing consultant at ECS who gives a presentation on cybersecurity engineering. Cybersecurity engineering involves building systems, deploying configurations, integrating systems, and developing solutions to protect against, detect, and respond to threats. It is important for engineering projects to consider people, process, technology, the end user, support requirements, and how the solution fits within the business and IT strategies. The presentation provides examples of scenario walkthroughs and best practices for engineers, such as using automation, version control, containers, and cloud technologies.

Technology
Related topics:
Information Security
1 of 18
Downloaded 10 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
What is [Cyber]Security Engineering? Harry McLaren – Managing Consultant at ECS
Harry McLaren •Alumnus of Napier University • Active Student Mentor •Managing Consultant at ECS [Security] • Splunk Enablement Lead, Engineer & Architect • Previous Roles: • Security Engineer, SOC Analyst, IT Technician
Coming Up: •Definition of [Cyber]Security Engineering •NIST Security Framework •It’s All About the PPTs! •Scenario Based Walkthrough •Best Practices for Engineers in 2018 •Resources ~25mins
Building things to protect, detect, and respond to threats. [Risk Management Control]
Image Source: Fuze
Types of Engineering (Not Exhaustive!) Systems Deployment & Configuration Systems Integration Setup of Automation & Orchestration Solution Development
It’s All About the PPTs! Successful Projects People Process Technology
People & Process • Who’s the end user? • Who’s going to support it? • How extensible is it? • What are the training requirements? • How do people feel? • Building champions! • How does it fit within the businesses IT? • How does it align to the company strategy? • Does it leverage best practices for design/build/deploy? • How resilient to change is the solution?
Scenario Walkthrough 1. Business Has Problem: Security Monitoring Desperate Data Sources, Data Siloed, Cross-Functional Use Cases, Legacy “Big Data” Choose a Technology: 2. Magic??? 3. 1-12 Months Later… Success!
Systems Deployment & Configuration • High/Low-Level Designs • Technical Architecture • Infrastructure Build • Software Deployment • Software Configuration
Integration into Other Systems • Data Collection • Data On-boarding • RESTful API • CMDB (Identities & Assets) • Workflow / Ticketing • Contextual Analysis
Setup of Automation & Orchestration • Automated Build • Auto-scaling • Responsive Actions • Version Control • Configuration Management
Solution Development • Data Analytics as a Service (DAaaS) • Self Service • End-to-End Business Support & Development • Centres of Excellence • Solution Champions
Best Practices for Engineers in 2018 • Outcome based Development (Lean/Scrum/Agile) • Version Control (VCS) • Configuration Management (CMS) • Development & Release Frameworks (Route-to-Live) • Capture Knowledge • Build Lab Environments • Containerisation for Rapid & Mobile Development • Leverage Cloud Agility • Consider Multi-Cloud • Facilitate the Business, Don’t be a Blocker
Resources • Splunk/ Data Analytics • Intro to Splunk • Free 2-day Course • Threat Hunting • Agile based Development • Version Control 101 • Configuration Management 101 • Getting Things Done Methodology • Cloud • Free AWS Tier / Training • Free Azure Tier / Training • Starting with Docker • Starting with Python • Starting with Go
Say Hello! @cyberharibu linkedin.com/in/harrymclaren harrymclaren.co.uk
Cyber Scotland Connect •Community Directed Group (What Do You Want?) Shape Us •Slack! (Website Coming Soon!) Connect with Us •Seeking Contributions (Speaking, Practical Labs, Etc) Share with Us
Cyber Scotland Connect: What is Security Engineering?

More Related Content

PPTX
Big Data For Threat Detection & Response
Harry McLaren
 
PPTX
SIEM Primer:
Anton Chuvakin
 
PPTX
EDR vs SIEM - The fight is on
Justin Henderson
 
PDF
INFOGRAPHIC▶ Protecting Corporate Information In the Cloud
Symantec
 
PPSX
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
centralohioissa
 
PPTX
IBM - Security Intelligence para PYMES
Fernando M. Imperiale
 
PPTX
Modern Security Operations & Common Roles/Competencies
Harry McLaren
 
PPTX
Perforce on Tour 2015 - How are You Protecting Your Source Code?
Perforce
 
Big Data For Threat Detection & Response
Harry McLaren
 
SIEM Primer:
Anton Chuvakin
 
EDR vs SIEM - The fight is on
Justin Henderson
 
INFOGRAPHIC▶ Protecting Corporate Information In the Cloud
Symantec
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
centralohioissa
 
IBM - Security Intelligence para PYMES
Fernando M. Imperiale
 
Modern Security Operations & Common Roles/Competencies
Harry McLaren
 
Perforce on Tour 2015 - How are You Protecting Your Source Code?
Perforce
 

What's hot (20)

PDF
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
infoLock Technologies
 
PPT
Top 10 SIEM Best Practices, SANS Ask the Expert
AccelOps
 
PPTX
PaaS security challenges and solutions (salesforce vision)
Olga Lavrentieva
 
PDF
Improving IR Workflow - Using Risk-Based Escalation in HP ArcSight ESM
Anton Goncharov
 
PDF
Outpost24 webinar: Security Analytics: what's in a risk score
Outpost24
 
PPTX
Tictaclabs Managed Cyber Security Services
TicTac Data Recovery
 
PDF
Outpost24 webinar - Implications when migrating to a Zero Trust model
Outpost24
 
PPTX
Best Practices for Scoping Infections and Disrupting Breaches
Splunk
 
PPTX
Shared Security Responsibility in the AWS Public Cloud
Alert Logic
 
PDF
Issa symc la 5min mr
ISSA LA
 
PDF
LogSentinel Next-Gen SIEM
Denitsa Dimova
 
PDF
Top 5 Cloud Security Predictions for 2016
Alert Logic
 
PDF
RSA: Security Analytics Architecture for APT
Lee Wei Yeong
 
PPTX
How to Secure Your IaaS and PaaS Environments
Info-Tech Research Group
 
PDF
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
PDF
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
PPTX
Outpost24 webinar: Risk-based approach to security assessments
Outpost24
 
PPTX
Information Security: Advanced SIEM Techniques
ReliaQuest
 
PDF
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
centralohioissa
 
PPTX
Vulnerability Testing Services Case Study
Nandita Nityanandam
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
infoLock Technologies
 
Top 10 SIEM Best Practices, SANS Ask the Expert
AccelOps
 
PaaS security challenges and solutions (salesforce vision)
Olga Lavrentieva
 
Improving IR Workflow - Using Risk-Based Escalation in HP ArcSight ESM
Anton Goncharov
 
Outpost24 webinar: Security Analytics: what's in a risk score
Outpost24
 
Tictaclabs Managed Cyber Security Services
TicTac Data Recovery
 
Outpost24 webinar - Implications when migrating to a Zero Trust model
Outpost24
 
Best Practices for Scoping Infections and Disrupting Breaches
Splunk
 
Shared Security Responsibility in the AWS Public Cloud
Alert Logic
 
Issa symc la 5min mr
ISSA LA
 
LogSentinel Next-Gen SIEM
Denitsa Dimova
 
Top 5 Cloud Security Predictions for 2016
Alert Logic
 
RSA: Security Analytics Architecture for APT
Lee Wei Yeong
 
How to Secure Your IaaS and PaaS Environments
Info-Tech Research Group
 
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
Outpost24 webinar: Risk-based approach to security assessments
Outpost24
 
Information Security: Advanced SIEM Techniques
ReliaQuest
 
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
centralohioissa
 
Vulnerability Testing Services Case Study
Nandita Nityanandam
 
Ad

Similar to Cyber Scotland Connect: What is Security Engineering? (20)

PDF
The What, Why, and How of DevSecOps
Cprime
 
PDF
Road to rockstar system analyst
Mizno Kruge
 
PDF
Ahmed Yaser CV 10-2015
Ahmed Yaser Ibrahim
 
PPTX
NIST Cybersecurity Framework (CSF) on the Public Cloud
CloudHesive
 
PPTX
System Design introduction main content .pptx
nobewo5949
 
PDF
Applying DevOps from the Mobile to the Mainframe
CA Technologies
 
PPTX
Open Day 2015
Santos Pardos. MBA,CEA,TOGAF,PMP, PMI-PBA
 
PDF
AppSec in an Agile World
David Lindner
 
PDF
Lynx Overview
Rick Lavigne
 
PDF
CNIT 160 Ch 4a: Information Security Programs
Sam Bowne
 
PPTX
Cloud Enablement Engine Role Definition and Mapping
Tom Laszewski
 
PDF
Machine Learning Operations Cababilities
davidsh11
 
PDF
ITAM AUS 2017 How to get SAM happily frolicking on the Cloud
Martin Thompson
 
PDF
CNIT 160 Ch 4a: Information Security Programs
Sam Bowne
 
PPTX
Security on AWS, 2021 Edition Meetup
CloudHesive
 
PPTX
Security on AWS, 2021 Edition Meetup
CloudHesive
 
PPTX
LSG Intro
Mike Wickham
 
PDF
Professional and Technology Services
The Consulting Practice Inc.
 
PDF
ADDO_2020-Driving-Digital-Transformation-through-CloudOps-and-SRE.pdf
Phil Johnson
 
PPTX
Why We Need Architects (and Architecture) on Agile Projects
Rebecca Wirfs-Brock
 
The What, Why, and How of DevSecOps
Cprime
 
Road to rockstar system analyst
Mizno Kruge
 
Ahmed Yaser CV 10-2015
Ahmed Yaser Ibrahim
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
CloudHesive
 
System Design introduction main content .pptx
nobewo5949
 
Applying DevOps from the Mobile to the Mainframe
CA Technologies
 
Open Day 2015
Santos Pardos. MBA,CEA,TOGAF,PMP, PMI-PBA
 
AppSec in an Agile World
David Lindner
 
Lynx Overview
Rick Lavigne
 
CNIT 160 Ch 4a: Information Security Programs
Sam Bowne
 
Cloud Enablement Engine Role Definition and Mapping
Tom Laszewski
 
Machine Learning Operations Cababilities
davidsh11
 
ITAM AUS 2017 How to get SAM happily frolicking on the Cloud
Martin Thompson
 
CNIT 160 Ch 4a: Information Security Programs
Sam Bowne
 
Security on AWS, 2021 Edition Meetup
CloudHesive
 
Security on AWS, 2021 Edition Meetup
CloudHesive
 
LSG Intro
Mike Wickham
 
Professional and Technology Services
The Consulting Practice Inc.
 
ADDO_2020-Driving-Digital-Transformation-through-CloudOps-and-SRE.pdf
Phil Johnson
 
Why We Need Architects (and Architecture) on Agile Projects
Rebecca Wirfs-Brock
 
Ad

More from Harry McLaren (20)

PPTX
Security Operations, MITRE ATT&CK, SOC Roles / Competencies
Harry McLaren
 
PPTX
Becoming a Defender (Blue Teams FTW!)
Harry McLaren
 
PPTX
Virtual Splunk User Group - Phantom Workbook Automation & Threat Hunting with...
Harry McLaren
 
PPTX
SOC Fundamental Roles & Skills
Harry McLaren
 
PPTX
Hunting Hard & Failing Fast (ScotSoft 2019)
Harry McLaren
 
PPTX
Splunk Phantom, the Endpoint Data Model & Splunk Security Essentials App!
Harry McLaren
 
PPTX
Collecting AWS Logs & Introducing Splunk New S3 Compatible Storage (SmartStore)
Harry McLaren
 
PPTX
Using Metrics for Fun, Developing with the KV Store + Javascript & News from ...
Harry McLaren
 
PPTX
Splunk .conf18 Updates, Config Add-on, SplDevOps
Harry McLaren
 
PPTX
SplDevOps: Making Splunk Development a Breeze With a Deep Dive on DevOps' Con...
Harry McLaren
 
PPTX
Lessons on Human Vulnerability within InfoSec/Cyber
Harry McLaren
 
PPTX
OWASP - Analyst, Engineer or Consultant?
Harry McLaren
 
PPTX
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
Harry McLaren
 
PPTX
Cyber Scotland Connect: Getting into Cybersecurity (Deck 2)
Harry McLaren
 
PPTX
Cyber Scotland Connect: Getting into Cybersecurity (Deck 1)
Harry McLaren
 
PPTX
Cyber Scotland Connect: Welcome & Purpose Statement
Harry McLaren
 
PPTX
Latest Updates to Splunk from .conf 2017 Announcements
Harry McLaren
 
PPTX
Securing the Enterprise/Cloud with Splunk at the Centre
Harry McLaren
 
PPTX
Security Meetup Scotland - August 2017 (Deconstructing SIEM)
Harry McLaren
 
PPTX
Deconstructing SIEM
Harry McLaren
 
Security Operations, MITRE ATT&CK, SOC Roles / Competencies
Harry McLaren
 
Becoming a Defender (Blue Teams FTW!)
Harry McLaren
 
Virtual Splunk User Group - Phantom Workbook Automation & Threat Hunting with...
Harry McLaren
 
SOC Fundamental Roles & Skills
Harry McLaren
 
Hunting Hard & Failing Fast (ScotSoft 2019)
Harry McLaren
 
Splunk Phantom, the Endpoint Data Model & Splunk Security Essentials App!
Harry McLaren
 
Collecting AWS Logs & Introducing Splunk New S3 Compatible Storage (SmartStore)
Harry McLaren
 
Using Metrics for Fun, Developing with the KV Store + Javascript & News from ...
Harry McLaren
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
Harry McLaren
 
SplDevOps: Making Splunk Development a Breeze With a Deep Dive on DevOps' Con...
Harry McLaren
 
Lessons on Human Vulnerability within InfoSec/Cyber
Harry McLaren
 
OWASP - Analyst, Engineer or Consultant?
Harry McLaren
 
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
Harry McLaren
 
Cyber Scotland Connect: Getting into Cybersecurity (Deck 2)
Harry McLaren
 
Cyber Scotland Connect: Getting into Cybersecurity (Deck 1)
Harry McLaren
 
Cyber Scotland Connect: Welcome & Purpose Statement
Harry McLaren
 
Latest Updates to Splunk from .conf 2017 Announcements
Harry McLaren
 
Securing the Enterprise/Cloud with Splunk at the Centre
Harry McLaren
 
Security Meetup Scotland - August 2017 (Deconstructing SIEM)
Harry McLaren
 
Deconstructing SIEM
Harry McLaren
 

Recently uploaded (20)

PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PPTX
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Teaching material agriculture food technology
LiaRayya
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Cloud computing and distributed systems.
kkkkkhan
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 

Cyber Scotland Connect: What is Security Engineering?

  • 1. What is [Cyber]Security Engineering? Harry McLaren – Managing Consultant at ECS
  • 2. Harry McLaren •Alumnus of Napier University • Active Student Mentor •Managing Consultant at ECS [Security] • Splunk Enablement Lead, Engineer & Architect • Previous Roles: • Security Engineer, SOC Analyst, IT Technician
  • 3. Coming Up: •Definition of [Cyber]Security Engineering •NIST Security Framework •It’s All About the PPTs! •Scenario Based Walkthrough •Best Practices for Engineers in 2018 •Resources ~25mins
  • 4. Building things to protect, detect, and respond to threats. [Risk Management Control]
  • 6. Types of Engineering (Not Exhaustive!) Systems Deployment & Configuration Systems Integration Setup of Automation & Orchestration Solution Development
  • 7. It’s All About the PPTs! Successful Projects People Process Technology
  • 8. People & Process • Who’s the end user? • Who’s going to support it? • How extensible is it? • What are the training requirements? • How do people feel? • Building champions! • How does it fit within the businesses IT? • How does it align to the company strategy? • Does it leverage best practices for design/build/deploy? • How resilient to change is the solution?
  • 9. Scenario Walkthrough 1. Business Has Problem: Security Monitoring Desperate Data Sources, Data Siloed, Cross-Functional Use Cases, Legacy “Big Data” Choose a Technology: 2. Magic??? 3. 1-12 Months Later… Success!
  • 10. Systems Deployment & Configuration • High/Low-Level Designs • Technical Architecture • Infrastructure Build • Software Deployment • Software Configuration
  • 11. Integration into Other Systems • Data Collection • Data On-boarding • RESTful API • CMDB (Identities & Assets) • Workflow / Ticketing • Contextual Analysis
  • 12. Setup of Automation & Orchestration • Automated Build • Auto-scaling • Responsive Actions • Version Control • Configuration Management
  • 13. Solution Development • Data Analytics as a Service (DAaaS) • Self Service • End-to-End Business Support & Development • Centres of Excellence • Solution Champions
  • 14. Best Practices for Engineers in 2018 • Outcome based Development (Lean/Scrum/Agile) • Version Control (VCS) • Configuration Management (CMS) • Development & Release Frameworks (Route-to-Live) • Capture Knowledge • Build Lab Environments • Containerisation for Rapid & Mobile Development • Leverage Cloud Agility • Consider Multi-Cloud • Facilitate the Business, Don’t be a Blocker
  • 15. Resources • Splunk/ Data Analytics • Intro to Splunk • Free 2-day Course • Threat Hunting • Agile based Development • Version Control 101 • Configuration Management 101 • Getting Things Done Methodology • Cloud • Free AWS Tier / Training • Free Azure Tier / Training • Starting with Docker • Starting with Python • Starting with Go
  • 17. Cyber Scotland Connect •Community Directed Group (What Do You Want?) Shape Us •Slack! (Website Coming Soon!) Connect with Us •Seeking Contributions (Speaking, Practical Labs, Etc) Share with Us

Editor's Notes

  • #6: Image Source: https://www.fuze.com/blog/on-the-Evolving-Cybersecurity-Landscape
  • #10: Image Source: https://southpark.cc.com
  • #11: Image Source: https://aws.amazon.com/quickstart/architecture/splunk-enterprise/