re those tough lessons learned that you will never forget and more importantly vowed to never repeat again? Especially those of you who have been in information security for many years and perhaps a member of several different teams. Consider yourself encouraged to remember those from now on I will Always and I will Never again lessons that were learned at your $OldJob. ">">I remember all to well when I decided to perform a network scan from a new laptop. I was so eager to use the new equipment that I failed to record the MAC and IP address of this shiny new device. I tested it out and everything seemed to be great - until the next morning when an enormous amount of scan traffic was detected inside a sensitive network. Our teams went into full incident response mode in an effort to determine what happened. After learning who did it, the team was gracious in its response to me and none of us made that mistake again.">">">1 - Never settle for we have always done it that way. Assume nothing by asking lots of questions, such as When was the last time we compared the GPO to the written security policy">">2 - Share regularly within your trusted communities in a way that does not put your organization at risk, but demonstrates you are still learning and remain willing to contribute.Dont think that you need to share all of the gory details to make a difference with this approach. In fact, you will be much better off by leaving those out entirely.">">">">">@russelleubanks
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.