WEBVTT 00:00:00.076 --> 00:00:01.306 A:middle >> My name is Angel Heurrca [assumed spelling]. 00:00:01.496 --> 00:00:04.216 A:middle I am a Senior Computer Information Security Analyst 00:00:04.376 --> 00:00:07.176 A:middle with the Software Engineering Institute of Carnegie Mellon University. 00:00:07.396 --> 00:00:13.326 A:middle I work here in DC, in Washington DC, and I support -- our specific branch supports the DOD, 00:00:13.326 --> 00:00:18.156 A:middle and specifically, DHS and other federal agencies in the Washington DC region. 00:00:18.576 --> 00:00:21.876 A:middle We work on different projects, depending on the agency and what the need is. 00:00:21.876 --> 00:00:24.286 A:middle We kind of particularly come in and work with -- 00:00:24.396 --> 00:00:27.396 A:middle if there's something that the government can't figure out on their own, 00:00:27.436 --> 00:00:30.166 A:middle they will call in the Software Engineering Institute to help them kind of come 00:00:30.166 --> 00:00:34.116 A:middle up with a plan or a process to implement something or to develop a solution. 00:00:34.296 --> 00:00:36.626 A:middle Something that could happen is they need help with analysis 00:00:36.626 --> 00:00:39.446 A:middle of cyber security, what we could call indicators. 00:00:39.766 --> 00:00:41.136 A:middle An indicator would be something that would come 00:00:41.136 --> 00:00:44.436 A:middle up in an intrusion detection system, an anomaly that's been detected. 00:00:44.816 --> 00:00:50.206 A:middle How to do fine correlations within anomalies and those type of things. 00:00:50.626 --> 00:00:55.486 A:middle Also, working with developing policies around cyber security and how user awareness 00:00:55.486 --> 00:00:59.826 A:middle and how users should behave on a network, but also to inform users themselves 00:00:59.826 --> 00:01:02.116 A:middle about what proper etiquette is on the Internet. 00:01:02.226 --> 00:01:06.936 A:middle Yeah, the biggest thing that affects not only federal agencies but just industry 00:01:06.936 --> 00:01:14.036 A:middle in general is phishing scams and malware delivered that way, or malicious actors trying 00:01:14.186 --> 00:01:18.556 A:middle to take advantage of users, and it typically revolves 00:01:18.556 --> 00:01:21.686 A:middle around the user not knowing how to react to something. 00:01:22.046 --> 00:01:26.296 A:middle So when I said earlier about talking about developing policy and developing user awareness, 00:01:26.296 --> 00:01:30.776 A:middle a lot of the issues revolve around user understanding that what is within scope 00:01:30.776 --> 00:01:33.016 A:middle or what is out of scope of what their normal day-to-day would be. 00:01:33.366 --> 00:01:36.426 A:middle Let's say, for example, you get an email today that is indicative 00:01:36.426 --> 00:01:37.606 A:middle of a, oh, you have a package coming. 00:01:37.606 --> 00:01:40.516 A:middle Well, you know you haven't ordered anything the last couple months, 00:01:40.566 --> 00:01:42.526 A:middle but you have this email, and then what you do? 00:01:42.526 --> 00:01:45.666 A:middle Do you automatically just go click on the link, or do you already know 00:01:45.666 --> 00:01:47.756 A:middle that this is something that you should question? 00:01:48.236 --> 00:01:51.306 A:middle Oftentimes, people are, all, who sent me a package? 00:01:51.336 --> 00:01:54.836 A:middle Click. People that work in security operations centers are definitely looked 00:01:54.836 --> 00:01:56.306 A:middle as a 24-7 operation. 00:01:57.076 --> 00:01:59.946 A:middle You know, three shifts, so that is out there. 00:02:00.016 --> 00:02:05.306 A:middle My particular role is not necessarily in that type of environment. 00:02:05.856 --> 00:02:06.826 A:middle Mine is more structured. 00:02:06.826 --> 00:02:10.116 A:middle So I actually have more banker's hours, like 9 to 5. 00:02:10.946 --> 00:02:15.706 A:middle But you know, aside from that, it's still very important to work with policy, 00:02:15.706 --> 00:02:20.026 A:middle to work with strategic implementation of cyber security solutions and those types of things. 00:02:20.026 --> 00:02:25.226 A:middle You know, we come up with a plan of how things should be mapped out, architected out, 00:02:25.226 --> 00:02:29.036 A:middle and then have you know, actual hands-on keyboards, hands on deck type 00:02:29.036 --> 00:02:31.796 A:middle of technical people to kind of go in and implement those out.