Triggering Events Timeline Which Led Me To My Career In Cybersecurity
I did not wake up one day and decide on becoming a Cybersecurity professional. A series of events led me down the path to going in a new direction and not touching or configuring technology anymore. Before becoming a cybersecurity professional, I was a Sr. Systems Server Engineer for a very large financial institution. The entire division of System Engineers and myself spent hours walking around data centers with a CD of tools for the purpose of removing viruses and installing virus software on servers to protect them from another attack. In addition to removing viruses, we also were spending a lot of time making changes to the registry of Windows systems to comply I with federal regulations regarding protecting customer data and privacy. The following sequence of events caused me to think critically and I had my “ah ha” moment: I said to myself: “Protecting systems from attack, data from being stolen and preserving customer privacy.”
Thus the following timeline:
- November 12, 1999 - Gramm-Leach –Bliley Act (GLBA) (Safeguards Rule) Enacted.
GLBA compliance is mandatory; whether a financial institution discloses nonpublic information or not, there must be a policy in place to protect the information from foreseeable threats in security and data integrity.
Major components put into place to govern the collection, disclosure, and protection of consumers’ nonpublic personal information; or personally identifiable information include:
•Financial Privacy Rule
- July 15, 2001 – Code Red I - Affected computers worldwide. Put a halt to many company operations.
- August 2, 2001 - Code Red II – Affected computers worldwide. Put a halt to many company operations.
- September 18, 2001 - Nimda Worm – Affected computers worldwide. Put a halt to many company operations.
- November 22, 2001 – Attended a BDPA Charlotte meeting where Ron Clement shared a presentation about the CISSP (Certified Information Systems Security Professional) exam and 10 Security Domians and entering the IT Security field.
- November 28, 2001 - News of Enron’s hidden losses became public knowledge; stock decreased to $1; Once had a high of $90.56.
- July 30, 2002 - Sarbanes-Oxley Act Enacted - Law put in place because of the scandals at Enron and Worldcom. "Corporate and Auditing Accountability and Responsibility Act" (in the House) and more commonly called Sarbanes–Oxley, Sarboxor SOX, is a United States federal law that set new or enhanced standards for all U.S. public company boards, management and public accounting firms. There are also a number of provisions of the Act that also apply to privately held companies, for example the wilful destruction of evidence to impede a Federal investigation.
- September 2004 – Started Graduate School
- June 2006 – Obtained Position as IT Auditor
- June 2006 – Finished Graduate School.
- Present – The rest is history.