Learning Security with Mayur

Technologies and buzzwords come and go, but, in technology terms, some often make the cut and go into the big league. Think of cloud computing 20 years ago, or zero trust around 5 years ago. Today everyone is just gushing over it and calling it the next battleground and the tool for the growth and transformation of their business.  Just like them, there is a new buzzword out there, that is claiming to change security like anything. (Pronounced SASSY) SASE is the latest fad to get viral status, with multiple tech forums calling 2023 the year when it finally takes off. So what is SASE all about? This blog post will help to unravel this for you.  What is SASE? This was first described by Gartner in the August 2019 report The Future of Network Security in the Cloud and expanded upon in their 2021 Strategic Roadmap for SASE Convergence. Gartner defines SASE as “The secure access service edge is an emerging offering combining comprehensive WAN capabilities with comprehensive network...

This episode talks about the basic concepts of information security - Threat, Vulnerability, Risk, Threat Agent & Countermeasures. 

What does a typical workday in the life of a CISO look like? Most CISOs would agree that there are myriad things that are constantly begging for attention in their work, and yet have 20 extra things that land up in their inbox that need to be sorted out immediately - High impact data leakages, discussion with a prospective customer, a minor escalation, and Oh Yes (or No !!, not again), another review with CEO/COO/CIO/Board of directors and what not!! This is in addition to the millions of discussions or calls they are pulled in on TEAMS/ZOOM etc. etc. and the zillions of emails asking for guidance on every aspect. Did I miss the travel itinerary that needs to be taken care of? Hold on, I know these expressions !! You are either smirking that I missed so many things or just smiling that you don’t deal with any of this stuff, but so much other stuff that I have not even touched upon. Whatever the case, you would agree that cybersecurity professionals have a tough job that involves intens...

This episode talks about the 3 pillars of information security - Confidentiality, Integrity, and Availability. 

How many customers are migrating to the cloud today? Well, mostly all of them. The reasons are multifold - cost-cutting, digital transformation, online presence, backups, etc. Companies are moving their entire enterprise data in a lot of cases entirely to the cloud and in some cases, even the most sensitive data is available online. Many organizations suffer from this myth that once the data is moved to the cloud, it's safe from attacks and especially ransomware attacks. They also believe that the cloud provider will take care of all the security needs from a data protection perspective. Well, this blog post will analyze in detail and try to explain that the cloud is not a panacea to all your security needs and debunk certain myths related to cloud security. How Big is the cloud? A quick Google search will help you uncover some mind-blowing facts: Globally, the cloud computing market will surpass $1 trillion by 2028. (Precedence Research) The global cloud computing market grew from...

Well, we all love predictions, don’t we? The new year rings in and there is a flood of predictions from all ends - financial trends, fashion trends, puppy trends, climate trends, and whatnot!! How can cybersecurity be far behind? Google “Cybersecurity Trends 2023” and you will find myriad results on this. What does this blog post offer then?  Well, I thought it to write it from my perspective, rather than making it to upsell the services which these companies offer while writing such articles. An antivirus company’s security trends are all focused on malware and how that company can help you overcome it. A SIEM company wants you to use the new tools and so forth… Here is a set of predictions from my perspective: CyberSecurity Talent Supply Issues will continue to rise and the payouts will increase drastically While tech companies may be laying off employees, cybersecurity will continue to thrive and companies will have a hard time finding talent. The attrition levels will rise alon...

I remember the time when I was preparing for my certification exams ( SSCP & CISSP) and more recently for CCSP, I used a technique that is quite common amongst those who are preparing for the exams. Flash cards are an essential way to revise the various exam concepts at any point in time - you have started preparing or want to revise or brush up before D-Day. Flash Cards are available in multiple forms and the best one is that you prepare yourself for your own consumption, I have created what worked for me. The term and its complete definition helped me a lot during the exam as the words were very clear in my mind. Here are specific samples for your consumption, however, these will be available exclusively as of now only on INSTAGRAM from January 2023. You can follow me there for updates. The flashcards will be posted twice a week as posts.   The first image is the term and the second image is the definition of the term. This will help you quickly remember the concept associa...

Dear Readers, Wishing you and your family, a very Happy Diwali and a prosperous New Year. May all your wishes come true and May God bless you !!! Keep reading, Keep Learning and Keep yourself cyber-safe!

It has been a journey with multiple ups and downs for me. I started this blog 5 years ago, (time flies! you know) and around some time in 2018, I decided on a YouTube Channel. I uploaded some videos and it received a very tepid response. I uploaded a few more videos and waited and I still did not see much change. However, at that time, I committed a big mistake. I stopped and in a way, I quit. That is a lesson for everyone out there. Don’t quit. It takes time, but be there and work on it. Improve yourself and you will see one day that all the hard work you have done will surely result in something worthwhile. I have been working on some personal projects for quite some time now and a lot of them are ready to be launched or I should say in some cases relaunched. Well, the YouTube Channel definitely falls under the second category.  What is this Channel about? This channel is about understanding security concepts in a simple manner. This deals with various domains of CISSP / SSCP and...

What comes to your mind when you think of information security? If you watch a lot of movies, especially the ones involving the CIA, you would imagine a nerd in a basement trying to hack into the world’s most secure places with no life other than that. When it comes to the office, you imagine him to be a nerd ( again!! probably), sitting in one corner trying to protect your corporate infrastructure.  Information security only gets associated with technical stuff such as firewalls, passwords, encryption, and most importantly hacking. Look at most of the job descriptions, and they will always mention the same. A search on the “top skills a cybersecurity leader should have”, results in Simplilearn telling us about network security, cloud security, virtual machines, coding, etc.  These are important parameters but are just a small part of the skillset of information security professional. The MOST and I repeat, the MOST important skill a cybersecurity leader needs is the art of ar...