NerdDual CyberSecurity

DJames617.com HDJames.com Nerddual.com

Harry Dwayne JamesDJames617 is The Ne'er-Do-Well Nerd

Hello there: I am DJames617 the Ne'er-Do-Well Nerd, but you can call me "ND".

ND, Why do you call yourself a Ne'er-Do-Well?

I grew up in Boston's rougher neighborhoods in the 90's. I was always told that I was smart, and that would help me get out of those neighborhoods one day. My problem was I wanted my life to change then. I didn't want to wait for one day to come. I wanted the things the kids that weren't smart had. The kids that didn't even go to school had new sneakers, fresh clothes, money, all the things I didn't have. I was hell bent on getting them too.
I made a fateful decision to stop going to school and started trying to make my dreams a reality. One of the factors in that fateful decision was the fact that I already had 2 daughters by the time I was 17. School didn't seem like the best option for me at the time, although I never lost my love for learning.
Trying to provide for 2 babies when you are still just a kid yourself is stressful beyond belief. It is not a fun ride. There are good times for sure, but the majority of the times were hard. I had to make hard decison everyday. I didn't have many options for making money. People just weren't into hiring uneducated teenagers for high paying jobs. I joined the rest of the Ne'er-Do-Wells that I had passed on my way to school. It was in that environment when people kept commenting on my intelligence I knew I had made some wrong moves, but the kids had to eat. What could I do but be a Ne'er-Do-Well Nerd and hope I can make life better for my kids.
I used to hear people say that the streetlife is the easy way out. Those people have never lived that life. I was constantly in conflict like a small boat in a hurricane. I had to adjust my sails and find calmer waters. I got my hands on an old WANG X386. It was broken so I had to learn how to fix it. When I did go to school I was always in the computer lab. I helped the teacher with repairs on some of the systems so I had a good idea of what to do to get it running.
When I finally got it to boot, it was like a sign from the universe. I followed the sign and I've been working with computers ever since.
Even though I was no longer a part of the Ne'er-Do-Well croud people knew that I once was. The monicker stuck. The only way I could change the way they thought of me was to continue doing well.
Today, I am a Cybersecurity Professional living in the Boston area. I am a recent graduate of Western Governor's University. I have a BSCSIA Bachelor of Science in Cybersecurity and Information Assurance along with 15 active IT certifications from organizations such as CompTIA, Amazon Web Services, Axelos, ISC2, and others.Harry Dwayne James

Ne'er-Do-Well No More

I love to learn. I think that's why I enjoyed the WGU experience. I think WGU is great, but it is definitely not for everyone. One of the most attractive WGU offerings was the ability to do as many classes as I could at my own pace. The more courses I finished in a term, the less the degree costs. I paid less than I would have for one semester at a traditional brick and mortar school. This was a no brainer for me.

That structure allowed me to finish courses at a furious rate. I didn't finish the quickly because the content was easy, I finished them quickly because I was alredy familiar with the content. The hardest part for me was trying to figure out exactly how they wanted me to present the information. The industry certifications that I got as part of my degree were also challenging.

I have been in the IT feild for over 20 years. Some of the concepts were basic to me, but I do remember the first time I tried to ingest some of that stuff. It was hard. Only after using those concepts over and over again did it become familiar.

This is why WGU may not work for everyone. There was no traditional classes. If you need to learn something, you are going to struggle a bit more. I was able to apply my practical knowledge to the course material. If you don't have that experience, the time you spend learning could negate the ability to finish courses quickly. Most people aren't great at teaching themselves complex topics, that's why teachers exist.

The course instructors at WGU are there to guide, not to tell. They are industry professionals themselves and they want you to learn. They will put you on the right track, but do not expect them to directly answer your questions. They will more or less confirm that you are on the right track, but I found getting a concrete answer to "Is this right" to be quite challenging.

People have noticed that I finished quickly and they want to do the same. When they ask me about WGU I tell them I think it's a good idea but don't do what I did. I try to steer them away from the program I completed.

But ND, Why would you do that?

Because the courses will be much harder for them than it would be for me, and I don't want to be blamed when they decide it wasn't the right choice for them. I was talking with family members that just finished freshman year at traditional schools recently. We started at the same time. They are going back to school for softmore year, I had finished. The inevitable conversation of "do you think I could do that?" came up. The answer is usually "Not really."

The answer was no because they wouldn't be able to apply the experience I can to offset some of the coursework. It took me 17 months, 1 week, and three days (give or take an hour or two) to finish 35 classes and earn my degree. I was able to apply the knowledge I've acquired over the last 20 years to test out of some classes completly. Some people have watched a couple of episodes of Mr. Robot and now they want to be a hacker. That's great but, like most things in life; It's not that easy.

WGU offers many different degree programs. If you have a ton of expeirience in a field and want a degree WGU may work for you. If you don't know anything about that field and you are starting from scratch, this may not be your best option. Your success in any of the program offerings is going to depend on your existing knowledge and your overall dedication to completing your program. I wish I had done it sooner but you know what the say; Wish in one hand ... I'm an avid fan of technology, and entertainment of all kinds. I'm not so much a fan of people. I spend most of my time trying to understand things I currently don't; I prefer to ignore the people I don't understand.

People often say "But ND, I don't have to worry about CyberSecurity. That's only for big companies and the government. No one wants my data."

They could continue to think that, but they'd be

WRONG!

Anyone that uses a device to connect to the internet should have security in mind. Ransomware attacks against individuals have been on the rise in recent years. Something simple such as your social media profile could potentially lead to a security related incident if it is not properly secured.

If I had a dollar for every time I've heard that, I'd have quite a few dollars and a little more patience. I just don't understand how so many people continue to think this way. There are regular news stories about data breaches, but people still think it can't happen to them. CyberSecurity has taken a new role in our society. We all have to play a part to make sure we remain safe. There was once a time when securing digital information was only the concerns of IT professionals. Those days are gone and not likely to return. Now that we all walk around with computers in our bags, pockets, and on our wrist; we all have a need to keep our digital information safe.
We are constantly connected. We are connected to our friends and family through social media, we connect to our workplace through VPN, and we connect to our vehicles through bluetooth.
This constant connection provides benefits that were just science fiction a few years ago to those of us that weren't born in the digital age.
It also presents a persistent threat.

We can find the location of loved ones almost instantly. We don't even need to contact them to find out where they are. You can look up the location of their phone using GPS. We watch any TV show we have subscription for in almost any location we have internet access. We can talk face to face even when we are thousands of miles apart using video conferencing. We find people we haven't seen in years with a simple search on Social Media and reconnect just as quickly with a simple message.
These benefits are truly an improvement on the way things were, but in our rush to use these new advantages a lot of people adopted technologies without fully understanding how being constantly connected presents a danger.
We need to take the same steps to stay safe in the cyberspace as we would in the real world. You wouldn't tell strangers your deepest secrets usually, but setting your Social Media profile to public will do just that. A little information is all a threat actor needs to do a lot of damage.
There was once a time when a threat actor needed to be reasonably close to you to cause you harm, unfortunately, those days are also gone. You can be robbed by someone sitting in a chair halfway around the world. You wouldn't know until it is too late. The damage is not limited to the cash in your pockets either. A digital thief can potentially steal everything you have, including your identity.

Blame IP

Let's face it. The IPhone changed everything. The first 2 letters of that device says it all IP. Almost every other device soon followed. The Internet Protocol is the primary protocol responsible for keeping everyone and everything connected. The Internet Protocol is a set of rules that devices use to communicate with each other. Communication is possible as long as both devices adhere to the rules. Because the rules are well known, they can be circumvented. We went from using devices that let us communicate with each other to devices that keep us connected to the internet. IP is very efficient at what it does. It establishes the connection and makes sure the message gets delivered. IP does not care if the person receiving the message is authorized to do so, it only cares that the message is delivered.
In many ways the IP protocol is like a postal worker. As long as the mail is delivered to the correct mailbox the job was done correctly. The postal worker is not responsible for making sure that the person retieving the mail from the mailbox is the person that is supposed to do so. Since security is not inherently built into IP communication, it is up to us to change our mindset about how we communicate. We have to lock our own mailbox. The postal worker is not going to do it for us.
Every piece of information coming to and from your device can be captured and read. The only thing a user can do to effectively limit this snooping is encrypt their transmissions. Encrypting is the process of scrambling data so that it is unreadable without the correct key. When data is encrypted it will be useless to anyone except the person with the correct key. Most modern operating systems offer some form of encryption. If you are not using it now, start immediately. This is your first layer of protection against threat actors.
When using the internet to communicate keep this in mind...

A little about Encryption

The two most common types of encryption algorithms are symmetric and asymmetric.
Symmetric encryption, also known as a shared key or private key algorithm , uses the same key for encryption and decryption. Symmetric key ciphers are considered less expensive to produce and do not take as much computing power to encrypt and decrypt, meaning there is less of delay in decoding the data.
The drawback is that if an unauthorized person gets their hands on the key, they will be able to decrypt any messages and data sent between the parties. As such, the transfer of the shared key needs to be encrypted with a different cryptographic key, leading to a cycle of dependency.
Asymmetric encryption, also known as public-key cryptography, uses two separate keys to encrypt and decrypt data. One is a public key shared among all parties for encryption. Anyone with the public key can then send an encrypted message, but only the holders of the second, private key can decrypt the message.
Asymmetric encryption is more expensive to produce and takes more computing power to decrypt because the public encryption key is often large, between 1,024 and 2,048 bits. Asymmetric encryption is usually not suited for large packets of data.
Encryption is just one thing you can do to keep your cyber self safe. Unless you take the necessary precautions, any internet connected device is just waiting for something to connect to it. If this is an authorized user then great. If it is a threat actor, then bad things can happen. When you are asleep, your device is still up and connected. You know who else is still up and trying to connect? The bad guys, that's who.

The New Normal

If any of the terms in this text are unfamiliar congratulations, you are completely normal. I don't think this is the way it should be. I'm going to do my best to change this normal. The way the world communicates has changed very drastically in a very short amount of time, and It's NOT going back to the way it was unless we have a global catastrophe, aliens come to earth, giant meteor strike, or some other horrific event that wipes out technology.
Most people are not able to keep up with all the changes and updates required to stay safe in the digital spaces of our lives and threat actors are taking advantage of it. That is why I never stop learning about technology.
For over 20 years my mission has been to make computing easier and safer for everyone I work with. This has left me well versed in security protocols ranging from risk assesment and categorization, vulnerability identificaiton and monitoring, to threat detection and remediation.
What can I help secure for you?

HDJames.com DJames617.com
Nerddual.com