Author: Daniel Rodriguez

The ingredients for the lessons learned session

In the first part of this series, we explored the importance of lessons learned. In this post, we’ll focus on what organizations need to effectively implement this process and continue with the example of a burglary in my childhood home to illustrate the design of a lessons learned document. The Importance of a Policy In […]

And the lessons learned?

When I was a child, my parents built a very humble home—what we call “unfinished construction”—in a neighborhood in the south of Bogotá. It was Christmas Eve, and we were filled with joy at achieving our dream of owning our own house. However, just a few days later, while we were sleeping, some people broke […]

Security/Technology Certifications: Are They Worth It? – Part IV

As I mentioned in previous articles—and this is my personal opinion—the ones who should be paying for certifications and even professional memberships are the employers. After all, they’re the ones with the resources and ultimately the ones who benefit most. In some of the companies I’ve worked for, employers offer to pay for certifications in […]

Security/Technology Certifications: Are They Worth It? – Part III

Security/Technology Certifications: Are They Worth It? – Part IIIIn 2018, I began to see the horrific reality of certifications. The “successes” I had achieved and the transformation of my professional “profile” began to attract the attention of my employer, recruiters, and other companies… Unfortunately, the intentions weren’t entirely positive. My certifications began to be used […]

Security/Technology Certifications: Are They Worth It? – Part II

The truth is that the industry has lied to us about the value of certifications. No one cares if you’re CEH, CHFI, or ISO 27001. An average “certification” course in security costs around USD $1,000 — that’s equivalent to three legal minimum monthly wages in Colombia. On top of that, some require annual membership fees […]

Security/Technology Certifications: Are They Worth It? – Part I

In 2013, I earned my first certification in Digital Forensics. For that first achievement, I had to make a significant investment — take a 40-hour course, study for a couple of weeks afterward, and finally take the exam. Was it worth it? No. In the following years, I shifted my focus — mainly because security […]

3 resources to learn security concepts

One of the most common questions I get from friends and students is, “How can I learn security?” In this article, I’ll explain three resources I consider essential. 1) The Security+ Study Guide by Darril Gibson and Joe Shelley: Darril Gibson’s books focus primarily on preparing for one of my favorite security certifications (Security+); however, […]

The importance of a career plan in security and how to create one

The Importance of a Career Plan in Security and How to Create OneFor a few years now, every January 1st I’ve spent a couple of hours planning what I want to learn over the next 12 months. This simple but effective activity helps me define my goals, define a clear plan with activities, resources, and […]

Services

Information security training – cybersecurity
Incident response tabletop
Threat Hunting Exercises
Incident Response
CISO+ as a Service
Information security awareness programs

About 85bits

Contact

Linkedin X-twitter Youtube