Recently, a colleague told me that while at a party with a group of friends, they concluded that instead of asking a “pretty woman” to dance or talk to, it was better to opt for a “less attractive woman” since the probability of being rejected by a “pretty woman” was…
In the first part of this series, we explored the importance of lessons learned. In this post, we’ll focus on what organizations need to effectively implement this process and continue with the example of a burglary in my childhood home to illustrate the design of a lessons learned document. The…
When I was a child, my parents built a very humble home—what we call “unfinished construction”—in a neighborhood in the south of Bogotá. It was Christmas Eve, and we were filled with joy at achieving our dream of owning our own house. However, just a few days later, while we…
As I mentioned in previous articles—and this is my personal opinion—the ones who should be paying for certifications and even professional memberships are the employers. After all, they’re the ones with the resources and ultimately the ones who benefit most. In some of the companies I’ve worked for, employers offer…
Security/Technology Certifications: Are They Worth It? – Part IIIIn 2018, I began to see the horrific reality of certifications. The “successes” I had achieved and the transformation of my professional “profile” began to attract the attention of my employer, recruiters, and other companies… Unfortunately, the intentions weren’t entirely positive. My…
The truth is that the industry has lied to us about the value of certifications. No one cares if you’re CEH, CHFI, or ISO 27001. An average “certification” course in security costs around USD $1,000 — that’s equivalent to three legal minimum monthly wages in Colombia. On top of that,…
In 2013, I earned my first certification in Digital Forensics. For that first achievement, I had to make a significant investment — take a 40-hour course, study for a couple of weeks afterward, and finally take the exam. Was it worth it? No. In the following years, I shifted my…
One of the most common questions I get from friends and students is, “How can I learn security?” In this article, I’ll explain three resources I consider essential. 1) The Security+ Study Guide by Darril Gibson and Joe Shelley: Darril Gibson’s books focus primarily on preparing for one of my…
The Importance of a Career Plan in Security and How to Create OneFor a few years now, every January 1st I’ve spent a couple of hours planning what I want to learn over the next 12 months. This simple but effective activity helps me define my goals, define a clear…
This is one of the questions that those of us who work in information security have probably asked ourselves at some point, and those in other areas of knowledge may ask themselves when they find this field attractive for professional development. For some, starting out in information security may have…
And if you’ve visited 85bits’ educational services, you’ve seen us talk about Obukas, and perhaps you’ve wondered what that is. If you’re a little curious and have some time left, you Googled it to search for the term (as happened to a friend we were talking about).But if you didn’t…