Rebecca Blair is the author of Aligning Security Operations with the MITRE ATT&CK Framework: Level up your security operations center for better security, we got the chance to sit down with him and find out more about his experience of writing with Packt.
Q: How did you become an author for Packt? Tell us about your journey. What was your motivation for writing this book?
Rebecca: I was approached by a product manager from Packt in LinkedIN, and began a conversation. After putting a lot of thought into, I loved the idea that something I worked on and wrote could help another practitioner, and once I realized, it was just a matter a time for the book to be written.
Q: What is the name of your book?
Rebecca: Aligning Security Operations with the MITRE ATT&CK Framework: Level up your security operations center for better security.
Q: What kind of research did you do, and how long did you spend researching before beginning the book?
Rebecca: For research I relied heavily on my practical knowledge from being a practitioner in building SOC environments. I also used research that I had conducted in the past for conference talks, and refreshed my knowledge on the MITRE ATT&CK Framework.
Q: Do you have a blog that readers can follow?
Rebecca: I do not have a personal blog.
Q: What key takeaways do you want readers to come away with from the book?
Rebecca: I want them to understand the importance of threat modeling, purple team exercises, and processes. Additionally I think it is critically important on how to choose the correct implementations and controls for your environment.
Q: Can you share any blogs, websites and forums to help readers gain a holistic view of the tech they are learning?
Rebecca: I read a lot of the standard blogs, Krebs on Security, Dark Reading, and various blogs from organization’s security researchers.
Q. Did you face any challenges during the writing process? How did you overcome them?
Rebecca: There were various times where life got in the way and I became distracted or faced writer’s block. What would help was taking a temporary step away and focus on something that wasn’t tech related at all. That way I was allowed to have a mental break and then come back refreshed and ready to write.
Q. How would you describe your author journey with Packt? Would you recommend Packt to aspiring authors?
Rebecca: I would highly recommend working with Packt. They provided a support team of project managers and editors that were with me through every step of the writing journey.
Q. Why should readers choose this book over others already on the market? How would you differentiate your book from its competition?
Rebecca: The approach of this book is a mix of practical knowledge and deep dives that include examples that can be directly applied to your environment. The writing style is as if I was talking to a colleague and makes the information very approachable. I believe that this book has the ability to help others who are leading SOC environments and want to mature their organization’s security.
Q. What is/are your specialist tech area(s)?
Rebecca: Cyber Security, Threat Modeling, Secure Operation Centers.
Q. What advice would you give to readers jumping into this technology? Do you have any top tips?
Rebecca: Be curious and always strive for learning more. This book is a beginning or middle to your journey in cyber and by no means is the end goal, so remain curious to continue to grow.
Q. Do you belong to any tech community groups?
Rebecca: Women’s Society of Cyberjutsu, Women in Cyber, Women in Tech.
Q. What’s your take on the technologies discussed in the book? Where do you see these technologies heading in the future?
Rebecca: I tried to be tool agnostic with the exception of the MTIRE Framework, which I believe will continue to evolve as our understanding of the cyber threat landscape continues to grow.
Q. How did you organize, plan, and prioritize your work and write the book?
Rebecca: I tried to think of a logical journey in retaining the information, and built the book structure out that way.
Q. What are your favorite tech journals? How do you keep yourself up to date on tech?
Rebecca: Reading cyber news in some of the blogs mentioned above, networks, listening to podcast, etc.
Q. Would you like to share your social handles? If so, mention them below.
Rebecca: Of course. Here you go: https://www.linkedin.com/in/rebecca–weaver/.
Q: What is that one writing tip that you found most crucial and would like to share with aspiring authors?
Rebecca: Write how you would want to read it.
You can find Rebecca’s book on Amazon by following this link: Please click here
