by Fuel HQ
Fuel Original Member Spotlight
The Fuel Original Member Spotlight is a regular series on the Fuel for Thought blog, highlighting inaugural members of Fuel who joined the community in 2015. Each spotlight sheds light on a Fuel member’s background, industry experience, and shares some little-known facts and interesting member stories.
Ramon Hermida, Senior Network Security Analyst for the University of Texas - Pan American, started his first job with an official cybersecurity title in 2005, and has worked in many aspects of cybersecurity since January 2000. He even played a key part in detecting the "Code Red II" worm in 2001 in his company's networks. Ramon has worked with Palo Alto Networks technologies for 3 years, holds a Palo Alto Networks CNSE 4.1, and has held a CISSP certification since 2012. He’s currently working on re-certifying as a CNSE on the current firmware version, and is looking into the CEH (certified ethical hacker) certification as well. Learn more about Ramon’s experience, his thoughts on the Fuel community and why Threat Intelligence-driven Security Maturity Models are the next big thing.
Are you a morning person or night owl?
Morning person by necessity, in order to get a 20-mile bicycle ride in before work, but naturally a night owl.
Piece of technology you can’t live without?
Favorite ice cream flavor?
Cookies and Cream.
Preferred social media platform? Can we find you there?
What was your first job?
My first full-time position right out of college was as an internet applications developer with major emphasis on Linux and Perl scripting. Even back then I was already veering towards cybersecurity. One of the first tasks we had to do there was install Linux to use as a development and desktop environment. I remember endlessly bugging my co-workers about how to properly secure it, too. This ultimately paid off, as the company's network got hacked a week later. My desktop machine remained intact due to the security measures I had deployed on it.
What is your go-to news outlet that you read, watch, and/or listen to for industry news?
SANS Internet Storm Center Daily
Krebs on Security
Secure Works Threat Analyses
Security Intelligence Blog
Twitter - I follow key cybersecurity researchers, and find lots of information there too.
Trend in cybersecurity that excites you most?
Threat Intelligence-driven Security Maturity Models. As the cybersecurity field matures, we are seeing a shift off compliance and paperwork reporting models, over to models of "continuous monitoring" that provide strategic and ongoing awareness of security, vulnerabilities and threats to our organizations. Threat Intelligence models go a step further by placing added emphasis on prevention, detection, and how to properly respond and recover to ongoing security threats.
What’s your “How I saved the day” story?
The story that comes to mind is when one of our main websites was compromised. It was quite remarkable to observe the initial reconnaissance probes followed by the actual exploit being deployed on the website through the eyes of our IPS and other cybersecurity measures. Obviously, the measures had failed to prevent the attack; however, this experience allowed us to test the effectiveness of our Incident Handling and Response plans in a very real-world scenario. The experience also allowed us to recover from the breach with minimal downtime, and to correct the lapse in our current measures that ultimately strengthened our security posture.
Favorite part about being a Fuel member?
Being able to do information-sharing and networking with fellow-minded security professionals. As security professionals, we are all looking at similar issues, and what better way to be able to communicate with folks that have already deployed significant solutions.
What do you hope to get out of Fuel?
I hope to tap into the knowledge-base that Fuel members can provide, and to collaborate with others to further develop solutions in the cybersecurity field.