The submissions for this assignment are posts in the assignment’s discussion. Below are the discussion posts for Richard Bocchinfuso, or you can view the full discussion.
Hello all, full disclosure, I spend my days writing code and automating repetitive tasks. Introductions in this context are a repetitive task so those who have been in prior classes with me have seen some variation of the introduction below. Need to read on; questionable. 🙂
My name is Rich Bocchinfuso; I hold a BS in Computer Information Systems and I am pursuing an MS in Information Technology with a specialization in Cybersecurity at Florida Tech. I am 45 years years old and have been in technology for ~ the past 23 years, and I am lucky in the sense that my career as a technologist and developer is also my passion because I spend 10 to 15 hours a day in front of a computer. I live in New Jersey and work in from somewhere in the world on any given day (flying over 100K miles a year that is probably the best way to describe it). I am married to my amazing wife of eighteen years, Gwen, and we have two little girls Maddy who is thirteen and Eden who is seven. Both my wife and I are originally from Pennsylvania, but we have made in New Jersey our home for the past twenty years.
My desire to attend graduate school is driven by personal fulfillment as well as a desire to develop skills which will allow me to grow professionally. My goal is to complete the master’s program in information technology with a specialization in cybersecurity and to make practical use of the academic skills I acquire. I am a driven self-starter who is committed to achieving my educational and professional goals. With the half-life of discrete technical knowledge shrinking I have been leveraging learning platforms such as Coursera, edX, Udemy, CloudAcademy, Pluralsight, CBT Nuggets, Codeacademy, SoloLearn, PentesterLab and others for years to combat mental atrophy. I regularly listen to and watch podcasts, and read industry publications and whitepapers to stay abreast of industry happenings.
For as long as I can remember I have loved tinkering and it is this love of tinkering that became the basis of my love of computing and technology. Over the past twenty-plus years, I have invested an immense amount of time honing my craft. I am an avid maker; I enjoy building things, writing about and sharing what I create. For the past ten years, I have been maintaining and sharing my ideas via my blogs:
- My blog: http://gotitsolutions.org (Links to an external site.)Links to an external site.
- My website: http://bocchinfuso.net (Links to an external site.)Links to an external site.
(Links to an external site.)Links to an external site.These two sites pretty much tell my story.
I am an analytical person who enjoys making decisions rooted in empirical data, and I am an INTP (https://www.16personalities.com/profiles/57648d209ea7b (Links to an external site.)Links to an external site.).
This is my tenth course in an elven course program, next stop for me a PhD program. I am happy to be part of this class, and I look for to sharing this learning experience with all of you.
BTW – If anyone happens to be in Vegas this week at VMworld DM on twitter (@rbocchinfuso) and let’s grab a cocktail.
Brian, nice to virtual meet you. Parenting the hardest and most rewarding job on the planet, not sure if I’ll ever consider myself accomplished. I have my fingers and toes crossed that I feel good about what I accomplished at the end of the rainbow; if parenting has taught me anything it’s there is a lot in life that is outside your control.
This week I had the honor to see Malala Yousafzai (Links to an external site.)Links to an external site.speak and it was truly amazing. Her parents set the bar pretty high. Such an amazing young woman.
I’ll be honest I don’t love InfoSec focused podcasts. I do on occasion listen to Down the Security Rabbithole (Links to an external site.)Links to an external site., if it’s a topic I like.
I read the Kerbs on Security blog (Links to an external site.)Links to an external site. regularly.
While not security focused, I suggest checking out Datanauts (Links to an external site.)Links to an external site..
I like Tim Ferriss, I listen to the Tribe of Mentors podcast regularly.
I listen to quite a few other tech-related podcasts, most notably a16z, The Cloud Cast, The HOT Aisle, PodCTL, Hak5, Talk Python to Me & AWS Podcast.
Others Tim Ferriss like podcasts I like include Rocketship, Masters of Scale, StartUp and The Pitch.
Links to most of these podcasts, if your interested can be found here (sorry, got tired of creating the hyperlinks): http://bocchinfuso.net/index.php/links/ (Links to an external site.)Links to an external site.
Scott, good to see you again. Hope things are going well with the new house. I am still in Vegas, feel like I’ve been in a time warp for a week. I am probably here six times a year, six times too often, if every conference was moved somewhere else I would be good with it. Luckily tonight I have no commitments, so room service, peace an quiet is on the agenda.
My normal travel routes take me to EWR (home), LAS, SFO, LAX, AUS, CMH, and DUB on a regular basis. Would be great to grab a beer or two sometime.
Glad you like my posts, I like to write so I do. Spent most of this week writing and here I am still writing. If you are interested here is my first blog post from VMworld: http://gotitsolutions.org/2018/08/30/vmworld-2018-goodness-and-the-purpose-motive/ (Links to an external site.)Links to an external site.
I have 3 others which I have to complete so they can be published but shifted gears because I was getting writer’s block.
We’re nearing the end. Good luck with this class.
Carmeshia, good you see you again and thanks for the kind words. Gotta convince my family to say goodbye to me for 3 more years, the toughest part of adult education.
Tech is the type of business where you have to be committed to learning forever, I’ve enjoyed the program because it helped me push into areas I wouldn’t go on my own and I have leveraged a lot of what I have learned. For instance, the Org Behavior class wasn’t my favorite but I have you the motivation theory in like six presentations.
Having had the please of seeing Malala YousafzaiLinks to an external site. speak this week, it really drives home how powerful education is, and how threated some are by it.
Good luck in the class.
Scott, tech is used to HR nightmares, somehow it’s gotten worse, not better I am sure HR would have no time to worry about you. Wanna have your mind blow, read Brotopia (Links to an external site.)Links to an external site.. The world seems to be getting stranger and stranger with each passing day.
When you get your first Cyber Security gig were gonna meet at DerbyCon by far the most fun InfoSec conference out there. Check out the Hack My Derby Contest, 7:00 minutes into this video: DerbyCon 6.0 2016: Hack My Derby Contest – Hak5 2105 (Links to an external site.)Links to an external site.
Carmeshia, I think I am one of the few people I know who still builds their own PC. I have been a Linux user on the desktop since the early 90s, and the circles I run are full of propeller heads, but the entire industry has moved away from hardware towards software, people just want a hardware platform that is stable, the Mac w/ macOS which is really just BSD (Darwin (Links to an external site.)Links to an external site.), the cloud, etc. As a Linux user, I have never really seen the point in overpaying for an Intel-based machine with metal case, I say this as I type this post on my Pixelbook. 🙂 I think Google will give Apple a run for their money as they have built a great hardware platform that makes it easy to support ChromeOS, Android and Linux apps, and soon it looks like they will support Windows on the bare metal. The cloud has really changed the PC market and I feel we are just at the beginning, from an applications perspective like Google Docs and Office365 and from a security perspective as well as more and more desktop security applications leverage the cloud and data captured a network of connected endpoints.
I recently finished a Coursera course entitled Usable Security (Links to an external site.)Links to an external site., the course focused on the balance between security and human-computer interaction, security has to consider human-computer interaction to drive adoption and adherence; when security measures impede progress users will spend more time working around security measures, often creating greater risk.
Coursera. (n.d.). Usable Security. Retrieved September 2, 2018, from https://www.coursera.org/learn/usable-security
Feeling a bit dense here, posted my “Introduction” and “Information” week one discussion post without realizing that the “Information” side of the post should have been a commentary on the “Information” lecture. I will chalk it up to a long week, adding my “Information” commentary below.
I’ve spent 18 years of my 25-year career in the information storage and data protection space. Over this 18 years, I have focused on primary, secondary and tertiary storage platforms with careful attention paid to data classification for the purpose to determine the appropriate architectures to satisfy data protection (replication, backup, etc.), performance, encryption, etc. requirements. Data classification has always been and continues to be an essential aspect of what I do. For years I have classified information to determine RPO (Recovery Point Objective) (Links to an external site.)Links to an external site. and RTO (Recovery Time Objective) (Links to an external site.)Links to an external site.. Today with the emergence of the cloud we organize data to assess where to place it in the cloud. Does the data need to live on block storage like AWS EBS; can the data live on object storage like AWS S3 (Links to an external site.)Links to an external site.; does the data require eleven 9s of availability; is reduced redundancy storage (Links to an external site.)Links to an external site. with four 9s of availability acceptable; does tiering to long-term archive storage like AWS Glacier (Links to an external site.)Links to an external site.work; is encryption needed; at what level does the data need to be encrypted; what is the key rotation strategy; what key management system should be used, etc.
Data and information classification is key to balancing capability and cost. As we experience greater data sprawl with the increased adoption of Hybrid IT (hybrid cloud) and multi-cloud provider strategies, data governance becomes even more critical. We are all seeing the impact of privacy regulations like GDPR (EU General Data Protection Regulation), just about every website we hit today requires explicit consent to cookies, the result of GDPR. (Irwin, 2018) There is no end in sight to the amount of data we are creating and we can expect the need for information classification and security to increase exponentially.
Henning, R. R. (n.d.). Information. Retrieved September 2, 2018, from http://learningmodules.bisk.com/play.aspx?xml=L0Zsb3JpZGFUZWNoTUJBL01HVDUxNTUvQ1lCNTI3NU0yVjEvRGF0YS9tb2R1bGUueG1s
Irwin, L. (2018, August 16). How the GDPR affects cookie policies. Retrieved September 2, 2018, from https://www.itgovernance.eu/blog/en/how-the-gdpr-affects-cookie-policies