Daniel's Digital Lab

This is where Daniel publishes all his cybersecurity findings, projects, write ups, and interesting thoughts. Along with any news or helpful resources he may find.

By

Daniel

Finished 3 month Internship with SecureWon

Recently I took on a 3 month long internship with an MSSP called SecureWon. I really enjoyed the company and the work that we were doing. SecureWon’s main goal was to assist organizations such as school and educational facilities with tech management and Cybersecurity. My role was that of a Network Security Engineer and I was assigned to work on client remediation and vulnerability management. I committed to everything from threat hunting to GRC plan generation. I was really in a role where I got to touch a lot of different aspects of the business which I found extremely helpful and made for an amazing internship. I talk about it on the front page but I’ll talk about it a bit deeper here. After a 2 second google search you can find the following information formatted poorly. I formatted it really nice for you though and I don’t have ads.

In Governance, Risk, and Compliance (GRC), Disaster Recovery (DC) focuses on restoring IT systems and data after a disruption. Business Continuity (BC) focuses on maintaining critical business functions during and after disruptions. Incident Response (IR) focuses on addressing specific security incidents like data breaches. 

Here’s a more detailed look at each:

  • Disaster Recovery (DR):This focuses on restoring IT systems and data to operational status after a disruption, whether it’s a cyberattack, hardware failure, or natural disaster. A well-defined DR plan outlines how to quickly recover critical IT infrastructure, applications, and data. This plan helps ensure that the organization can resume operations with minimal downtime and data loss. 
  • Business Continuity (BC):This is a broader strategy that focuses on ensuring the overall business continues to operate during and after a disruption. It involves identifying critical business functions and processes, developing plans to maintain operations, and ensuring the organization can continue to meet its obligations. BC plans often include strategies for alternative facilities, data recovery, and communication protocols. 
  • Incident Response (IR):This is a more specific plan that focuses on responding to and mitigating specific security incidents, such as cyberattacks, data breaches, or ransomware attacks. IR plans define roles, responsibilities, and procedures for identifying, containing, eradicating, and recovering from security incidents. They often involve a dedicated IR team trained to handle specific cybersecurity risks. 

I created a template document for each strategy/plan listed above for SecureWon’s use. These template documents were made in a guided questionnaire format. This was intended so that the document could be sent to a client who could then fill out the document in a way where we would then understand the client’s systems and needs and the document would help the client translate that to a plan all under one document. The client would then send the document back and we would be able to tweak their plans as needed.

I also carried out threat hunting and vulnerability remediation for clients. This gave me a wealth of experience on understanding how best to track the vulnerabilities that just are not found by automated testing systems. The vulnerability remediation also gave me a great knowledge base for powershell scripting and I was able to spend time learning about common high impact network vulnerabilities that plague more companies than need be.

Share

About the blog

If I see something cool, learn something new, or complete an interesting project that I believe is worthy of being posted and shared with the world it will see the light of day here.

Get updated

Subscribe to my newsletter and receive an email about each new post I make.