June 22
Cyber Intelligence 2.0. What I strive for
This text is not the ultimate truth; it is merely an expression of my professional worldview and my goals in my profession (I am a nerd, and I am also interested in this, and I do it for fun).
Share your plans for professional training and your vision!
- There are proven algorithms for solving routine tasks.
- However, in the event of non-standard deviations, new algorithms and methodologies are quickly selected and created, combining different techniques (scraping, social network analysis, named entity recognition, machine learning, etc.).
- Quickly adapts to changes: closure of one collection channel, emergence of new regulations, API updates, etc.
- When writing scripts and small utilities for themselves: they automate repetitive steps, integrate different APIs and services into a single pipeline: for example, collecting and parsing data on a schedule or downloading files, processing and cleaning data, and then combining it.
- Integration from a conditional X API with the addition of data from WhoIS and OSM if necessary.
- They save their work in the same Git, which, if necessary, is ready for quick refactoring and scaling.
3. Deep subject-specific and regional expertise
- This is if you have worked/are working in many countries or have dealt with highly specialized topics (as I did with aviation parts).
- Master the subtle nuances of the language (for example, know that it is better not to use current Arabic translators, as they do a VERY poor job), culture, and local legislation in the context of information gathering, and be able to “read between the lines” in specific sources (forums, messengers).
4. Extensive and active networking
- Maintain contact with colleagues from other teams and countries, participate in conferences and various forums.
- Exchange life hacks, quickly find experts in narrow fields to obtain unique information.
- The more sources you have, the more likely you are to find the necessary information that cannot be found in open data.
- Be able to work with large volumes of unstructured data (parsing, NLP, ability to work with Excel (no jokes!!!)).
- Visualize conclusions for convenience. Some diagrams are so huge that an outsider looking at them will not understand anything. Maltago, mind maps — it doesn't matter what you use to create them.
6. Abstracting from the personal + verification
- Doubting the “obvious,” correctly testing hypotheses, attempting to refute your own hypotheses to avoid conditional “tunnel thinking.”
- Ability to correctly structure verification, including with the help of resources that specialize in this.
- Keep track of new tools and trends in the world of cybersecurity and OSINT, learn new languages, tools, and methodologies in a timely manner.
- There is a lot more that could be said here that is not very legal, because there are many methods for expanding your information gathering skills.
8. Stress resistance and persistence
- You need to be prepared to spend hours digging through “junk” or routine/uninteresting data until you find a valuable piece of information. But it is important to remember that this depends on the feasibility of the task.
- Don't give up on a task at the first sign of failure, but try to find new approaches and entry points.
- The era of close cooperation with AI has already begun. You need to adapt to this and, in order to optimize your work, share it with AI, knowing your strengths and weaknesses and those of AI.
- Personally, it bothers me a little when I am given a task, but there are no tools, no open information, literally nothing. And I try to do something about it. Several times I even succeeded. For me personally, it is important to solve such problems.
There may also be a point about ethics and legality, but it depends on where, how, and what you are working on.
There could also be another point 11 about implementation, but that requires a lot of work, i.e., field practice and a great deal of knowledge/practice in general.