I would like to say this is my
last time every submitting an assignment, but that would be a lie. I still have
10 weeks or two more classes until I will be done and have graduated with my master’s
degree. I can say the last ten classes have been challenging and they have
helped me to be a rounded cybersecurity professional. This class has been the
most challenging out of all the ones I have taken. I wish this class would have
been in class and not online, but I guess that option was not available. Seems
like a lot of students are taking online classes, so they don’t have to drive
to class.
When Coach says to take this course
last, he is absolutely correct. I only have two electives left and all the core
classes completed before I took this one. I can see why the other classes are
needed because without those skills, this class would be near impossible. The
other classes help a student build on the Harry and Mae’s case study and this
class is the finish of the case study. Current trends helps a student understand
threat modeling and how a cybersecurity employee can find threats in an organization.
Since this is a master’s class
there is no guidance on how to do the assignments. This is to replicate what it
would be like in an actual job. Your manager will ask for a report of vulnerabilities
and ask you to send it to the executives for a meeting they will be having. To
be honest I have had this happen to me several times and I was not always
prepared for it. This class has taught me what executives are looking for in a
powerpoint presentation and a report, so I’m a bit more prepared in my job.
The most difficult part of the
course was understanding and identify threats with the Microsoft STRIDE model. I
had last used this in the risk class over a year ago, so I had to go back and
brush up. The good thing is there are plenty of articles out on the internet
explaining Microsoft STRIDE and what it does. After spending several hours
researching and understanding STRIDE it made the class much easier. Once that
core concept is understood the next challenge is writing reports for the
executives. When writing reports for the executive there is a style a person
needs to follow and it can be hard to do that. When a person is use to writing technical
reports then switches to writing executives reports it is a struggle. It took a
lot for me to go back and re read my reports and correct wording that was technical
and not executive wording.
I would have liked to spend
more time reviewing other students work. The reason for this is I like to see
how other people handled the assignment and the format of the assignment. I
also liked reading and making corrections because it gave more eyes than just
the professors. I got great feedback from my classmates on items that I needed
to change or add. This feedback allowed me to modify my assignments and make
the changes for my later assignments.
Overall this class has been a
great experience in understanding threat modeling. Threat modeling is a skill every
cybersecurity person should have because without it a person would be chasing
their tail. Since threat modeling is a skill, a person needs to keep up that
skill with practice. I hope I’m able to keep practicing threat modeling after
the class and I also have a good book to keep as a reference. Thanks again
Coach see you in the next class White Collar Crime.
