During my second 50 hours as an intern for GFT, I have been given the opportunity to
go to SCADA systems and interview operators and security experts, gain knowledge on
common utility software, and use compliance standards to complete tasks.
I have had the opportunity to meet many fascinating people with decades of experience
in both physical and cybersecurity. I met a physical security specialist named James.
He helped develop groundbreaking technology such as the 4-way camera that captures
more angles. He also helped program some of the movement detectors and much
more. By being able to talk with him I learned all about the ups and downs of his career
and how he got to where he is. He also did a small presentation on how physical and
cybersecurity are intertwined in the overall world of security. Where you need both to be
successful.
The value of always striving to be better and staying curious are the most important
things I learned in my second 50 hours interning at GFT. I was able to meet and work
with a cybersecurity professional named Gus. Gus has been in cybersecurity for over 20
years and has his CISSP certification. He told me his best tips to become a successful
cybersecurity professional. The one he emphasized was to stay curious and to always keep on learning by demonstrating what tasks and learning he does on the side to
consistently sharpen his arsenal of knowledge. Then he showed me an asset inventory
spreadsheet on Excel with the subnets and devices laid out. These sheets had various
kinds of information such as what operating systems, protocols, coordinates, and
information is exchanged on each device. He then gave me access to the folder so I
could research it further and then he set up a meeting where I could address more
questions I have with him.
The most valuable project I was assigned to complete was being tasked with
researching and writing reports for multiple different types of software used by the
electric water utility we are consulting with. In the process, I got to learn about software
platforms like Powerbase, IRIS, and Documentum (D2). While doing the research, I got
to see more in depth how these software’s are used to adhere to the compliance
standards enforced by our government today. Then I was able to take this knowledge I
found and work with a group of professionals on what questions we can ask to verify
how the electric water utility utilizes them and what recommendations we can make.
Another project I had the opportunity to work on is a secure document handling report.
This allowed me to take knowledge I have learned, while also introducing new concepts
to create a draft of a secure document handling report. While this was super valuable,
the even more beneficial part was to be able to be in a meeting where experienced
professionals analyzed it. They helped me see where I did a good job, and where I had
room to improve. Their positive attitudes and willingness to teach turned what I thought
was going to be a dreadful meeting into a great learning experience. Overall, the second 50 hours with GFT were super productive and helpful. Even though
there were moments when I felt anxious about whether I was doing the right thing, the
professionals around me made sure to keep me on the right track and provide
assistance when I needed it. After getting through the period of learning the operations
of GFT, it was nice to really be able to dive into the challenges that comes with doing
field work. I am looking forward to taking on more tasks in the upcoming weeks and
continuing to learn from the people around me.