Biography
--
The moment I graduated from school and received my diploma in accountancy, I received a job offer to start as a junior system and network administrator. Simultaneously I got introduced to the world of cybersecurity. However, back then things were not as complicated as they are today. Like any other system and network administrator, I implemented various security controls like firewalls, IDS/IPS solutions, and anti-virus solutions. And sure, from time to time I needed to deal with a security incident, luckily mostly virus related. But it got me thinking.
Why is it so problematic to design, implement, and maintain a secure environment? Is a secure environment really a utopia?
Okay, true you can only invest your money once, and budgets are not unlimited. But what about the cost of downtime caused by a security incident? Or the cost of remediating the security incident? Okay, I recognize that a company needs to make money to keep the shareholders satisfied, but the shareholders will be extremely disappointed if the company is severely affected by a security incident.
Just an example, companies took the Y2K bug really seriously. But that bug will in fact occur in the year 2049. And not as predicted on January 1st, 2000. Why? That answer is a bit technical and nerdy. Beneath the hood, most applications will save date and time values as a 16-bit integer value. This system is borrowed from Unix/Linux. In Unix/Linux date values as stored as EPOCH values. The EPOCH value is a 16-bit integer value. And they took ‘January 1st, 1970 00:00:00.000’ as EPOCH value 0. If you do 2^ ¹⁶ you get 65,536. Once 65,536 days have passed since January 1st, 1970 the system will restart at zero if properly coded or crash and do something else. This is the true Y2K bug.
Medium publications
As time passed, both the IT industry and I matured and gained more insights. That is the reason why I started the blog channel ‘Tales of a security professional’. A channel where I can share my experiences and raise awareness on various topics as I see fit so others can learn from my knowledge and experiences.
