Welcome to our new series, where we provide a peek behind curtain and spotlight the people who power Oracle Dyn’s network and security operations centers.
Edvinas Dicevičius is a security operations analyst at our security operations center (SOC) in Lithuania. Here, Dicevičius talks about his career as a SOC professional and shares some real-world advice.
How did you become interested in a career in security operations?
I started growing my interest and love in cybersecurity very early in my life, somewhere around 14 or 15. The start was a basic hunger for knowledge of how stuff works on the internet, and it grew to becoming a white hat hacker.
Once I started to discover vulnerabilities in the websites I used day to day — and seeing improvements made to these websites because of my discoveries — it really drove me to improve and make the everyday user be safer from black hats.
What’s your favorite part of your job?
My favorite part of the job is to mitigate the attacks that require some thinking in order to stop them. Challenging tasks in general are the most loved from my side.
What do you like to do outside of work?
I’m very interested in car sports, like drifting, or cars in general. Cars are my escape from all the stress in life. You just sit in your car and drive while listening to music as a relaxant late at night when there is no traffic.
If I wasn’t working on a SOC, I would be …
… probably a car mechanic. This comes from my love of learning how things work. Every system in the car, like the engine, transmission, suspension, etc., is very flexible, and you can modify it to suit you best. This can be comparable to the internet or a computer, where many systems come together to serve the user.
What makes a good SOC professional?
A person who can react to challenging situations fast and with a clear mind. A person who can communicate with all co-workers and especially customers. A SOC professional should also have a hunger for more knowledge. There is always room for improvement.
What’s the most important thing to keep in mind when you’re under attack?
DO NOT PANIC! Panic makes you make mistakes and can cause even more damage to products or services. From the customer side, it’s hard to say, “Just keep calm.” So I would suggest jumping on a call with responsible people and communicating as much as possible, giving as many details as you can so engineers can identify vectors to mitigate on. Communication is the key.
What are some emerging threats you’re seeing more of these days?
Bots are getting more and more advanced. They are advancing in hours, rather than days or weeks. It’s getting harder and harder to detect sophisticated bots, but we are doing an amazing job and always going a couple of steps ahead of them.
What security concerns should CIOs have when moving to the cloud?
Always make sure that traffic and logs are guarded behind 20 layers of security. In other words, make sure that company you are trusting to protect you won’t do the opposite. Also, if you have any feature request, do not hesitate to ask your vendor to implement it. New features and ideas are always welcome.
What’s the biggest mistake you see companies make regarding cloud security?
Trusting their security provider to do everything. Two sides need to work together to ensure the best possible security. Our task as a provider is to make sure you would not need to think about it while we guard you, but sometimes we can’t act without clients’ help. Additional information may be required in order to perform mitigations. Do not start blaming. Every issue can be solved by communication.