Little does the Information Security community know, but among us are experts at OSINT. They lurk behind friendly faces, waiting to be asked questions. Some even are or used to be librarians!
Tracy Maleeff (@InfosecSherpa) was a professional law librarian and at the top of her game. Looking for change and meaning, she searched until she found the field of Information Security. This is her journey.
Tracy Z. Maleeff (/may-leaf/), @InfoSecSherpa, is an independent information professional providing research and social media consulting with a focus on information security. She is a frequent presenter on best practices of data mining from social media, professional networking, and introduction to information security topics. Tracy has 15 years of experience as a librarian in academia, corporate, and law firm industries and earned a Master of Library and Information Science from the University of Pittsburgh. She is the Principal of Sherpa Intelligence LLC–your guide up a mountain of information.
There is a condition called the "Librarian Face"
Librarians who have a Master's Degree in Library Science are taught to be approachable
Was never a public librarian; she worked in "special" libraries. This made her really good at finding and accessing data
Tracy shares some social engineering tricks she did earlier in her life
Didn't grow up with computers around her
Advice: "Know yourself"
"If you are out in public… people are likely [going] to come ask you questions because you look like you know things."
"I did fail, but I did not fail as badly as I thought I would!"
"I don't regret the path that I took."
"For someone like me who does come from a technical background... having the certifications is what people want to see."
"They need to see some receipt!"
"Even if it turned out to be nothing, don't be afraid to speak up."
"I don't think I realized it was social engineering; I just knew it was something that I wanted."
"Managed to talk my way not only on the plane, but also into business first."
"They had me at port scanning."
Women’s Society of Cyberjutsu (WSC): https://womenscyberjutsu.org/
Intro Music: Cascadia by Trash80 - https://trash80.com/#/content/133/weeklybeats-2012-week5
Outro Music: JR Tundra - Natty Roadster
Getting Into Infosec