Critical Thinking in Cybersecurity presented at OWASPBASC 2019

by Kristin Dahl,

Summary : Security's most important skill is overlooked – critical thinking. Keeping up with the latest technical tools and trends is only one contributor to success. Security is a constantly evolving field. Long-term success requires that we think on our feet—regardless of technology—to understand tools and how to apply them to the changing landscape.We often do not think about critical thinking. What does it feel like? How is "critical" thinking different from "normal" thinking? How do you develop these skills? And how do you apply them to security?Critical thinking is part art, part science. It takes a combination of intuition, logic, and creativity to understand the 'why' and not just the 'how.' It should help us address the root cause of an issue and not just the symptoms. In security it means decomposing a problem, analyzing objectively, evaluating a hypothesis, and recognizing context. This session will explore how to apply critical thinking in your day-to-day job pulling from my experience and observations across academia, industry, and government.