We caught up with the brilliant and insightful Nabeel Mahdi Sayed a few weeks ago and have shared our conversation below.
Nabeel Mahdi, thanks for taking the time to share your stories with us today What do you think Corporate America gets wrong in your industry?
In 2013, Neiman Marcus experienced a cybersecurity breach that exposed the credit card information of its customers. The same happened in 2014 with P.F. Chang’s. What’s common between these two incidents? Both breaches were partly attributed to insufficient security personnel, and there have been many breaches in recent years.
You might have come across links with “s3” in them. S3 is Amazon’s cloud storage service, akin to Google Drive or iCloud. Now, imagine if everyone could access the pictures on your Google Drive or iCloud. You wouldn’t want that, right? Unfortunately, S3 is often misconfigured. In 2017, even the Pentagon misconfigured S3, leading to the exposure of confidential government information.
Every business today has a tech component. It’s nearly impossible to establish an internet presence without some level of technology involvement. However, as businesses increasingly rely on technology, many forget the crucial aspect of cybersecurity. Corporate America must understand that cybersecurity is not just an IT risk; it is a business-critical risk. In my experience, simple mistakes made by companies can cost millions. These mistakes can often be mitigated if businesses put more resources into the cybersecurity department, which is sometimes non-existent in smaller companies. It is important that all businesses have some sort of security team in place to prevent that one costly mistake.
By the way, please start using a password manager and use different passwords for different accounts.
Awesome – so before we get into the rest of our questions, can you briefly introduce yourself to our readers.
Back in 2016, I watched the first episode of Mr. Robot (It is a show about a hacker) and became really curious about what the protagonist was doing on his laptop. What did I do after watching it? Installed the same operating system (Kali) that is used in the series on my laptop and started playing with it. The first thing I learned to hack was my Wi-Fi. I read some online articles and watched some YouTube videos, and after a few trials and errors, I was able to crack my own Wi-Fi password (Woohoo!). That made me curious about what else could be hacked. It turns out hacking is just finding cracks in the wall; you just need to find the right combination of cracks, and the wall will crumble. However, the right cracks are not always there.
Over the next few years, I started learning hacking by reading books and blogs and began solving online hacking puzzles from HackTheBox and VulnHub. Your objective in these puzzles is to hack a website, and there are so many different variations of such puzzles out there that you never get bored. In my field, adopting a hacker mindset is crucial. Thinking like a hacker is a specific mentality that requires hands-on practice to develop. I later did a master’s in cybersecurity, where I was taught some really cool things, then worked as a full-time hacker for a bank, and I am currently working as a cybersecurity engineer, where I find mistakes in other people’s work.
My primary role is to identify system flaws and collaborate with developers to fix them. To effectively resolve issues, one must first understand them, so I spend a significant amount of time reading code and documents to uncover security-related mistakes. Additionally, I develop tools to automate security tasks, review system designs, and occasionally hack systems myself to identify vulnerabilities. Staying updated on emerging threats is also essential in my field, and my passion for reading greatly aids in this. Each morning, I read the latest security news with my coffee.
Passion drives everyone in my industry, including myself. I find joy in solving these large-scale puzzles written in a computer language and my love for reading ensures that whenever I encounter something unfamiliar, I know there’s a book out there to guide me.
We often hear about learning lessons – but just as important is unlearning lessons. Have you ever had to unlearn a lesson?
When you don’t know the answer, take a moment to pause and stop thinking about it. Taking breaks is crucial for finding solutions. Growing up, I would spend hours fixating on a problem, which only made me more anxious and prolonged the resolution. I had to learn that not every problem needs an immediate solution. Stepping away from the problem allows you to see it more clearly. Often, the answer is right in front of you, but a racing mind prevents you from seeing it. The problem may seem unsolvable because your mind is running in the wrong direction. Pausing allows you to redirect your thoughts and find the right path. I’ve observed in both my professional and personal life that when a problem seems unsolvable, sometimes the best approach is to take a break.
Can you tell us about a time you’ve had to pivot?
I completed my bachelor’s in computer science with a strong passion for coding. While I initially taught myself penetration testing (commonly known as ethical hacking), coding remains a source of genuine enjoyment for me. Early on, I faced a pivotal decision between pursuing a career in cybersecurity or software development. Upon researching average salaries, I discovered that software developers typically earn more than cybersecurity professionals, which initially swayed me towards software development.
However, the realization that financial considerations were influencing my decision sparked a deeper interest in cybersecurity. Despite the potential for lower earnings, I found myself drawn to the field due to its inherent appeal and challenges. This realization marked a turning point, leading me to pivot towards cybersecurity as my chosen profession.
Contact Info:
- Website: https://nixonion.com/
- Linkedin: https://www.linkedin.com/in/nabeelsayed/
