Little does the Information Security community know, but among us are experts at OSINT. They lurk behind friendly faces, waiting to be asked questions. They are librarians!
Tracy Maleeff (@InfosecSherpa) was a professional law Librarian and at the top of her game. Looking for change and meaning, she searched until she found the field of Information Security. This is her journey.
Tracy Z. Maleeff (/may-leaf/), @InfoSecSherpa, is an independent information professional providing research and social media consulting, with a focus on information security. She is a frequent presenter about best practices of data mining from social media, professional networking, and introduction to information security topics. Tracy has 15 years of experience as a librarian in academia, corporate, and law firm industries and earned a Master of Library and Information Science from the University of Pittsburgh. She is the Principal of Sherpa Intelligence LLC – your guide up a mountain of information.
There is a condition called "Librarian Face"
Librarians, who Master's Degree in Library Science, are taught to be approachable
Was never a public librarian, worked in "special" libraries. This made her really good at finding and accessing data.
Tracy shares some social engineering tricks she did earlier in her life.
Didn't grow up with computers around her.
Advice: "Know yourself"
"If you are out in public… people are likely to come ask you questions because you look like you know things."
"I did fail, but I did not fail as badly as I thought I would!"
"I don't regret the path that I took."
"For someone like me who does come from a technical background... having the certifications is what people want to see."
"They need to see some receipt!"
"Even if it turned out to be nothing, don't be afraid to speak up."
"I don't think I realized it was social engineering, I just knew it was something that I wanted."
"Managed to talk my way not only on the plane, but also into business first."
"They had me at port scanning."
Women’s Society of Cyberjutsu (WSC): https://womenscyberjutsu.org/
Intro Music: Cascadia by Trash80 - https://trash80.com/#/content/133/weeklybeats-2012-week5
Outro Music: JR Tundra - Natty Roadster
Getting Into Infosec: