An August afternoon 2011 on my patio in New Jersey, My Friend Young Min Ju AKA- “The Minja” was spending some time at my home. We laughed and joked while he smoked his cigars and I drank my Jack Daniels Honey with Ginger Ale. We talked about personal things and somehow the discussion would always find its way back to Information Security and work.
We discussed many security topics and agreed on many of them and agreed to disagree on some of the others, when we got fired up on those topics we enjoyed challenging each other in many ways. One that always came up was based on industry certifications, and we both had a decent amount of them. However he would always trump me with the fact that he had his Certified Ethical Hacker and I did not. The CEH certification was a badge of honor to my friend, and one that I was jealous he had and I did not. So I publically committed to him and others on my patio that day, that I would attain my CEH certification.
Almost one month after making that promise, my world was turned upside down. On Saturday October 11th 2011 the security world lost a great soldier, Min passed away in a motorcycle accident in Chicago. I received a call the next AM from my boss, on my personal phone and he asked me if I was somewhere I could sit down. I happen to be out riding my motorcycle that day with the Chief Security Officer of one of our customers. I was informed that Min had passed away and I thought Min was up to his usual no boundaries of trying to get you to bite on the hook. After I said to my boss that this is not a funny joke, the response was “I wish I was Joking” I could not see on the ride home due to the nonstop flow of tears.
One year later my world is still not back to normal and I think of Min every day, he motivates me to beat our competition each and every day. In the months following Mins death, I covered meetings for Min in the central sales area for our company. In a customer meeting a Chief Information Security Officer cried when he heard the news of Mins passing. Many times I thought I would lose my composure thinking of him. The week before the one year anniversary of Min’s death, I passed my Certified Ethical Hacker certification and kept my promise to my friend. But what I thought was a cool certification to have and also keeping my promise to my friend, I realized that there was much more to it. I have always believed that in order to be able to fix things you need to know how to break it. The same holds true in the information security workplace. Going through this has taught me how to look at things with a different perspective. To go thru the modules in the CEH preparation work and think about the phases that an attacker or ethical pen tester would use to research their targets and then launch their attacks on them, hoping for that magical moment of exploitation or as Min would have said “Pwning the box”. I also gained a perspective on how the technical controls and policy should be setup to protect against some of the common methods used. It also gives you a lot of credibility with customers when they learn that you have some knowledge beyond just security and knowing how the bad guys would look at them as a target.
I highly recommend the CEH certification for Security Professionals to add a new perspective to your discussions and how it may change your view of things after. I feel it is important to stay passionate about what we do and never stop learning. I am proud to say I am now in the ranks of CEH with my friend Min and it makes me smile to think that he is up there watching and maybe he smiles with pride knowing that I stayed competitive and did not let my promise to him go. I will forever think of Min and be in debt to him as a friend and a role model. Every time I add the CEH credentials to a presentation I smile and think of him. Promise kept my Friend and I know in my heart, Heavens data is guarded well.
Keep your promises to yourself and others. It ends up being very rewarding if even just for your own peace of mind.