For Fun – Aligning or Putting Music to the Varieties of Efforts, Tasks, Work Roles, and Functions in Cybersecurity

Produced by: Stan Mierzwa, M.S., CISSP, CCSK, Cloud Security Alliance NJ Chapter President

Contributions by: Eliot Perez, Assistant Director Security, Transportation Industry and Cloud Security Alliance NJ Chapter Board Member

Todd Edison, Chapter Relations Manager, Cloud Security Alliance

Introduction

Music can bring about special and unique feelings, thoughts, creativity, and inspiration. In this short commentary, a fun and interesting effort to place various music genres, musicians and bands, and songs are attempted to align or map against the variety of cybersecurity functions and tasks. As we move into the Memorial Day weekend in the United States, there will undoubtedly be music playing at barbecues, outdoor concerts, and a variety of events that pay tribute to and honor those who died while serving in the military. For those in the specific field of cybersecurity, mapping controls or tasks are often aligned to the variety of frameworks available, including those provided by the Cloud Security Alliance. Well, this fun take will map music to Cybersecurity! One of the goals of this short blog post-write-up is to generate greater enthusiasm for students who may be interested in pursuing cybersecurity roles in the workforce to help defend against the myriad of cyber attacks constantly taking place. Given the number of employment openings that extend throughout the United States and globally, such an activity to integrate the role of music into the variety of functions of Cybersecurity can be entertaining but also, and very importantly, provide a mechanism for students to understand the various specialties.

Music has the massive power to provide immense inspiration and energy for work roles. Including a variety of tools, together with music, can help to improve creative thinking of students (Guan, 2021). The art of music has remained relevant to young generations for decades and continues to resonate with this segment of the population. In fact, many in higher education recognize the importance of music, and for the authors of this blog, this holds true.

Given the currently known shortage of staffers in Cybersecurity jobs, perhaps music can play a complementary role in contributing to this need with greater awareness and attention. In addition, some days, it can feel as if the focus on cybersecurity incidents and concerns is followed by only those associated with the field of cybersecurity. With the introduction of music aligned with cybersecurity tasks and categories, perhaps just a few more people will begin to follow the topics with greater interest.

Music Genre Options

It can be challenging to outline or list every possible music genre that exists. In fact, new models or genres can present themselves as artists continue to emerge and create. It is not unusual to find music compositions to include multiple genres today, combining different varieties of styles and techniques. Comprehensive lists can be obtained via publically available open-source areas, such as the web-based Music Genres List (Music Genre List, 2022). For the purpose of this short write-up, personal choices and knowledge the authors have of genres were selected but can certainly be amended by the reader if they wish – in fact, it is predicted that for those reading this commentary, thoughts of this song, or that artist, or that genre will be considered to the variety of cybersecurity functions.

Presenting Potential

An idea for presenting the aligned music to various cybersecurity functions, specialties, or tasks is to demonstrate music (short pieces) connected to a photo of the cyber focus.

DEFENSE

Patching

Genre: Hip-hop

Artist: OutKast

Enabling Multi-Factor Authentication or Dual-Factor Authentication (MFA/2FA)

Genre: Light rock; Jazz

Artist: Count Basie Orchestra

Preventing Malware

Genre: Latin and Latin Urbano

Artist: Bad Bunny Casper; Magico

Consuming Threat Intelligence

Genre: Classical

Artist: Chopin

Identify Unused Attack Surface Entities (Turn off!)

Genre: Rock and Roll

Artists: Twisted Sister (“We’re Not Gonna Take It”)

Anti-Virus/EndPoint Protection

Genre: Latin Dance and Pop

Artist: Marc Anthony

Audit Unused Accounts (Disable/remove)

Genre: Light Rock; Pop music

Artist: Toto

Information Privacy

Genre: Pop Rock

Artist: Rockwell (“Somebody’s Watching Me”)

Validate Permissions

Genre: Modern Classical; Reggae

Artist: Bob Marley

3^rd Party Provider Access

Genre: TV Shows, Including CSI

Artist: Theme from Miami Vice

Blue Team Functions

Genre: Electronic Dance Music

Artist: Sprockets (SNL)

RECOVER

Creation of Incident Command Team

Genre: Heavy Metal

Artist: Judus Priest

Recovery Preparations

Genre: Rock to Light Rock

Artist: Eagles

Incident Response

Genre: K-pop

Artist: KTS

Disaster Recovery Processes and Procedures

Genre: Rhythm and blues

Artist: Otis Redding

Activation of Disaster Recovery

Genre: Country

Artist: Tammy Wynette

Bringing Additional Complementary Awareness to the NICE Workforce Framework for Cybersecurity

One common method to describe the varied cybersecurity work roles that exist is by using the National Initiative for Cybersecurity Education (NICE) Workforce Framework for Cybersecurity. The framework provides an excellent method to describe the main work-related responsibilities and requirements in Cybersecurity for students, those seeking jobs, and employers (Petersen et al., 2020). The NICE Workforce Framework includes higher level categories, specialty areas, and work role job descriptive titles. As a method, assigning music to the higher level categories can be a means of introducing those interested in Cybersecurity, but unsure of the sector focus, is pursued in Table 1.

Limitations

As may be expected, many may read this write-up and not agree with the music choices to map to the cybersecurity tasks and roles. This should be expected since taste in music can certainly vary. However, it can be expected and anticipated that many readers will come up with their own lists.

Discussion

As a result of this fun and entertaining article, the authors propose creating a montage of music segments that can contribute to a presentation and modern way to describe the NICE Workforce Work Roles for students and others that may be interested in considering the field s. The work in cybersecurity can be very challenging and stressful, and by allowing those in the field to be creative and consider music, or other forms of entertainment, to help foster greater strength and potential for protecting or dealing with incidents of a varied nature, why not give it a try?

Consider any college or professional sporting event such as basketball, football, or baseball games, and you will often find music being offered to propose inspiration to both the athletes and fans alike. With the demand for cybersecurity professionals continuing to be a challenge, considering opportunities to draw further attention to this constraint with inspiration for new interests is useful.

Finally, a band not considered in any of the artist examples portrayed in the write-up includes The Beatles or former members of the band. In listening to the popular Sunday morning show named “Breakfast With the Beatles,” hosted by Ken Dashow recently, two songs were played back to back, which alerted the author to an alignment with Cybersecurity and Cybercrime. The songs played this one Sunday were “All Together Now” from the Beatles album “Yellow Submarine” and “Give Peace a Chance,” a song by John Lennon and Plastic Ono Band. In the realm of Cybersecurity there is a concept of public and private partnerships and strong collaboration and teamwork to help protect and recover from incidents – aligning with “All Together Now”. Cybercrime has continued to climb and remains a constant concern in computing, especially with the advent and expansion of the malware type ransomware for monetary gain. For those individuals involved in this cybercrime and nation-state activity, perhaps it is time to “Give Peace a Chance.”

References

Guan. M. (2021). The role of classical music in the creative thinking of university students. Thinking Skills and Creativity. 41(2021).

Music Genres List. (2022). Genres of Music – The Most Definitive Music Genre List on the Web! As retrieved from: https://www.musicgenreslist.com/

Petersen, R., Santos, D., Wetzel, K., Smith, M. & Witte, G. (2020). SP 800-181 Rev. 1 Workforce Framework for Cybersecurity (NICE Framework). As retrieved from: https://csrc.nist.gov/publications/detail/sp/800-181/rev-1/final

Stein, D., Scribner, B., Kyle, Nl, Newhouse, W., Williams, C. & Yakin, B. (2017). National Initiative for Cybersecurity Education (NICE) Framework Work Role Capability Indicators. As retrieved from: https://csrc.nist.gov/CSRC/media/Publications/nist...