Right Working Romantic Related Learning Friendly Healthy Legal Inspirational Unfiltered

Currently Seeking Translators Fluent In Geek

, , , , , | Related | January 31, 2022

My girlfriend’s parents have arranged a Christmas-before-Christmas event so that their relatives will be able to attend before the state borders get shut down for lockdown again. It is a full formal Sunday lunch — the good china, placemats, arranged setting, that sort of thing.

My girlfriend’s mother is a fantastic cook, so I jump at the chance to attend. I’ve met most of her family, but she does have an uncle and some cousins who are coming from across the country specifically to visit everyone.

My girlfriend’s mother sits me beside one of the cousins, although until we introduced ourselves, I thought she must have been an aunt. [Cousin] is the oldest of the generation, so she’s nearly middle-aged while my girlfriend and I are still in University.

Cousin: “It’s nice to meet you, [My Name]. So, I think [Girlfriend] said you were studying at [Local University]?”

Me: “Ah, yeah, I’m studying IT there.”

Cousin: “Oh, that’s a good field. Just general IT, or are you doing one of the specialty degrees?”

Me: “It’s all fun, but I’m actually specialising in security. It’s all very technical and complicated.”

Cousin: “Oh, that must be pretty challenging. Anything in particular you’re enjoying or having trouble with?”

Me: “It’s all very complicated; I don’t really know how to explain it to a layman. Uh. The design evaluation I’m trying to do now is hard, I guess? That’s when you’re looking at a system and trying to put in security before you even build it. They don’t really explain how you find things.”

Cousin: “For a uni course? Try starting with a STRIDE threat model. It’s an older method and it’s a little high-level, but that just means there’s lots of information online about it. In real life, sometimes you need a different method, but a lot of threat modelling techniques were alterations on STRIDE so you can’t go wrong getting familiar with it. Also, make sure to check the relevant standards and whether there was a CC evaluation.”

Me: “Uh…”*Laughs* “What?”

Cousin: “Oh, sorry, it’s been a while since I’ve had to train a new grad. Let me grab my phone after this and I’ll explain what you need to do. My day job is cyber security director over in [Major Government Organisation]. Some pentesting, some SOC, but mostly GRC these days.”

Me: “…oh!”

Cousin: “Auntie takes her dinner parties really seriously and thinks really hard about how to seat people next to each other, didn’t you know?”

Well, now I do. And I got a High Distinction on that security design course.

This story is part of our Halfway-Through-2022 roundup!

Read the next Halfway-Through-2022 roundup story!

Read the Halfway-Through-2022 roundup!

Question of the Week

Tell us your story about a customer who couldn't understand the most simple concept.

I have a story to share!

Popular Posts