Me and my job: Mat Gangwer, security architect, Rook Security

Share this article:
Me and my job: Mat Gangwer, security architect, Rook Security
Me and my job: Mat Gangwer, security architect, Rook Security

How do you describe your job to average people?

The main part of my job involves assessing the security risks around networks, applications and architecture design. 

Why did you get into IT security?

I have a networking background, and it shifted to a security focus little by little until that's all I wanted to do. Being in a position that brings you face to face with emerging threats is awesome.

What was one of your biggest challenges?

Learning how to rapidly adapt to new technologies and address the security challenges that we all have. For instance, when responding to an incident from a client, they were using an application with which I had zero experience. Being able to quickly figure it out allowed us to identify that the out-of-the-box configuration from the vendor had a large hole that allowed unauthenticated access to all of the data. We were able to work with our client to add mitigating controls to fix that problem.

What keeps you up at night?

Let's be real, security is NOT easy and you can never do enough. Threats change faster than our ability to react. An attack that works today could be patched tomorrow. 

Of what are you most proud? 

Running point on architecting a secure design for our client's global data centers, and trying to solve their global security challenge. In the end, we designed a zoned security model that our client is now using as a revenue-generating business enabler.

For what would you use a magic IT security wand?

I'd give everyone a small dose of security paranoia, just enough to make people think about what they are doing when they interact with technology. A lot of security hangs on trust. We trust that the websites we visit haven't been hacked, we trust that online services will look after our personal data and we trust that the nice lawyer who wrote to us from Tanzania really does have $77.7 million just waiting for us to collect. A little voice in all our heads reminding us that even online trust needs to be earned would go a long way to keeping us all more secure.


Rook Security is an Indianapolis-based security process integration provider.
Share this article:

Sign up to our newsletters

More in Opinions

Unfair competition: Proactive preemption can save you from litigation

Unfair competition: Proactive preemption can save you ...

With each job change, the risk that the new hire will bring confidential information or trade secrets with him or her to the new company grows.

Hackers only need to get it right once, we need to get it right every time

Hackers only need to get it right once, ...

Hackers only need to find one weak point to steal valuable information. On the flip side, security pros need to account for every possible scenario.

Successful strategies for continuous response

Successful strategies for continuous response

While it isn't realistic for organizations to expect that it will never happen to them, a rapid, professional and continuous response can limit their scope and reputational impact.