Me and my job: Ron Woerner, Bellevue University

Share this article:
Ron Woerner
Ron Woerner
How do you describe your job to average people?
Not only do I help protect my organization (a university), but I also teach students about the security profession. There are so many aspects to information security that it's a challenge to determine what's critical for them to know in order to succeed. It's quite similar to security awareness training where there's only a finite amount of time and attention and you need to make the most of it.

Why did you get into IT security?
Like many, I fell into security. As a military intelligence officer, I learned about data classification and safeguarding sensitive information. As a UNIX systems administrator, I learned how to apply controls to protect the systems and its data. As a junior security analyst, I learned the importance of policies and awareness. The variety of activities required of a security professional is what keeps me interested. That and the many great people I've gotten to know in the security field.

What was one of your biggest challenges?
Security is often a constant battle, not only against the “bad guys” but also with management who may not “get” security as well as end-users who bypass controls for their own convenience.

What keeps you up at night?
After 20 years, [computer science professor Eugene] Spafford's Law of Security is alive and well: “If you have responsibility for security, but no authority to make changes, then you're just there to take the blame when something goes wrong.”

For what would you use a magic IT security wand?
It would be used to influence those that take undue risks without understanding the consequences. All security pros need the ability to lead those around them to develop and implement controls to assure protection. The technology is easy compared to having this ability. The support of other security pros is what keeps me jazzed.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in Features

Case study: Big LAN on campus

Case study: Big LAN on campus

A university rolled out a wireless network, but was hampered with a user-support problem...until a solution was found. Greg Masters reports.

2014 Women in IT Security: Stacey Halota

2014 Women in IT Security: Stacey Halota

When she stepped into the job of vice president of information security and privacy at Graham Holdings Company in 2003, Stacey Halota had to carve out new territory because her ...

What's sex got to do with it?

What's sex got to do with it?

Harassment has no place in the security industry. Neither do sexism or discrimination. But, there they are. It's time for infosec to just say no, reports Teri Robinson.