Me and my job: Ron Woerner, Bellevue University

Share this article:
Ron Woerner
Ron Woerner
How do you describe your job to average people?
Not only do I help protect my organization (a university), but I also teach students about the security profession. There are so many aspects to information security that it's a challenge to determine what's critical for them to know in order to succeed. It's quite similar to security awareness training where there's only a finite amount of time and attention and you need to make the most of it.

Why did you get into IT security?
Like many, I fell into security. As a military intelligence officer, I learned about data classification and safeguarding sensitive information. As a UNIX systems administrator, I learned how to apply controls to protect the systems and its data. As a junior security analyst, I learned the importance of policies and awareness. The variety of activities required of a security professional is what keeps me interested. That and the many great people I've gotten to know in the security field.

What was one of your biggest challenges?
Security is often a constant battle, not only against the “bad guys” but also with management who may not “get” security as well as end-users who bypass controls for their own convenience.

What keeps you up at night?
After 20 years, [computer science professor Eugene] Spafford's Law of Security is alive and well: “If you have responsibility for security, but no authority to make changes, then you're just there to take the blame when something goes wrong.”

For what would you use a magic IT security wand?
It would be used to influence those that take undue risks without understanding the consequences. All security pros need the ability to lead those around them to develop and implement controls to assure protection. The technology is easy compared to having this ability. The support of other security pros is what keeps me jazzed.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in Features

Game theory: Cyber preparedness

Game theory: Cyber preparedness

Business leaders are beginning to fathom the importance of cyber war game simulation exercises, reports James Hale.

Forward progress: How the Denver Broncos really play defense

Forward progress: How the Denver Broncos really play ...

Off the field, demand for bandwidth and protection from network threats set the ball in motion for the Denver Broncos. Greg Masters reports.

Smart defense: A talk with industry veteran Gene Fredriksen

Smart defense: A talk with industry veteran Gene ...

Today's CISO must stay ahead of attackers, says Gene Fredriksen, CISO at PSCU. Teri Robinson talks one on one with the industry veteran.