Scott Wright, security coach and consultant

Share this article:
Scott Wright, security coach and consultant
Scott Wright, security coach and consultant

What was your first job?
My first hourly paying job was at McDonalds, where I learned about obfuscation – we had to use names like “castle bins” instead of “garbage cans”. My first real job was at Mitel, an Ottawa-based telecom equipment company, where I did INGRES database coding to manage printed circuit board designs – and I learned how easy it was to fake a VAX/VMS login prompt and capture co-workers' User ID's and Passwords. 

What does your grandmother think you do for a living?
You don't know how old I am, do you? My mother probably thinks I play Donkey Kong when I'm not helping co-workers fix problems with their  “IBM PC”. (Just kidding, Mom!) 

If you were to describe yourself as a household object, what would it be?
I think I might be a Nespresso machine, “What else?”  I'm a just a little bit different –  I try to get people to think about what they are trying to do, and in a different way than usual; like brewing and frothing. The result is so much better than just pushing a button. 

What would your last meal be?
Maybe a nice, hot, thick crust pizza with pepperoni, mushrooms, tomatoes, hot-peppers, olives, mozzarella and extra sauce; and for dessert – swiss cheese and jawbeaker ice cream. You'll have to ask me about that one in person. 

If the battle between IT security pros and cyber threats were to be embodied in comic book characters, what classic super hero/nemesis match-up do you think would be most fitting?
Snoopy vs. Moriarty (I know Sherlock Holmes is not a real comic book, but just hear me out). Snoopy is smart and noble, but a bit naïve, like most of us. Moriarty exploits the good guys' softer, human side, and always seems to win, or at least get away.

If you had to have an occupation other than the one you're doing, what would you do?
You mean, if security technology suddenly got perfect, and nobody needed security training?  Could it really happen? If so, I'd probably find something else useful to teach people – like how to text with proper grammar. 

Have you ever heard a good joke about IT security?None that wouldn't be censored, but I love the XKCD cartoon called “Exploits of a Mom” (#327) – about the woman who named her son with a SQL injection string – nicknamed “Little Bobby Drop Tables”. Don't do this – apparently it can wreak havoc with student records at school.

What game (chess, roulette, whack-a-mole, etc.) would you use to describe your job and why?Pop-a-Matic Trouble. Sometimes I roll a six, and make great progress. Other times, I get slowed down or knocked back to the starting line by the bad guys. But the challenge of trying to finesse dice rattling around in that stupid plastic bubble is addictive.

What is the most important personality trait for a successful cyber security professional?
I think it's important for cyber security professionals to be passionate about helping people; helping them understand how decisions in their jobs impact the business, and helping management understand how technical risks translate into the business's bottom line. It can be very hard when you're always fighting fires with not enough resources – but you have to try not to lose your willingness to help people with little things that can move their mindset in the right direction, whenever you can.

What technology did you used to rely on, and are now happy is obsolete?
Folded paper street maps. They always seemed to have a crease right through the location I was looking for, so I couldn't read it. And I could never fold them back up the way they were supposed to be.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

POLL

More in Meet the Congress

Daniel Polly, VP enterprise information security officer, First Financial Bank

Daniel Polly, VP enterprise information security officer, First ...

Learn a little more about Daniel Polly, VP enterprise information security officer at First Financial Bank, who will be speaking at this year's SC Congress event in Chicago.

Richard Stiennon, chief research analyst, IT-Harvest

Richard Stiennon, chief research analyst, IT-Harvest

Find out what oar carriers, lamb ribs and whisky distilling have in common in this unique Q&A featuring Richard Stiennon, chief research analyst at IT-Harvest.

Chris Hadnagy, chief human hacker, Social-Engineer, Inc.

Chris Hadnagy, chief human hacker, Social-Engineer, Inc.

There's a lot more to being a chief human hacker than you think. Here's your chance to gain some exclusive insight on Chris Hadnagy before he presents at the upcoming ...