Why did you get into IT security?
What piqued my curiosity was my involvement on the various bulletin board systems (BBS). This was a great place to learn and share ideas. I decided to get into security professionally because I knew the skill set would consistently be in demand.
What was one of your biggest challenges?
Changing the perception that security people usually say “no.” Security practitioners need to recast themselves as solution architects – people who solve business problems in a risk intelligent way. With the cloud upon us and its end goal of ITaaS (IT as a service) this is an important concept for security pros to keep in mind.
What keeps you up at night?
The 19-year-old in Tbilisi who has no better prospect than the crime syndicate that employs her. She thinks nothing of 12-hour days figuring out how to weave around multimillion dollar defenses.
Of what are you most proud?
My personal involvement and leadership with the Philadelphia chapter of InfraGard. This is a national organization in which we have educated thousands of individuals on all domains of security. We also help facilitate the transfer of information between the public and private sectors with the goal of ultimately strengthening our nation’s critical infrastructures. There are local chapters all over the United States.
For what would you use a magic IT security wand?
If I could change something right now, it would be the perception that security is an IT problem. Businesses must think holistically about risk, and that includes many areas outside of technology – namely people and process. In other news, I don’t have that magic wand yet, but I hear Amazon just might have it on their roadmap.
Follow Matthew Chiodi on Twitter: @mattchiodi