How do you describe your job to average people?
I am helping an amazing group of volunteers to try to find out what the bad guys are up to next and how we can protect ourselves.
Why did you get into IT security?
I started out in physics, but ended up doing a lot of “computer work.” Of course, originally security wasn't really something I thought about too much until my home system was compromised. The more I learned about security and networks, the more I found the dynamic of it more and more interesting.
What was one of your biggest challenges?
My biggest challenge is to figure out what to focus on. Decisions have to be made quickly. It is always difficult to find the right point to publish findings. If you wait too long, it doesn't matter anymore. But if you publish too early, you may give people bad advice.
What keeps you up at night?
I am always worried about the security of my own systems. Offering services and data to the public in the form of dynamic and complex web applications is a challenge that is at times exhilarating and also frightening. The more you know, the more you worry.
What makes you most proud?
The persistent and longtime positive impact the Internet Storm Center has had on internet security. I am proud to be able to work with an amazing group of volunteers.
How would you use a magic IT security wand?
The internet-wide implementation of BCP 38 (anti-spoofing) and, if I had some powers left, the same for RFC 3514, which is just about as likely to happen.
Johannes Ullrich is responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC.