Throughout 2019, this mini-series will interview leaders from around the globe to discuss areas of cybersecurity. The purpose is to help students and those new to the industry gain perspective and guidance from professionals in the field. These interview insights aim to kick-start or re-energise your career journey in cybersecurity.
In this month’s feature, John DiMartino, Director of Global Network and Security Operations for an international business support services company, shares his story about:
Why cybersecurity? “There were not many computers around when I was younger and by the time middle school rolled around they were everywhere! Computers fed my natural desire to tear things apart and put them back together. I aspired to understand how everything inside a computer worked. My journey started in high school with my co-op at a computer repair shop and transitioned to university where I had an opportunity to explore disc forensics that peaked my interest. After some great years with Deloitte, I moved onto law enforcement as part of a search for personal fulfillment to serve and give back to the community with the skills and talents I had acquired in consulting. I went to work for the US Federal Government and the feelings were just right, like Goldilocks and the Three Bears. I was making a real difference protecting critical assets and doing the things I really enjoyed such as:
In my management role, I discovered a renewed passion for mentoring and coaching. I came up in my career knowing that I wanted to be the kind of boss I had when I was an analyst – an individual supporting the growth of the team and sharing in the excitement and passion for cybersecurity. I do what I do because my role provides opportunities to give back to my team and my network. More than anything, I love leading a team because I can support, train and build the careers of the next generation of cybersecurity analysts." How would you describe cybersecurity architecture, incident response and monitoring, and their role in the capability landscape? “Each area is vastly different and ever-evolving; however, there are common threads. Cybersecurity architecture. How can you put together a series of systems that all interconnect either within the system itself or between systems? How can you make this as secure as possible while still allowing the systems to work as they need to move the business forward? Cybersecurity architecture – the blueprint of the IT environment. Incident response. There is an input and or event that initiates action to understand what happened. The faster you can:
What excites you about today’s cybersecurity landscape? “An entirely new world of connected devices with an endless number of places where cybersecurity incidents can occur. This, combined with a new class of systems that produce never-seen-before events that require you to monitor alerts and respond appropriately to minimise business impact. This infinite number of interconnects between systems creates more ‘noise’ and cybersecurity risk with a plethora of internet-connected devices in your environment. There is hope! As with every interconnect there are opportunities to layer cybersecurity, place a sensor, or build automation to securely enable your business. In my current role, I strive to provide cybersecurity-as-a-service for the business. This requires a team with coding skills that can offer services that allow development teams to ingest cybersecurity as part of their core processes. Our approach enables these teams to build protections seamlessly into their product pipeline with low overhead via API's. There has never been a more exciting time to be a cybersecurity professional!” What, if any, information you would have liked to know starting out in your career? “I would tell myself to:
For those in Industry?
How would you suggest others new to the field get involved? “Sometimes the best path is to start with an entry-level job. This can be tough but swallowing your pride for the right company or right opportunity could jump-start your career. Start as an analyst and inhale as much knowledge as you can consume and digest. I would not get into cybersecurity because this is the ‘hot’ field. Cybersecurity is a very demanding industry no matter your discipline - Security Operations, Governance, Business Engagement, Security Services, etc. If you do not love cybersecurity, the demands will take their toll. Pursue a cybersecurity path if you are passionate about it and understand this path is a constant up-hill battle to stay ahead of the knowledge curve. There is no better industry if you love it. If you are passionate and have the drive, there are endless streams of new information to dig into every day. There is an infinite amount of knowledge to build from and there are entire fields we have not discovered yet. I could not be more excited for the future of cybersecurity - I love this stuff!” Cybersecurity is intriguing, in-demand by the market and considered as an excellent career starter. Please be on the lookout for next month’s issue of Decoding Cybersecurity: Interview Insights with Leaders as the journey continues.
0 Comments
Leave a Reply. |
AuthorElliot is a Senior Manager in the EY Cybersecurity practice. Elliot enables organizations to build in risk thinking from the onset, enhancing global innovation with confidence. He leads global teams to reduce response times and minimize the impact of security incidents by building and operating mature security, logging, monitoring, alerting, and incident response practices. He successfully led response to and recovery from complex security incidents, such as data exposures, third party compromises, and vulnerability exposures, by coordinating across large enterprises through effective incident response procedures to minimize business impact. Archives
April 2020
Categories |