Why did you chose to become an IT Security Expert?
I wouldn't say that I chose the career of cybersecurity expert, more than I’d say it found me. Since I was a kid I've always loved to kind of “break” stuff, not in a naughty way, but I always tried to find ways to go around security systems and controls, just for fun.
And from there I realised that I could use these skills for something more productive than just "fun", and I could really make myself useful to companies that need them. I've never really been good at much else other than IT and mathematics, in my head it was always going to be one or the other. And after spending a rather boring year as an accountant, I discovered that computers and cybersecurity were really what suited me best.
Do you work more alone or in groups?
I work with a lot of different groups. Even though there is a dedicated security group, I collaborate with many other departments within the university.
Of course I have my own team with whom I work the most, but from one day to the next, depending on the needs and what’s happening that day, I will find myself working with the department
in charge of bank payments to ensure the security of transactions, then with another completely different department the next day.
Is there a lot of competition in your workplace?
Not in the university or the educational field at least, if I worked in the industrial or military sector there might have been, but here collaboration is essential.
There is a real community in the education security sector, we regularly receive professionals from other universities who come to share their experiences,
the attacks they have had to face, and how to avoid them. We are all in the same boat with the same goals, so we try to help each other.
as much as possible.
Again, I can't say it’s the same for other sectors, but in any case, in Lancaster I wouldn’t say that there’s any sense of competition between ourselves.
What motivates you to work in IT Security?
Being a cybersecurity expert is a very rewarding job. It’s challenging, you never get bored. You have to constantly evolve and learn new things in order to adapt.
And although there is no competitiveness between us professionals in this field, there is always someone on the other end who’s looking to find new loopholes to exploit and new ways to bypass what has been put in place. So, it is a real race between us and the attackers to see who will succeed in countering the other first.
What can you do to avoid a cyberattack?
The key element that needs to be worked on to prevent a successful cyber-attack is really education. You must raise awareness amongst the
other departments about attacks and the rules to be followed to avoid a breach, making sure that the backend is always secure
and that there is no exploitable vulnerability in the current security systems used. Everyone really needs to feel equally responsible for security within the company.
But expecting every member of staff to follow the rules to a tee all the time is utopian, there is bound to be a problem one day,
so, we impose the use of anti-virus software, double authentication (2FA), machine separation. If two machines do not need to communicate,
the system will simply block all forms of contact and exchange between the two, thus ensuring a certain level of security even if an attack were to occur.
Have you done pentest? What are the different processes?
When I started out my career in cybersecurity, I imagined myself doing hacking and pentesting all day long
(aka penetration testing, a cybersecurity process that consists in analysing a target by putting oneself in the skin of an attacker and looking for the flaws that a
real attack could exploit). But in reality, it's not exactly like in the movies, there are different sectors within IT security and
there are people much more qualified for this kind of thing than I am. Even if I have done and still do pentests, it is more like a hobby and to improve my own skills and
my home network than anything else. Although we regularly launch internal and vulnerability tests, these are mostly automated.
Sometimes we also hire firms specialised in this field when the capacities of our team aren’t enough. In this case, for a web application or
a given system, we write down a list of all the different levels of privileges for each type of user on our system, the functions they should and should not have access to,
then we give them access to different user accounts at different levels so that they can try and find a potential flaw in the system.
How does this job evolve and adapt to the constant evolution of technology?
When I started out in cybersecurity almost 6 years ago, nobody really worked solely in IT Security, it just wasn’t really a thing. But now the sheer size of the teams dedicated to this field has really gone above and beyond, the quantity and types of things we are working on today has far surpassed all my expectations.
Everything is changing so fast, I don't think there's a single thing I was doing 6 years ago that I'm still doing today. Vulnerabilities are constantly changing, so are the means to counter these vulnerabilities. The demands and needs of universities and companies in terms of security are constantly changing. As I said, you never get bored.
