Enjoy this encore episode with Vice President of Security and Support Operations of Alert Logic Tom Gorup shares how his career path led him from tactics learned in Army infantry using machine guns and claymores to cybersecurity replacing the artillery with antivirus and firewalls. Tom built a security automation solution called the Grunt (in recollection of his role in the Army) that automated firewall blocks. He credits his experience in battle-planning for his expertise in applying strategic thinking to work in cybersecurity, noting that communication is key in both scenarios. Tom advises that those looking into a new career shouldn't shy away from failure as failure is just another opportunity to learn. We thank Tom for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices
(phone ringing) - You're listening to the Cyberwire Network, powered by N2K. (upbeat music) - Hey everybody, Dave here. Have you ever wondered where your personal information is lurking online? Like many of you, I was concerned about my data being sold by Databrokers. So I decided to try delete me. I have to say delete me is a game changer. Within days of signing up, they started removing my personal information from hundreds of Databrokers. I finally have peace of mind, knowing my data privacy is protected. Delete me's team does all the work for you with detailed reports, so you know exactly what's been done. Take control of your data and keep your private life private by signing up for delete me. Now at a special discount for our listeners, today get 20% off your delete me plan when you go to joindeleteme.com/N2K and use promo code N2K at checkout. The only way to get 20% off is to go to joindeleteme.com/N2K and enter code N2K at checkout. That's joindeleteme.com/N2K code N2K. (upbeat music) (upbeat music) - My name is Tom Gorop, I'm Vice President of Security and Support Operations at AlertLogic. (upbeat music) I remember, I think, it was 13 or 14 when I built my first website. That's really where it all started, where that interest began. Thinking about communicating with people on the other side of the world in milliseconds, so the internet, any of itself, and how it worked was fascinating to me. (upbeat music) And I joined the Army shortly after high school with a different profession. I actually went to work on computers to do a computer-related role in the Army and ended up with an infantry position. So, I wouldn't say I lost interest, there was always there. I always continued to dabble in different types of technology and just play with things, but my career, the focus at the time was infantry, so it was a grunt, that's what I'd say. (upbeat music) I was learning a lot more of leadership fundamentals in the military, learning how to lead a team, to train a team, and as I was going to that process, I remember in Afghanistan, reading the CCNA study guide in my bunk, right? There was no lab for me to test these things out on, no actual hands-on keyboard activities I could be doing. So, just laying in the bunk, reading, I remember reading the first three or four chapters, probably two or three times, because I didn't understand any of it. And I finally got to the security section and I was like, this makes sense. I can take tactics that I've learned in the military and apply them to a computer network. The difference is I'm not using machine guns and claymores, I'm using anti-virus and firewalls. (upbeat music) (gentle music) Once I got out of the military, I started going to school and trying to find where that passion sat and dabbling in different things. And I realized, you know, I need any more experience. So, I was seeking internship opportunities. So, a lot of late nights, I remember staying up three, four o'clock in the morning, trying to figure out how to do different types of attacks and seeing what those attacks look like on the wire and how to take advantage. Work ethic is an important aspect, like to get the security industry. If you want to be in security, it's not just the nine to five, you know, punch in, punch out type position. If it weren't for the front end hard work, there definitely, I wouldn't have had the opportunities that I had after that. I built a security automation solution, I called the Grunt where we automated firewalls. It was fairly basic in that sense. But, you know, I was able to integrate that into six or seven different firewalls, automating a lot of work for our analysts and also driving us into that MDR market, which was super early on. Over time, I moved into director and co-founder of Rook Security because the SOC really didn't exist until before I got there. And it was originally Rook Consulting. We moved to Rook Security because our SOC had grown to be such a large player in our business. So, from there, and then Rook Security sold to Sophos, and I came over to another logic as vice president of security and support operations here. (upbeat music) It's a lot more strategic thinking, which, again, coming from the military background allows me to draw from when we did battle planning. It all comes back to his communication, right? How do we communicate the commander's intent and bring that down to the soldiers? So, in this case, I kind of have that commander position and how do I enable my team to execute against the higher level vision and how do I communicate that across different teams within alert logic? So, it shifted to a lot more communication and working well with others, and that's all been building blocks leading up to where I'm at now. (upbeat music) The things that I've learned were because of the experiences that I've had. I think failure is a good thing. We shouldn't shy away from failure, and failure is just another opportunity to learn. And you need to have that mindset, especially if you're going to a new career or doing something that you've never done before. Fail fast and fail forward. (upbeat music) (bell ringing) (upbeat music) Imagine this, your primary identity provider goes down, whether it's a cloud outage, network issue, or even a cyber attack. Suddenly, your business grinds to a halt. But what if it didn't have to? Meet Identity Continuity from Strata, the game-changing solution that keeps your business running smoothly no matter what. Whether your cloud IDP crashes or your on-prem system faces a hiccup, Identity Continuity seamlessly shifts authentication to a secondary or even tertiary IDP, automatically and without disruption. Powered by the Mavericks Identity Orchestration Platform, Identity Continuity uses smart health checks to monitor your IDP's availability and instantly activates failover strategies tailored to your needs. When the coast is clear, it's a seamless switchback. No more downtime, no lost revenue, no frustrated customers, just continuous, secure access to your critical applications every single time. Protect your business from the high costs of IDP outages with Identity Continuity from Strata. Downtime is a thing of the past. Learn more at strata.io. Keep your business moving, even when the unexpected happens. That's strata.io. (upbeat music) [BLANK_AUDIO]
