Computer Security Professional & Author
30-year plus computer security professional, author of 10 books and over 1000 magazine articles. I have worked for some the industries largest companies: Microsoft, McAfee, and Foundstone. I have passed the certification exams for over 30 certifications including: CPA, CISSP, MCSE: Security, CEH, and CISA. I’ve worked everything from computer trainer to PC Technician, Network Manager, and VP of IT. I’m currently working for KnowBe4, Inc., as a data-driven defense evangelist. I love the company and the position. I am a computer security contrarian and thought leader.
To make computing a significantly safer place to compute. If I don’t help in doing that my business life was a waste. It also is my biggest professional goal, although I do hope my wife, children, and friends have the happiest and contented life they can have while making their own impact on the world.
I was a guy that barely graduated high school and I failed out of my first year of college with 1 A and 5 E’s. I never read a book. I failed most math and English classes I took over my life. I feel like I never had a single intelligent thought. And somehow, when given a second chance, I turned my life around. I got back in college, made great grades, and somehow not only read books…but wrote books, and made a highly successful career, all while having a great life, great wife, and wonderful kids. I’ve had a 30-year plus career doing something I’m interested in and love. I’ve helped as many people as I could. I made a difference, small that it may be. I could lose everything…and I don’t want to…but I’ve already created and lived a life I could not have imagined before I was 22.
Passing the CPA exam. Toughest exam I ever studied for. Nothing in the computer world comes close. I got a 4-year degree in accounting, took a multi-month prep course, and failed it twice. I didn’t give up. I eventually passed it. On another note, I got rejected by over 100 publishers before O’Reilly agreed to publish my first book. Despite getting overwhelming rejection for years, I never gave up. I never lost hope or faith in myself.
Never give up. You’re going to fail. Get up, try again. Help other people.
Albert Einstein, Abraham Lincoln, and the millions of people who volunteer to help others and improve the world.
Learn something new while I complete my tasks.
There is a gulf between what you are told to be worried about and what you should really be worried about.
Just get going.
Completing assigned tasks.
Learn something and help someone learn, every day.
A Day in My Life:
What do you love most about Your City?
I live in both Key Largo, FL, and Clearwater, FL. I love Key Largo because of the Azure blue waters which I love to boat on, fish, and scuba dive. I love Clearwater because of all the huge, white, sandy beaches and the people.
Favorite breakfast meal & restaurant?
There is no close second. My wife’s cooking.
What are you doing at:
6:00 AM – Reading online, preparing for the day, and getting ready to go running.
10:00 AM – Taking a business call from a friend.
12:00 PM – Favorite Lunch spot/meal?
Where ever I am, if it has healthy, fresh food.
7:00 PM – After dinner either writing for a new book or watching television.
11:00 PM – Usually asleep for an hour or so.
What drink do you need to get through the day and at the end (and how many)?
Water and unsweet ice tea.
Most used App/Favorite Instagram Account?
What should everyone try at least once?
Really, really understanding their logical opponent’s point of view.
Where do you enjoy getting lost?
My Native AdVice:
How did you get into the industry?
For interest in computer security, I read Clifford Stoll’s the Cuckoo Egg, Ross Greenberg’s Flu Shot (long out of print) and John McAfee’s Computer Viruses, Worms, Data Diddlers, Killer Programs, and Other Threats to Your System…and they all really captured my imagination for fighting malicious hackers and code. I immediately immersed myself into lots of anti-virus and anti-hacking forums, on FIDONet. This was before the Internet was the Internet. To send email and join chat rooms you were interested in you had to sending email and messages using dial-up
modems to your local bulletin board system (BBS) and wait a day for a response. While I had a bunch of regular, progressively more important non-IT-security jobs, I always spent every spare second learning about computer security, writing about it, and consulting about it. I’m not even sure how I kept some of those main jobs with all the hours I was spending on computer security stuff. I eventually realized that I had to change my career to my first love, and I did. I joined Foundstone (later bought by McAfee) as an Ultimate Hacking instructor and pen tester. The funniest and best job I ever had, although my current job at KnowBe4 is a very close second.
Career advice to those in your industry?
Actually, I just wrote about this in CSO magazine: https://www.csoonline.com/article/3373511/7-keys-to-a-successful-it-security-career.html.
Any emerging industry trends?
The more the IT industry changes, the more the IT computer security challenges repeat themselves. Very little new. It’s just mostly rinse and repeat against a new platform or paradigm. Computer security workers will have job security for life.
Ideal experience for a customer/client?
Personally, anytime I can wake a customer out of their wrongly held preconceived notions into seeing what they really need to concentrate on to decrease their cybersecurity risk the most and fastest, I feel the best. As far as my role at KnowBe4, any customer that uses their security awareness training will be doing exactly that. They will take their end-users from a very high social engineering risk (25% to 40%) to a very low social engineering risk (1-2%) in just a few months to a year at most. There is no single thing any company can do to decrease their cybersecurity risk the fastest than to implement a good security awareness training program.
How do you motivate others?
I try to do that with my writing. I didn’t write 10 books and over 1000 magazine articles for nothing.