How did you transition from your military career to your current role in InfoSec? Was it a natural fit, or did you have to make adjustments?
Tom Gorup, Security Operations Manager, Rook Security (TG): I served in the Infantry which, I think, made it an easier transition.
There were obvious technical aspects which needed to be hit heavy, but the overall concepts carried over quite well. There are a number of times which I have found military TTP’s apply quite well. For example, OCOKA (Observation of Field of Fire, Cover and Concealment, Key Terrain, and Avenues of Approach), whether you are setting up a battle position or securing your network, these 5 categories can be applied.
Sense of urgency also maps over quite well. The IT and security industry are moving at lightning speed. You need to be dedicated and extremely motivated to keep up, but you also need to have the understanding that time is always of the essence. Lingering security issues pose as great threats and must be addressed in a timely manner.
What advice would you give to service members who are interested in InfoSec?
TG: Don’t be overwhelmed by the technical side, all of that will come in time. Accept the fact early on that you will not know everything about InfoSec.
You will constantly find technology, attacks, and protocols that will keep you guessing, but also make you a more seasoned InfoSec professional. Stay focused and continue to apply yourself. All the pieces will fall into place in due time.
Are there any particular strengths that you feel veterans bring to the InfoSec market?
TG: LDRSHIP (Loyalty, Duty, Respect, Selfless Service, Honor, Integrity, and Personal Courage).
Soldiers are drilled from the beginning to instill these values. I feel these are the most valuable attributes of any good soldier, employee, or person.
Not only this, but the willingness to do whatever it takes to meet the objective. “It’s too hard” or “that’s impossible” are not responses often, if ever, heard from soldiers.