Toast of the Town- John DePalma, Cybersecurity Engineer at Sentara Healthcare
1. What makes you excited about going to work every day?
Everyday is new!
I might be working with a new technology, solving a new problem or developing/implementing a new security control. Or any other number of things. My days are usually non-stop action and rarely a repeat episode.
2. If you could change one thing about security operations with a snap of your finger, what would it be?
Internal, "political" hurdles that hamper the proper securing of an asset. Take any high profile breach and you'll hear people say "Oh gee-whiz, how embarrassing for the security team", and that drives me crazy. You just know the security team has been complaining about that issue for a long time and now they're taking the blame. How many breaches would not exist if some non-security minded entity got out of the way? Let us do the job.
3. Which security content do you like sharing with others or appreciate that is shared with you?
For students that I mentor I like to share the "gotchas" I've come across when auditing/securing/investigating an environment as well as different TTPs that they should experience in a home lab to prepare for the workforce. With colleagues I like to share automations that I've built or the results of an investigation or audit to expand situational awareness.
I appreciate when others share new tools and solutions for me to check out and I learn so much from post-breach reports.
4. Tell us your work philosophy in 10 words or less.
Help everyone. Keep learning. Make it better. Try harder!
5. What’s your favorite thing to operate (other than security) and why?
My motorcycle on the backroads of small towns. Fresh air, open road and leaning into sharp turns bring me much joy. Hard to think about the concerns of everyday when you're focusing on the ride; almost meditative.