Cyber Defense

Q & A with John Hubbard, SOC Manager and SANS Instructor

 

Our Industrials & Infrastructure team had a chance to sit down with John Hubbard (@SecHubb), GlaxoSmithKline SOC Manager, SANS Author and Instructor, and dedicated Blue Teamer.
____________________________________________________________________________________

SANS: What made you choose to work in tech/security?

John: I love this industry because there's always a fresh challenge to be solved. Attacks are constantly evolving, so defenders need to stay on their toes. When there's a bit of downtime, you can look to improve in other ways. For example, in our SOC, any time we find ourselves doing something repetitive, we write a tool to automate the painful or monotonous parts and leave only the interesting aspects to be done by the analysts. This has multiple benefits as it keeps people challenged to do new things, eliminates repetitive work, and frees us up to continue to build upon what we've already developed. Doing that keeps the group engaged and the team constantly reaching higher levels of capability and efficiency.

____________________________________________________________________________________

SANS: What was your first SANS course?

John: Apparently I like to jump in the deep end because the first SANS class I ever took was FOR610: Reverse-Engineering Malware. Taking that class and learning those skills launched my career as a SOC analyst at a speed I never thought possible. The course and certification test were intense, but it paid off in a big way. After that, I was hooked!

____________________________________________________________________________________

SANS: What course is on your wish list?

John: I'd love to take Micah Hoffman's new SEC487: Open Source Intelligence Gathering and Analysis class. The area is so interesting and hard to keep up with. The amount of freely available data about yourself and others has serious real-world implications. Knowing Micah and his passion for the topic, I'm sure it's an outstanding and informative class - just reading the summary makes me slightly paranoid.

____________________________________________________________________________________

SANS: What song is missing from the NetWars playlist? What would you add?

John: I always thought the C418 Remix of the Stranger Things theme song was a pretty good match for NetWars. (https://soundcloud.com/c418/stranger-think) Also, pretty much anything by The Glitch Mob is a good match for the NetWars vibe.

____________________________________________________________________________________

SANS: What SANS event are you looking forward to most this year?

John: For sure the Blue Team Summit! I'm excited to be teaching SEC555 there, and given the amazing experience we had with the defense crowd at the SIEM Summit last year, I expect this event to be right on course with that. Plus, it's in Louisville, and that's always a great time!

One of my constant pushes is trying to optimize blue team operations. Every time I go to a Summit, I learn about new and unique ways others have solved problems and how to improve our processes. Afterwards I'm always able to bring that info home and take my detection techniques and defensive knowledge to a new level.

____________________________________________________________________________________

SANS: How has security changed in your industry?

John: Security has changed the pharmaceutical industry in a lot of ways. Gone are the days that we can assume intellectual property will likely stay that way — and that manufacturing will work barring, mechanical failure. There are so many more threats and attack vectors that need to be considered now, we have to make sure everyone has a well thought out contingency plan, and that multiple safeguards are in place to ensure the continuity and integrity of business processes. Since peoples lives literally depend on our ability to do research and manufacture product, there's no option but to do everything we can to make sure it runs smoothly.

____________________________________________________________________________________

SANS: What do you want people to know about you?

John: Like most people in this industry, I'm a total tech nerd, but that extends to the realm of lower level hardware in my case. My degrees are in Electrical and Computer Engineering, so in the time that I'm not doing something related to InfoSec, I like to get into hardware and electronics. I'll look for any excuse I can to use an oscilloscope or logic analyzer, and I absolutely love soldering. I've also done a lot of car electronics work in the past including stereo installation, amplifier design and speaker building. I'm sort of all over the place in my hobbies, and can't figure out which I like most. As soon as I can figure out how to make a robot that will roast me fresh coffee every week, I'll be attempting that too. :)

Thanks, John, for taking the time to share more about your background and your role as a SOC Manager and SANS instructor. To learn more about John and where you can take his next course — visit his SANS bio page: https://www.sans.org/instructors/john-hubbard

 

Post a Comment






Captcha


* Indicates a required field.