The first Information Security D-List interview of 2010 is my good friend Peter Giannoulis. I’ve known Peter for several years and he’s grown into one of the most knowledge information security people I know.
Q: Tell us a little about yourself.
I live in Toronto, Ontario, Canada, with my wife and two children.
I’ve been an information security consultant for over a decade specializing in the implementation of all sorts of security technologies from firewalls, IDS/IPS, vulnerability assessments, penetration testing and audits. I recently founded Source 44 Consulting Incorporated, whose goal is to provide outstanding infosec services to organizations of all sizes.
Along with some close friends, I also launched The Academy Pro (www.theacademypro.com) in March 2008. The Academy Pro is a website that was designed to provide organizations free infosec tutorials in video format.
Q: How did you get interested in information security?
It was really an accident. I was employed by an infosec consulting firm as a systems administrator. I quickly became bored with the role and brought this to the attention of the President of the company. He offered me a position as a security consultant and the rest is history.
Q: What is your educational background (e.g. formal schooling, certifications, self-learning, etc.) and did it add value to your information security career?
I have a little bit of college behind me, but I tend to grasp concepts if I study and apply them on my own. Throughout the last decade I have gained many certifications. Many have been vendor neutral based, but because of my position as a consultant, I needed to maintain vendor specific certifications as well.
Q: What did you want to be when you grew up? Would you rather be doing that?
What every geek wants to be; a rock star! While I love my current career path, I would rather be playing Good Riddance inspired punk music to thousands of people every night. There’s nothing like writing songs and performing them to a live audience.
Q: What projects (if any) are you working on right now?
Full time consulting and The Academy Pro takes up most of my time from a project perspective. However, there’s a few things that we’ll be announcing shortly from a company and website perspective.
Q: What is your favorite security conference (and why)?
I don’t frequent them often. I find there’s too many egos at some of the larger conferences.
Q: What do you like to do when you’re not “doing security”?
I love spending time with my family and I continue to play music from time to time.
Q: What area of information security would you say is your strongest? What about your weakest?
I’d say I’m a fairly good instructor. I have always scored high in this area. I also enjoy architecting solutions and performing penetration tests.
As for my weakest; I’m not much of a programmer. That’s an area I wish I took a bit more seriously years ago.
Q: Do you think the average Canadian is able to comprehend the threat that malicious attackers pose? What do we do to change the perception?
Not at all. So many parents in my neighborhood tend to ask me questions about Internet safety and than regret it after I answer. I honestly don’t try to scare people, but instead make them aware of the problem.
Something needs to be done from a larger scale in order to change the perception. I believe that education boards need to make parents aware from an early age about the dangers of the Internet by holding monthly or quarterly workshops with infosec professionals. That would be a start.
Q: Your kids are at the age where they’re getting into computers. How do you, as a parent AND a security professional, work to educate them on Internet safety?
My wife and I have made my children aware of the dangers of the Internet from an early age. Awareness is not always sufficient, so that’s where content filtering comes into play.
Q: What advice can you give to people who want to get into the information security field?
The security field is so interesting that it kind of draws you in. If you’re not looking to lose all of your time and enjoy spending time with your family and friends; don’t do it.
Q: How can people get a hold of you (e.g. blog, twitter, etc.)