This week is Cybersecurity Career Awareness Week, which is part of October’s Cybersecurity Awareness Month. We sat down with Daniel Spicer, chief security officer at Ivanti, to learn more about what it’s like to work in the cybersecurity world.

Q: How would you describe your role as CSO at Ivanti?

My mandate is to enhance the company’s overall cybersecurity infrastructure by working with engineering teams to build stronger security mechanisms into Ivanti’s solutions, assessing future acquisitions for security strength and market differentiation, and bolstering Ivanti's network security to protect its own systems and data. 

Q: What does a typical day look like for you?

There is no such thing as a typical day for any cybersecurity professional. That said, my main day-to-day responsibilities include connecting with my team to make sure there are no roadblocks; driving overall strategy and determining how to improve the security program; connecting with customers to learn more about the challenges they face and how to help solve for those; and working with auditors to make sure that we can represent our security program accurately and provide evidence for everything we’re doing. And when a security incident happens, I’m there to help guide and provide direction. As a CSO, my main priority is to enable my team to do what they do best and give them the tools to succeed.

Q: You recently joined Ivanti. What made you want to join the company? 

I found an executive leadership team with whom I have an incredible level of trust. To be honest, I never wanted to be a CSO because I'd seen many companies use them as scapegoats following cyberattacks and breaches. Before joining Ivanti, I interviewed my bosses and peers and dug into the details. I wanted to make sure that everyone, especially the leadership team, prioritized security. Today, I report directly into our CEO, which further demonstrates how much the company and leadership team prioritizes security and values my feedback.

Security needs to be part of corporate culture from top to bottom, and Ivanti has doubled down on its mission to secure the Everywhere Workplace. As organizations and government agencies face ever more sophisticated attacks against their technologies, Ivanti is dedicated to protecting its customers and mitigating threats as quickly as possible. This includes focusing on building products securely, educating about best practices, and helping organizations form a strong security foundation through a zero trust strategy.

Q: Tell us about your background. Where did you work before Ivanti?

Prior to joining Ivanti, I worked at Stroz Friedberg, a recognized industry leader in the field of incident response and digital forensics that has helped shape best practices in digital investigations and risk management. I led more than 100 investigations and created solution response strategies to close vulnerabilities. I worked on some of the largest and highest-profile security incidents, such as the Yahoo! breach and espionage campaigns launched by nation-states including Operation Cloud Hopper. I identified the root causes of security incidents and determined what technologies and protocols failed. Those experiences help me in my role today as I'm able to prioritize issues that I know caused incidents at other companies.

Prior to Stroz Friedberg, I served as a senior security analyst at The University of Texas at Arlington. I implemented their incident response and forensics program and led investigations. I also led vulnerability management, performing internal and external vulnerability scanning. I often performed code reviews and assisted developers with remediating vulnerabilities and implementing best practices.  As budget was limited, I flexed my technical skills to build the tools that we needed. I touched so many technologies and learned how they worked, which has benefited me throughout my career.

Before that, I held several security positions at the United Space Alliance, where I developed and maintained security plans for the mission-critical shuttle operations system in support of NASA. By starting my career in an environment where things were very well-structured, I got a feel for where things should be, which taught me how to identify where processes were broken moving forward.

Q: What do you find most rewarding about your job? What has been your biggest career highlight?

At Ivanti, it’s rewarding to help companies proactively defend against cyberattacks. With our Ivanti Neurons platform, IT can query all edge devices with sensor-based architecture and natural language, get intelligence across the enterprise in seconds, and then take the right action at the right time to effectively defend against cyber threats, such as ransomware attacks.

At Stroz Friedberg, it felt good to help authorities track down cybercriminals and help companies respond quickly and aggressively to vulnerability challenges. At Ivanti, I enjoy advising how to make our technology better and protect our customers.

Q: What do you look for in a potential hire?

I look for a combination of dedication and passion. Security is a hard job. It wears on you very quickly if you aren’t passionate about it. I also look for a deep understanding of security rather than just textbook knowledge. A lot of people can say multi-factor authentication is important, but not everyone can explain why or outline cases that would require different security controls instead.

One question I like to ask a potential hire is, “What fields would you want in a web request log in order to investigate a potential security event?” The answer will reveal how much knowledge the potential hire has about how to investigate an event and determine whether it is a false positive or a problem.

Q: How do you recharge and prevent burnout?

When I want to disconnect, I read. I prefer physical books to screens. I also enjoy hiking. Getting outside and breathing in fresh air is a great way to recharge.

Taking time to recharge is so important. If anyone is feeling burned out, I encourage them to take some time off, and then come back and do something that is in their wheelhouse to remind them why they selected their career in the first place. I’ve often observed people take time off and then come back to the same difficult project and get back into the same slump.

Q: When and why did you decide to pursue a career in cybersecurity?

I grew up without the internet. My first computer was gifted to me in middle school from my Boy Scout troop leader. I would use floppy disks to download manuals and source code to help me learn about programming. One day, I downloaded a virus and had to wipe the computer clean. That’s how I got interested in cybersecurity. I wanted to know how the hackers could bypass security features and deploy malware. I decided on a career in cybersecurity before I got into high school.

Q: What advice do you have for those entering the cybersecurity field?

Below is some advice based on lessons I’ve learned during my career:

  • Identify experts and learn from them. Don’t act like you’re the smartest person in the room because you probably are not. If you are, you’re in the wrong room.
  • Don’t be afraid to dig in when you think you’re right and defend your opinions. Always admit when you’re wrong.
  • Don’t be discouraged if your solution isn’t chosen as the “go-forward”. Always understand why a chosen solution was decided.
  • Don’t let rigor and process kill innovation. Find the right time and the right way to break the rules and find something new and better.
  • Security is a process of continual improvement. Don’t get hung up on the “optimal” and don’t let good improvements get in the way of perfect.

Q: How do you envision the role of the CSO changing in the future?

We continue to make use of cloud services, which keeps shifting data outside of our networks. At the same time, privacy rules and regulations continue to get more complicated and restrictive. Inevitably, CSOs are going to have to be experts on all things privacy in order to be able to advise well on where data can be hosted and what services to use.

Q: What is one security tip that you’d like to offer readers for Cybersecurity Awareness Month?

The global shift to remote work has exacerbated the onslaught, sophistication and impact of phishing attacks. According to a recent survey by Ivanti, 74% of respondents said their organizations have fallen victim to a phishing attack in the last year. SMS phishing is the latest variant to gain traction.

SMS phishing works much like an email phishing scam, but instead sends deceptive or malicious links through text messages. Some links may take you to a spoofed website that looks real but isn’t! If you log in, the scammers can then steal your username and password. Other messages may install harmful malware on your phone that steals sensitive information without you realizing it.

That information can then be used for all sorts of fraud, like siphoning money from a bank account or infiltrating a corporate network. The United States Federal Trade Commission received 334,833 complaints about smishing texts last year, more than double the year before! To stay safe, consumers should double-check links before clicking on them. Organizations should also incorporate unified endpoint management with on-device threat detection and anti-phishing capabilities into their zero trust security strategies.