10 questions to my Mentor Mark Orlando-CEO Bionic Cyber
Key Cyber Solutions (KCS) is committed to developing future leaders interested in pursing careers in technology. As part of our outreach and development activities, we are featuring a series of interviews from experienced mentors who work with students and persons new to the Information Systems industry. In this article, we are excited to have Mark Orlando, CEO of Bionic Cyber, provide insights on preparing for and paving a pathway to a successful career in Cyber Security. Please check back regularly for new features and updates regarding Key Cyber Solutions mentoring opportunities.
1. How did you get started in your profession or what sparked you interest in your career path?
After a long summer of working for a package delivery company, I decided to pick up some of my older brother’s Unix books to see if I could learn something new. Thanks to his patience and support, I was able to land a job as a Unix admin, which eventually led to an opportunity at a security company. Once I saw the work the operations team was doing, I was hooked. I moved over at the first opportunity and never looked back.
2. How big of a role does having a formal education play into working in your field?
There are many different paths to a cybersecurity career, and many of the most skilled practitioners I know have no formal education in the field. The creativity and diversity of thought this brings makes for better security overall. My own education helped me build a solid foundation upon which to grow my technical skills but there are many ways a person can gain the skills and abilities they need.
3. Are there any certifications and/or degrees would you recommend for entering your line of work or to help further advance a young professional’s career path?
As a SANS Instructor, I’m a bit biased in saying that the SANS courses are great ways to gain new knowledge. I highly recommend them for folks who have the opportunity and the means to take them. But I also think we can do much more to make training and education more accessible to everyone, and the specific certifications and courses aren’t as important as demonstrating knowledge of key concepts and dedication to attaining a certification – whatever form that takes. I also encourage people to participate in capture-the-flag exercises like SANS NetWars, OpenSOC.io, and Splunk’s Boss of the SOC. These are great ways to build your skills in realistic environments and demonstrate your initiative without having to make a major financial investment.
4. What are some learning resources that you would recommend?
I recommend signing up for capture the flag exercises and other public competitions for a variety of reasons, not the least of which is building up your network and learning new skills. Many of these events are geared towards skillsets of all kinds, including people just starting out, so there is something for everyone to learn. There are also great sites like malware-traffic-analysis.net, which has a variety of blog posts and associated datasets one can work through on their own time.
5. Are there any important interdisciplinary skills you find to be relevant or transferable in your field (ex. interpersonal skills, scheduling, language/writing)?
Communication is absolutely a key skill. Security does not exist in a vacuum – we do what we do to protect revenue, value, or a mission. Practitioners must be able to communicate technical concepts to non-technical audiences in written and verbal form. Customer service is also an invaluable skill for security practitioners since our job is to enable users and help them do their jobs more securely.
6. How has technology changed your job in recent years?
Cyber security has gone from being a niche discipline to something that touches almost all aspects of modern business. Ten years ago, educating people on the need for security was a major part of the job. Today, security is increasingly part of the conversation when it comes to building and maintaining the critical infrastructure upon which we so heavily rely. I think we’re also starting to realize that given all of the data produced by modern IT infrastructure and the extent to which it is interwoven in our daily lives, scaling our efforts to secure it has become a challenge. So automation and secure development to “bake security in” have become much more of a focus than they were when I first started.
7. How do you keep your skills current and remain abreast of the latest technological advances?
I read and attend as many trainings and conferences as I can. The latter has gotten much easier this year with so many events going virtual and dropping their registration fees. Staying “hands on” through my consulting work and teaching is also invaluable since I can get exposure to lots of different customers and environments. Finally, social media is a great resource for staying current. The InfoSec community is well represented on Twitter, Slack, and Discord, and there are lots of great discussions happening there if you know where to look.
8. What advice would you give someone who is interested in a technology career for entering the workforce?
Get hands on as soon as possible. Install Linux, build a network, set up a lab. If you don’t know where else to look, YouTube and Google searches can give you everything you need to get started. You’ll dig yourself into a lot of holes but getting yourself out of those holes is the best way to learn. Also, join a community, whether it’s a meetup or local security group or just like-minded folks you meet at a conference. If you’re an introvert, join one of the free Slack or Discord channels out there to listen and learn from people doing the work you want to do. Some of my favorite channels are the Threat Hunter Slack, the Recon InfoSec Discord, and the TrustedSec Discord.
9. What are some challenges you faced when first starting out in your career, and how did you overcome them?
One thing I talk about in my classes that I encountered early on (and still feel sometimes) is imposter syndrome. Security is such a broad and deep set of challenges and disciplines that it’s easy to feel overwhelmed and under-qualified. But realizing that no one is an expert in everything, and everyone has something to bring to the table, is the key to overcoming this and staying motivated.
10. What is one thing you would want someone to know who is thinking about entering your profession?
There will always be someone smarter and more capable than you, whether it is a mentor, colleague, or adversary. Never make the mistake of thinking you are the smartest person in the room – if you do feel that way, find another room! Stay hungry and never stop trying to learn and grow professionally.
Mark Orlando started his security career in 2001 as a SOC Analyst, and since then has been both fighting for blue team resources and trying to automate them out of a job. He has built, assessed, and managed security teams at the Pentagon, the White House, healthcare.gov, the Department of Energy, global Managed Security Service Providers, and numerous Fortune 500 clients. Today he is the CEO and Co-Founder of Bionic, a company he co-founded to bring advanced “1%” defensive capabilities to the 99%.
Mark is an instructor at the SANS Institute specializing in Blue Team Operations and has presented at DEFCON’s Blue Team Village, CircleCityCon, the Institute for Applied Network Security (IANS) Forum, BSidesDC, and the RSA Conference, and he has been quoted in the New York Times, the Washington Post, Forbes, BusinessWeek, and many other publications. He holds a Bachelor's Degree in Advanced Information Technology from George Mason University and served in the US Marine Corps as an Artillery Non-Commissioned Officer.