How Security Pro Dave Kennedy Keeps His InfoSec Skills Sharp While Telecommuting

Last updated at Fri, 14 Aug 2020 20:12:46 GMT

Information security thought leader Dave Kennedy needs no introduction, but we’ll provide one anyway. In our latest episode of Security Nation, Dave, founder of the cybersecurity firms TrustedSec and Binary Defense, stopped by to discuss how he’s staying busy while working from home during the pandemic. Wrangling dogs and keeping his skills sharp on Red Team engagements are a major part of the story.

Working from home becomes the new normal

Dave is no different than many other technology professionals in that working from home has become the new normal due to the pandemic. In fact, he expects to do less business travel even after the effects of COVID-19 on the cybersecurity industry wane.

“I really think that I will probably not travel nearly as much, maybe only a couple handfuls of times a year now, based off of this,” Dave said.

Of course, it helps to have a well-appointed home office when telecommuting. Dave’s residential workspace includes a large number of monitors and PCs, with his standing desk providing easy access to all. He maintains his superhuman productivity level in this home domain, despite his dogs’ best efforts at disrupting podcasts and video interviews. Thankfully, his children understand the “Do Not Disturb” rule when dad’s office door is closed.

Sharpening his skills—all from home

With an eye toward keeping his tech skills at their sharpest, Dave makes it a point to get involved with a variety of cybersecurity projects. He regularly takes part in red team engagements, which are ethical hacking efforts where teams attempt to gain access to a company’s technical infrastructure. This approach remains a great way for companies to truly vet their cybersecurity footprint in pursuit of preventing a real attack.

When involved on a red team project, Dave typically stays up frantically coding until the late hours of the night. He said he feels the more challenging assignments definitely provide the opportunity “to flex that brain.”  Red teaming gives him a chance to use the skills honed over the length of his career while applying them in difficult scenarios, while providing a nice alternative to the various responsibilities involved with running multiple companies.

Dave notes that red team engagements typically vary their tactics based on the maturity level of the targeted company’s information security framework. Exploring new hacking techniques still inspires his creativity, helping to fuel those late-night sessions.

“You have to be creative as an attacker,” Dave said. “That mindset has really helped me throughout my entire career to excel myself, both in my knowledge and in the positions that I'm in and in what I do. I literally can't stop.”

Sometimes Dave’s brain still works as he’s sleeping, crafting the right solution for any difficult problem. He simply writes his ideas down on paper after waking up, and then codes it the next day when safely ensconced in his office. In the end, the entire cybersecurity world benefits from these ethical hacking efforts—either awoke or subliminal. The ultimate goal remains staying one step ahead of any nefarious agents engaged in criminal activities.

Listen to the full podcast for more on Dave’s latest activities

Rapid7 would like to thank Dave for sharing his insights on dog herding and devising security algorithms in his sleep. Listen to the complete podcast and be sure to subscribe, so you’ll never miss another episode of Security Nation.