Lance Spitzner, founder of the Honeynet Project, is an internationally recognized leader in the field of cyber threat research and security training and awareness. He has helped develop and implement numerous multi-cultural security awareness programs around the world for organizations as small as 50 employees and as large as 100,000. Lance invented and developed the concept of honeynets, and has authored several books and security whitepapers.
We met him today and spoke about the current information security landscape and the upcoming Honeynet Workshop that will be held in Stavanger, Norway from May 18th to May 20th.
1) What was your motivation to enter Information Security field, and who inspired and helped you along the way?
I became interested in information technology when I left the military in 1996 and entered a MBA program. During school I was working at a local Unix consulting company and quickly became interested on the security side. My military background liked the idea of the good guys fighting the bad guys, but in cyber space. Since there was little expertise in cyber security then, it was easy to become the local ‘expert’ as there was no one else involved. This was an exciting time, but we all had to learn on our own. As for inspiration, that is easy, Dan Farmer made this field very exciting and was one of the pioneers, he had me hooked from day one.
2) How do keep yourself motivated in this line of work and how do you handle the competition & failures?
Staying motivated is easy. I love the combination of doing good while helping grow and develop a very immature field. In a lot of ways we get to make up the rules as we go along. As for competition, I think it is a wonderful thing. Competition is what is helping drive the innovation in our field. As for failures, you can’t innovate without failure.
3) Why is Global Honeynet Project important and why should people support this cause?
At its most core level, the Honeynet Project is all about creating a trusted, international community that works together for the betterment of all. I love the open environment where people freely share ideas, help each other grow, and ultimately share back to the larger community. As long as the Honeynet Project continues to contribute to the community at large, the community will support it.
4) What is your talk about and why people should join the event?
My talk will be about the history of the Honeynet Project, to include how it started and why. The project has a fascinating history with amazing folks involved every step of the way. I’m hoping to share that story so others can learn how to benefit and grow themselves.
5) What Security issues are being exploited and how to counter them?
My focus is on the human element, how bad guys target and exploit the HumanOS. The reason for this is simple, technology can only go so far in protecting organizations. Humans are now the weakest link, and bad guys always go for the weakest link.
6) What are the gaps in today’s security methods?
I think we have beaten technology to death. Organizations must now also address the human element, both for protection and detection.
7) What are your suggestions for up-coming professionals?
Be open minded, actively learning and give to the community. The more you share and help others, the more you get back in return.