Stuart describes himself as an “internet dumpster diver and role play espionage expert,” but in less exciting terms, he “helps organizations identify risks and improve their information security maturity over time.” For a highly technical guy, he surprisingly studied ceramics at university (that’s pottery). Luckily for the cyber industry, he finally found his true calling in security
What’s the best thing about your job?
The versatility. One week, I’m trying to get people to give me sensitive information over the phone or through phishing. The next week, I could be training an entire company on how to detect social engineering attacks. The following week, I could be building out policies and strategies or helping develop a threat hunting/incident response capability. There are so many things that make this industry so interesting.
What’s your proudest achievement?
I’m very proud of The Many Hats Club, the community I built, and all the good that has come of it. Whether this was through the charity fundraisers and conferences we put on (which raised over $50,000), OSINT CTF wins, or the hundreds of people who got into the industry through connections made or mentoring from members. I decided to close this down recently, and I hope the legacy will live on through those who were part of it.
You are being asked to create an ‘all-star’ infosec project team. Who would you pick and why?
Kevin Beaumont – for defensive strategy and intelligence
Daniel Card – for anything both offensive and defensive
Benjamin Strick – for OSINT and recon
Jenny Radcliffe – for physical and social engineering
Lesley Carhart – for incident response and forensics support
Tracy Maleeff – for security operations
Dave Kennedy – for offensive strategy, motivation and his wicked sense of humor!
If you could change one thing about the industry, what would it be?
Gatekeeping and trolling on social media. This seems to be on the increase recently. Although only a very small minority does it, it gets a lot of attention, which could put people off engaging in the community or joining altogether!
Dream job?
A games developer or storyline designer for an RPG game
Bucket list client?
SpaceX would be a dream client, just having an insight into the internal operations that go into a mission launch would be amazing
Advice for infosec n00bies?
Start a blog
Surprise us?
I like pineapple on a pizza. Don’t hate me
Lessons you’ve learned?
- It’s hard to defend assets if you don’t know what assets you have
- It’s impossible to know everything
- Always back your stuff up
Bio: Stuart Peck is the director of cyber security strategy at ZeroDayLab. He dabbled with recruitment, ran an information security division and then discovered his passion for the technical side of the industry. He now runs “an amazing team” of people, “doing all kinds of interesting projects.”