e Interview with James Tucker; Insights on Life, Cyber and SecOps | Equate Technologies

Interview with James Tucker; Insights on Life, Cyber and SecOps

Nov/12/2020

James Tucker - Client Services Director

James is the Client Services Director for Equate Technologies. And more than that, he’s a fierce advocate of all things Cyber, the leader of our Managed Security Operations, a global traveller, Husband and Father to two and avid camper.

Tell us about yourself, JT?

From a work perspective, I got into IT more than 20 years ago. I was always interested in computers. I started out by working as a Linux Engineer and then as a Technical Consultant for Pronto. Then I joined Dialect in 2006. They were bought shortly after by a US company, TNS, and then acquired again by MasterCard in 2014.

What do you love in life?

Family, being outdoors and music. I enjoy everything from chilled out lounge and hip-hop to electronica and psytrance through to jazz, blues, reggae and rock music – my tastes are getting more eclectic as I get older. I’m probably turning into my Dad!

I have two children, aged 7 and 9 and have been with my wife for over 20 years (although we only got married 11 years ago). We love to travel. In 2015, we bought a camper trailer and have spent 300 – 400 camping nights away since then. My ideal holiday is camping on a beach with the tinny anchored out front, completely off grid.

I don’t have quite so much urge to travel now as we moved earlier this year, right on the North Pine river, so I can wander down and do as much fishing or crabbing as I want on my doorstep. It has been a great place to see out lockdown.

What are the challenges and opportunities for your team?

In general, SecOps first line respondents get burned out pretty fast. So, we’re really focused on providing role diversity. In my SOC team, the goal is about 30% of time is spent responding to alerts, 30% identifying threats and 30% on improving systems. The remainder is allocated to general tasks and self-learning – which is presented to the team and used to discuss innovation opportunities at Equate.

Opportunities centre around automating low value, high effort work to ensure we’re focusing on the important events and activities.

What’s your biggest challenge personally?

Achieving balance. I’m extremely focused on whatever I’m doing, which sometimes means I forget things; my family, eating, the basics!

How has the Cyber Security landscape changed this year?

The frequency and scale of attacks is so much higher than we’ve ever seen, with big companies exposed and experiencing disruption, financial and productivity losses as a result. We’re also seeing sophisticated crime gangs and state sponsored actors increasing as political battles are played out on cyber battlefields instead of real ones. The attacks are more brazen and transcending global boundaries with ease.

What have been the biggest issues you’ve seen from Clients?

From a Client perspective, it’s been a year of change. When COVID-19 arrived on the scene, Clients buried their heads for a while, and then realised they weren’t set up for 100% of their workforce to be remote. As the ‘new norm’ took hold, businesses began to tweak and upgrade their systems to cope with the new hybrid models of working.

People working on home and random WIFI networks has created new levels of exposure to risk. The reality of bringing all of that data behind traditional edge security technologies is challenging for many businesses at the moment.

What’s next for Equate and JT

At Equate, we’ll scale what we already do. We’ll add to our technology and automation capabilities and push machines to do what they’re good at; allowing our analysts to use their intuition to dig deeper where required.

I’d love to go around Australia in the camper trailer with the kids – maybe in 2022. We’ve also got a Round the World Trip planned at some point in the future – I’ve been saving up Qantas points to take the whole family.

What’s the best advice you’ve been given?

An old boss of mine said ‘Don’t get into a situation where you feel the company owes you something because they can never pay you back’. It’s important to remember that you have a life outside of work. I love what I do, but family comes first.

And what advice would you give to your younger self?

Take 20% of everything you earn and put it into the stock market; and

Be stable in work before you have kids. I unexpectedly worked away for a quite a bit when my two were young due to an acquisition and it impacts family balance.

What do you enjoy about working at Equate?

It’s a great business with so much potential ahead. I enjoy helping to shape the business and being invested in its future. I’m also invested in helping people learn and progress their careers in Cyber Security – it’s a really good legacy to leave.

Finally, your top tips for businesses looking to minimise exposure through cyber risk?

It really depends on your maturity, size and risk profile.   There’s a few sets of “3 Ps” in security, but if you can’t do anything else, Patching, Passwords and People is the kick off.

  • Patching – Keep systems and technologies up-to-date
  • Passwords – Change default passwords, enforce complex passwords and Multi Factor Authentication tied into a Privileged Access Management methodology
  • People – Train people to be your first line of defence rather than the weak link in the chain. If you make it easy for humans to do the right thing, they will almost always do it.

After that implement:

  • A good Asset and Vulnerability Management program to understand what you have and where you’re exposed.
  • The ACSC Essential Eight Maturity Model as the basic standard in cyber security
  • A quality detection methodology and tooling (hint Mitre ATT&CK).
  • Tested processes which enable your organisation to effectively respond to events and incidents.

Finally – always use an expert. The cyber universe is hard to keep up with and businesses should be focused on making their businesses run profitably. We provide the backbone and peace of mind to ensure they’re trading securely for the long term. Compared to the cost of a breach, it’s a no brainer.

img