Cloud Security September 14, 2023
By Mark Stone 3 min read

In today’s increasingly cloud-focused business environment, cloud security engineers are pivotal in protecting an organization’s critical data and infrastructure. As experts in cloud security, they leverage their expertise to ensure that the ever-expanding amount of cloud data is safe from emerging threats and vulnerabilities. Cloud security professionals combine their passion for technology with a deep understanding of security principles to design and implement robust cloud security strategies.

What experience do these security experts have, and what led them to the field? What advice do they have for individuals looking for a career in cloud security?

In this exclusive Q&A, we spoke with Dave Hatter, a cloud security expert with 30 years of experience in IT as a software engineer, cybersecurity consultant and small business owner. He has 18 years of experience as an educator teaching college-level programming and technology-related courses, primarily at Cincinnati State Community and Technical College. He currently serves as the Director of Business Growth at Intrust IT but is still actively engaged in cloud security functions for the company and its clients.

Did you go to college? What did you go to school for? What certifications did you obtain?

I went to Northern Kentucky University with a BS in Information Systems. I also have several certs including:

(ISC)² CISSP, 721411

(ISC)² CCSP, 721411

(ISC)² CSSLP, 721411

ISACA CISA, 232060690

ISACA CISM, 232156841

CompTIA Security+

CompTIA Network+

CompTIA i-Net+

Microsoft Azure Fundamentals (AZ-900)

Certified Microsoft Innovative Educator

EXIN; ITIL® Foundation Certificate in IT Service Management, 5347245.20393622

Project Management Institute; Project Management Professional (PMP), 1725230

Project Management Institute; Professional in Business Analysis (PBA), 1884913

Project Management Institute; Agile Certified Practitioner (ACP), 1914263

Project Management Institute; Disciplined Agilist

Scrum.org; Professional Scrum Master 1 (PSM)

Scrum.org; Professional Scrum Developer 1 (PSD)

Lean Six Sigma Yellow Belt (LSSYB): GreyCampus, 481211858122

CompTIA e-Biz+

CompTIA Project+

What was your first role in IT?

Programmer.

If it wasn’t in security, what pushed you to pursue security?

Seeing that our society is increasingly dependent on digital technology, evermore devices are now “smart” (and most are a privacy and security dumpster fire), software security is not taught in college and that people and businesses are increasingly impacted by devastating cyberattacks. I wanted to help defend against this onslaught.

What is the most valuable skill you learned in your role?

Active listening and communications. In particular, how to speak to business people about technology in language they can understand and act on.

What soft skills do you think make a person successful in cybersecurity?

Communication – Being able [to] understand business concepts and explain technology concepts to business people is critical to help them understand the risks and take action.

Active listening – You must be able to listen carefully and demonstrate understanding of what you’re being told.

Empathy – You need to be able to put yourself in your client’s and (in some cases) the victim’s shoes.

Critical thinking – You need to be able to think logically about threats, risks and solutions.

Attention to detail – A small mistake can have devastating consequences.

Curiosity – A natural curiosity will go a long way in a field that is rapidly and constantly changing. There are always new technologies, tools and threats.

Continuous improvement – This is a field that is constantly changing, and as society increasingly depends on technology, it will become increasingly important to secure it.

Lifelong learning –  You will need to learn new things constantly as the threat landscape changes.

Any parting thoughts or final piece of advice to someone looking into your type of role?

There is an amazing amount of opportunity to make an impact protecting society from increasingly dangerous cyberattacks. Learn as much as you can about (computer) networking and take advantage of the plethora of free and low-cost resources available to get the knowledge and skills you need to succeed in cybersecurity. Certifications can be helpful, both to build knowledge and gain credibility. Entry-level folks should check out the CompTIA Security+ and/or the (ISC)2 Certified In Cybersecurity (CC) certifications.

Free training for security persons

 |  |  |  | 
Mark Stone

More from Cloud Security
September 13, 2023

“Authorized” to break in: Adversaries use valid credentials to compromise cloud environments

4 min read - Overprivileged plaintext credentials left on display in 33% of X-Force adversary simulations Adversaries are constantly seeking to improve their productivity margins, but new data from IBM X-Force suggests they aren’t exclusively leaning on sophistication to do so. Simple yet reliable tactics that offer ease of use and often direct access to privileged environments are still heavily relied upon. Today X-Force released the 2023 Cloud Threat Landscape Report, detailing common trends and top threats observed against cloud environments over the past…

August 24, 2023

Lessons learned from the Microsoft Cloud breach

3 min read - In early July, the news broke that threat actors in China used a Microsoft security flaw to execute highly targeted and sophisticated espionage against dozens of entities. Victims included the U.S. Commerce Secretary, several U.S. State Department officials and other organizations not yet publicly named. Officials and researchers alike are concerned that Microsoft products were again used to pull off an intelligence coup, such as during the SolarWinds incident. In the wake of the breach, the Department of Homeland Security…

August 18, 2023

What you need to know about protecting your data across the hybrid cloud

6 min read - The adoption of hybrid cloud environments driving business operations has become an ever-increasing trend for organizations. The hybrid cloud combines the best of both worlds, offering the flexibility of public cloud services and the security of private on-premises infrastructure. We also see an explosion of SaaS platforms and applications, such as Salesforce or Slack, where users input data, send and download files and access data stored with cloud providers. However, with this fusion of cloud resources, the risk of data…

July 18, 2023

Cloud security in the era of artificial intelligence

3 min read - AI and machine learning (ML) have revolutionized cloud computing, enhancing efficiency, scalability and performance. They contribute to improved operations through predictive analytics, anomaly detection and automation. However, the growing ubiquity and accessibility of AI also expose cloud computing to a broader range of security risks. Broader access to AI tools has increased the threat of adversarial attacks leveraging AI. Knowledgeable adversaries can exploit ML models through evasion, poisoning or model inversion attacks to generate misleading or incorrect information. With AI…

© 2023 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature