Mark still finds information security as fun as the first day he discovered it, and feels that learning about information security should be fun too. “I really want the students to enjoy their classroom experience and look forward to learning skills that will make them more effective information security professionals,” he says. And Mark stays busy in the SANS classroom teaching SEC573: Automating Information Security with Python; SEC560: Network Penetration Testing and Ethical Hacking; SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling; and The Essentials of Automating Information Security with Python.
As an instructor, Mark’s enjoyment of information security is infectious and his favorite moments are when students solve complex problems they thought were beyond their capability at the beginning of the week. “When students learn how to code and how to apply it to their day jobs it changes their lives forever,” he says.
“It is my goal to meet the student where his or her current skill level is and move them forward,” says Mark, noting that his most successful students are those who are honest about where their skills are and willing to put in the work to improve. “I'll promise to give them the resources and assistance they need in a way that is both entertaining and judgement-free.”
Mark recalls a recent interaction with an SEC573 student that demonstrates the growth potential SANS courses provide. “A student came up to me in class and shared that he had taken 4 years of college courses and 4 months of military training, and he hated programming and really wasn't looking forward to sitting in SEC573 for a week with me,” recalls Mark. “But after only four days I had changed his mind about programming. It was fun! He was enjoying the challenges instead of dreading them and said he’d learned more about how to actually use his skills in real world scenarios in 4 days than in all those years of prior training.”
Mark sees information security as the evolution of information technology challenges, moving from making computers do what they’re supposed to do to getting computers to do what they aren’t supposed to do. Something that requires constant learning. “Hacker techniques are constantly changing and in a few cases evolving. When I stop learning, I stop being effective,” says Mark.
One of Mark’s most challenging and fulfilling roles was working as the chief information security officer for a midsized media company. “I've always been committed to maintaining a high level of technical proficiency and expertise. Being able to use that in an executive position while leading a talented team, educating my peers on the board, setting strategy, and working to secure the organization was extremely challenging but very fulfilling.”
Mark has a master's degree in information security engineering and is the 15th person in the world to receive the prestigious GIAC Security Expert certification (GSE). He also holds GPYC, GXPN, GPEN, GCIA, GCIH, GSEC, GWAPT, and GCPM certifications.
An active participant in the information security community, Mark is the founding president of The Greater Augusta Information Systems Security Association (ISSA) chapter which has been extremely successful in bringing networking and educational opportunities to Augusta information technology workers. He’s also co-founder of the BSidesAugusta Information Security Conference, and has written a number of articles on information security topics.