April 30, 2007
Thank you for agreeing to the interview Dan, how did you get into the information security field?
Well, I'm a 15 year veteran of IT Operations here in New England. I work for a large consulting and engineering company based outside of Boston. After managing IT Operations for a number of years, and showing a sustained interest in security, I was promoted to an Information Security Specialist role. The challenge that I am faced with is to establish the first formal information security program for my company.
Over the past several years security has become increasingly important to our clients. Consequently, our level of commitment to security has a direct impact on our ability to achieve business goals and to sustain profitable growth. The SANS Security Leadership Essentials For Managers course provided me with the knowledge required to be effective in meeting this challenge. It was exactly what I needed to bring the big picture clearly into focus!
What about training and certification?
With regard to my training history, I have attended many classes and earned numerous certifications during my career. Current certifications that I hold include:
- GIAC Security Leadership Certification (GSLC)
- GIAC Security Essentials Certification (GSEC-GOLD)
- Certified Information Systems Security Professional (CISSP)
- Certified Software Manager (CSM)
Certifications that I have also attained include:
- Cisco Certified Network Professional (CCNP)
- Microsoft Certified Systems Engineer (MCSE)
- Certified Banyan Engineer (CBE)
- Certified Novell Engineer (CNE)
So, the fifty thousand dollar question is Dan, does certification matter?
I am firmly convinced that certification matters! As an employee, achieving certification provides me with a sense of accomplishment and an opportunity to demonstrate mastery of the material. I have learned that the anticipation of an impending exam can be a most effective motivator. I have also found that training and certification serve to broaden my awareness of industry best practices. Being exposed to new ideas and methodologies prevents me from becoming too parochial and allows me to maximize my value to the organization.
As a manager, I have always tried to emphasize the training and development of our employees. Fortunately, this is a value that my employer shares. Our organization is committed to promoting a learning culture. We have demonstrated that by making a sustained investment in our employees, we can increase their engagement and maximize their performance. When an employee takes that next step and pursues certification, it just amplifies the benefit and instills them with a sense of professional pride.
However, I believe the primary advantage of certification is that it can provide a tangible financial benefit to our organization. When we can demonstrate our expertise by identifying the various certifications that our IT team possesses, it can serve to build confidence in our capabilities and to distinguish us from the competition. This can result in a substantial contribution to the bottom line.
What do you see as the biggest challenge you will be facing with respect to information security in the next year or two?
Currently we are experiencing rapid growth, both organically and through mergers and acquisitions. The challenge of initiating a framework for information security while simultaneously integrating new acquisitions is likely to keep all of us very busy!
What do you envision yourself doing in two to five years, can you describe what you feel is the ideal job situation for you?
I am fascinated with the challenges of International IT Governance. Our business is impacted by numerous regulations, some of which have overlapping security requirements. I would like to drive the adoption of an IT Governance Framework that consolidates these requirements in order to leverage our IT investments.
Can you tell us something about the person Dan Rathbun is, tell us something about your life?
On a personal note I am a Christian, and an itinerant preacher ministering the word of God throughout New England. My wife Carol and I love and enjoy our six year old twins, Jonathan and Rachel. I also play keyboards in a rock band named Covenant. We released our first CD entitled "Loose Cannon" in 2006! It is a fun project, and it affords me an opportunity to collaborate with some very talented people.