GIAC IT Security Certification Hero

GIAC Heroes in Action

As in every war throughout history, battles and wars are won because of the hard work and dedication of many 'unsung heroes'. We know that is true in today's cyber warfare battles. As such and with your help, we have decided to begin introducing you to a few of the GIAC Cyber Heroes. Our hope is that we can provide a forum to share some of the great things our GIAC Alumni are doing and to share some best practices within the community.

The GIAC IT Security Certification Hero recognizes GIAC certification holders that have made a substantial improvement in the security in their organization, whose certification has had an impact on their career or has resulted in a contribution to the information security community.

GIAC will announce the Hero Newsbites and on the GIAC and SANS websites. The hero will receive a free SANS On Demand course and the associated GIAC certification. A grand prize of a free SANS Conference course and its associated GIAC certification will be awarded at the end of each year. If you would like to submit someone you know for GIAC IT Security Certification Hero, you may fill out a nomination form.

GIAC IT Security Certification Hero for June 2008 - Joe Bagdon GSEC, GCIH with IBM

Professional Information:

Joe entered the IT security field in 1992 as a Customer Engineer with IBM. After several years with IBM, Joe decided to join the Air Force. It was here that he really became security conscious. Having to think about security in all aspects of his life, Joe became even more eager to expand his IT security knowledge.

In the Air Force, Joe served as an Intelligence Analyst for the 39th Information Operations Squadron (IOS) at Hulburt Field in Florida. As Joe.s military career progressed, the Air Force learned of his IT Security skills, including his .mad Linux abilities. and asked him to help set up the Undergraduate Network Warfare Training course at Hulburt. Joe served in the Air Force until May of 2008 when he retired and rejoined IBM as an IT Security Specialist in Boulder, Colorado.

How has Joe's GIAC certification reinforced and affirmed the hands-on knowledge he possesses?

Being involved in curriculum development himself, Joe is a firm believer in the value of hands-on training. Preparing for his GIAC certifications through SANS training and the GIAC Practice Tests lead Joe to the realization that using hands-on exercises really does help you learn and retain the skills and knowledge you were taught.

What challenge has Joe faced and successfully overcome due to the knowledge his GIAC certification provided?

At the 39 IOS, Joe created and presented the Network Attack Curriculum including DoD presentation and adversary hacker methods. Joe also designed Network Attack scenarios that were designed to give the students a thorough understanding of how a network is penetrated. He designed and built a Network Attack Simulator (simulated network for attack training) as well as a stand-alone Network Attack Test Appliance that was created to individually test each student.s understanding of the materials covered in the Network Attack block through hands-on scenarios.

This simulator is a laptop that has a network of 4 hosts (including a few vulnerable services) behind a Linux firewall that the student can attack from the host operating system. The student sits down in front of the system and is told what their IP Address is and the address of the network they are to attack. The simulator is built utilizing Linux as the host operating system and VMware (with some additional tweaks so the student can't directly access the internal network without going through the firewall). The simulator is a standalone network in a box. No cat-5 connection needed. Each student can demonstrate the initial penetration into the network, backdoor placement and even a pivot into an adjacent host.

"It was difficult to take a guy who is so used to thinking defensively and teaching him to think outside the box, so to speak," says Joe. "It was hard for some of them to be on the offensive side, but it was a real eye-opener when they got it."

Joe was responsible for helping train 320 airmen at the 39th IOS in Network Warfare and Information Warfare before he retired.

Which GIAC certification has contributed to Joes's success in his current position?

"I would have to say that the GCIH certification has helped me out the most in my current position. The training has helped me to rapidly identify gaps in network security, identify systems that have been compromised and assist others in handling the incident that the compromise creates. If it wasn't for the training and certification I received, I wouldn't be so successful today. It's that simple!"

How has Joe's GIAC certification benefitted his current employer?

Joe Bagdon is an outstanding Network Warrior. He was instrumental in the creation of the Air Forces first cyber warfare training course. The Undergraduate Network Warfare Training (UNWT) Course -- an intense 10 week, hands-on experience covering many different network types.

Joe was the senior mission simulator architect and a thought leader for the UNWT. His insight, talent, and contributions have had a tremendous positive impact on our future Air Force Cyber Warriors!

Joe, thanks for all your help in creating the UNWT and congratulations on this award. Well deserved!

Scott R. 'Skip' Runyan, GG-13, DAF
NW Ops Training, CISSP, GSEC
39th Information Operations Squadron

Joe is truly a GIAC IT Security Certification Hero in action!!

If you would like to submit someone you know for a GIAC Hero, you may fill out a nomination form.