CIS Benchmark Community Spotlight: Martin White

Martin-White-CIS-Benchmarks-Community-VolunteerThe Center for Internet Security (CIS) is proud to bring together so many of the world’s best IT security professionals in our community of volunteers. If you’re already involved in the CIS Benchmarks Community, thank you! If you haven’t yet become a volunteer, please do so today.

By contributing their expertise and goodwill, each volunteer helps make the cyber world a safer place. One such volunteer is Martin White, director, consultant, and instructor at aUseful.com Ltd. in the United Kingdom. He has an extensive background in Network Security.

Please share a little about yourself.

I’m from the U.K, and currently living in South Wales, not far from Cardiff.

How long have you been in the CIS Benchmarks Community?

Around 14 years.

Why did you decide to join the CIS Benchmarks Community?

I found the CIS Benchmarks useful for securing my networks and hosts. I wanted to contribute and to be part of the discussion in shaping those standards for the future.

What is your role in the CIS Benchmarks Community?

I’m an Editor/Author of the CIS Juniper Junos Benchmarks. I have also contributed to several others in a minor way over the years. I did beta testing on the original CIS-CAT tools.

How did you get into cybersecurity?

It was a natural evolution from working on help desk teams, to network operations center roles, and on to supporting data center and ISP networks. It became second nature to consider that my networks would be attacked, and there seemed to be a lack of serious consideration being given at that time to their defense. So, I gradually specialized more and more in the security side. Being a contractor has allowed me to keep my hand in the connectivity part of the picture too.

What is one thing you would tell folks about the CIS Benchmarks Community?

Don’t be afraid to get involved, to ask questions, or to highlight things you think are wrong. You do not have to be a 10-year veteran who can read RFCs backwards while balancing on your head to have a valid insight, and to make a genuine contribution to the security of the wider internet community.

What are your favorite cybersecurity blogs, podcasts, or books?

I always try to listen to DarkNet Diaries (@DarknetDiaries on Twitter) and Risky Biz (@riskybusiness). I regularly read blogs from Troy Hunt (@troyhunt), Scott Helme (@Scott_Helme), and The Antisocial Engineer (@antisocial_eng). On the Juniper side, I often read blogs and posts from Fry Guy (@fryguy_pa) and Mom can fix anything (Yasmin Lara – @YLara1).

I am currently reading Sandworm by Andy Greenberg, and loving it.

Share some information on the latest community project you’ve contributed to.

Right now, I am working on updating the CIS Juniper Junos Benchmark. The community is hoping to get version 2.1.0 published later this year, and then start to incorporate platform specific recommendations for SRX, MX, QFX, and so on. So, if you are a Junos fan or netgeek in general, please do come and review the changes!

Thank you Martin!