Faculty Recognition and Interview with Bob Thompson – Center for Cybersecurity Innovation

Faculty Recognition – Interview with Bob Thompson

Faculty Recognition – Interview with Bob Thompson

A 20-year navy veteran, Robert “Bob” Thompson has over 35 years working in both the private and public sectors. Bob is currently the Information Systems Security Manager (ISSM) for the Montana State University Applied Research Laboratory (MSU ARL). Previous Bob worked at Naval Undersea Warfare Center Keyport as the senior systems administrator for the Pacific Northwest Range Complex. He was responsible for the at-rest and in-transit security of data from many sensors and probes located up and down the Pacific coast. Before working at Keyport, Bob was a system administrator in both the healthcare and financial sectors. In addition, Bob is a subject matter expert in Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and the migration of legacy non-networked systems to a share (cloud) environment. Bob’s experience in both the private and public sectors gives him unique insight into the skill sets necessary to succeed in today’s cybersecurity environment. Bob holds a master’s degree in Information Security from City University.

Morgan: Bob, congratulation on your new position. Thank you for agreeing to be interviewed for the STC Thursday Byte. Let’s start by telling us about your career path that brought you to where you are today.

Bob: I have always enjoyed working on computers. My very first computer was a Commodore Vic20. When I joined the Navy in 1984, I was a computer technician. When I left the Navy in 2004, I had my bachelor’s degree from City University in Information Systems with an emphasis on Networking and Telecommunications. As I started working in private industry, I soon realized that the networking and telecommunications arena was well populated. I quickly learned that if I want to advance to higher-paying positions, I would need to know about this new area called Cybersecurity. I started by taking the online course and training offered by the Department of Defense in Cybersecurity. When an assignment came up, that would require applying STIGS and other security guidelines, I volunteered for them. I also start participating in the various DoD communities that write and develop the STIGs to increase my understanding of the process. Finally, in 2016 I was given the opportunity to get a Master’s Degree in Cybersecurity from City University. The coursework opened my eyes to cybersecurity implementation outside the DoD. I started looking at how to combine the best practices from both industry and DoD into a cybersecurity program. I believe this experience qualified me for my present position as the ISSM at MSU ARL.

Morgan: What’s one thing you wish you had known when you began your career?

Bob: It is okay to ask questions! Early in my career, I had the misconception that I had to know it all. Cybersecurity is too broad of a field for one person to know it all. Don’t be afraid to ask others how they would solve an issue!

Morgan: How do you continue to learn in order to stay on top of things within your current role/area of expertise?

Bob: I subscribe to various podcasts, and other industry news feeds.

Morgan: What are some of the things you’re researching and/or learning right now?

Bob: I am studying for the Certified Information Security Manager (CISM) exam.

Morgan: We hear about success, but I think it is more powerful for our readers to hear you talk about your biggest failure (which I prefer to call the biggest lesson); can you tell us about your ‘biggest lesson’, and what you learned from it?

Bob: I got fired once for what I was told was “irreconcilable differences” between the manager and me during my probation period.The manager never informed me that we had differences. For some reason, the manager decided that he didn’t like me and let me go. What I learned from this is that it is OKAY to fail. I used the opportunity to apply for a job outside my area of expertise. They hired me. I learned way more about cybersecurity concepts and applications than I ever would have in the position that didn’t work out.

Morgan: What advice would you give someone wanting to pursue a career similar to yours?

Bob: Specialize but be able to diversify. By that, I mean, specialize in one or two areas of the cybersecurity arena but learn to diversify that knowledge across a wide sector of problems.

Morgan: Great advice! What are the best resources that have helped you along the way?

Bob: I have listened to the Security Now Podcast for many years. Recently I have added the podcast called Command_Line heroes from RedHat to my must listen to list.

Morgan: What is the one common myth about your profession or field that you want to debunk?

Bob: That a college degree or certification = experience. They don’t. The things learned in the textbook are just that textbook. Rarely do textbook solutions work in the real world.

Morgan: What have you read or listened to recently that inspired you?

Bob: SecurityNow episode 834, Life: Hanging by a PIN, was right after the latest T-Mobile breach. I realized how much of my life was tied to my cellphone and the PIN used to unlock it.

Morgan: Where can our students connect with you online?

Bob: Microsoft Teams or email is the best way to contact me.

Morgan: Thank you for taking the time to be interviewed. The very best in your new position with MSU’s Applied Research. I am delighted you will continue to share your expertise with CityU STC students.