Alan White received a B.S. degree in computer science from URI in 1998 and his M.S. degree in computer systems management in 2005 from the University of Maryland’s University College. He currently is the Security Consulting Managing Director at Dell SecureWorks.
FMC: Alan, why did you major in computer science?
AW: Actually, I switched from being a mathematics major because of some of the first computer science courses that I had enrolled, I found were much more intriguing and I had always enjoyed computers.
FMC: How did you become interested in security, and how did you become an expert in this area?
AW: My first exposure to security was when I was rebuilding the University’s Computer Science Lab and was learning how to establish user profiles and permissions. From there my military experience exposed me to security concepts and requirements for classified and unclassified networks. When I left active duty to join the Army National Guard two areas really promoted my interest in security. The first was joining a computer emergency response team in the Guard, and the second was taking a role at the University of Rhode Island, which eventually lead to the position of Information Security Architect. Both roles were mutually beneficial and increased my expertise in the information security field.
FMC: What did you do right after receiving your B.S. degree from URI?
AW: After college, I volunteered to serve overseas; that resulted in my assignment to the US Army Special Forces in Okinawa, Japan as a Detachment Commander. I was responsible for a 24 x 7 x 365 communication and messaging center, where secure communication was a critical component of my role and responsibilities.
FMC: How did you become the Information Security Architect at URI? What did you do in that position?
AW: When I left active duty, I entered the RI Amy National Guard, where my first weekend meeting was the ribbon cutting ceremony of the102 Information Warfare Squadron. I was asked to build a relationship with this unit as the newly appointed leader of a Computer Emergency Response Team. That exposure and training was quickly put to use as I had started my role at the University of Rhode Island managing the IT infrastructure for one of the colleges. Let’s just say I was able to learn from a lot the security challenges in a University environment. From there I built a reputation among the URI IT staff as having the capabilities to respond to malware outbreaks and security needs. I actually built the first Anti-Virus and Security pages at URI, and deployed the first Firewalls and Intrusion Detection campus wide—somewhat ahead of the normal academic environment.
FMC: Why did you leave URI?
AW: I had major aspirations to take on larger and larger University IT initiatives. At the same time, private industry was and still is anxious for security expertise, and I decided to pursue larger security challenges and opportunities found in industry.
FMC: How did you get your current position, and what are your responsibilities?
AW: Another URI Graduate and good friend started working at SecureWorks about two years before I came aboard and emphasized the need for security consultants in the private sector. This resulted in an opportunity too good to pass—but it was a tough decision to leave URI, friends, and a supportive community. Initially, I joined the team to lead the incident response and forensic practice. As I grew in that role and established a mature capability, I was then asked to take on additional services and eventually the entire security and risk consulting services practice.
Today, I lead a security risk and compliance consulting practice and team for North America, covering four major areas: Information Security, Compliance, Incident Response, and Critical Infrastructure Protection. I provide trusted thought leadership and IT risk management from Silicon Valley in California to the Financial District of Manhattan, NY.
FMC: Did your college education adequately prepare you for your career?
AW: Absolutely! Computer Science provided me the foundations to understand how things could and should work. A great skill to have in information technology and information security is to be cautiously inquisitive about how things work or should work and, just as importantly, how things were not intended to work.
FMC: How hard do you work? Does your work leave you with enough time to enjoy life?
AW: The easy answer, this is not a 40-hour-a-week role. You do have to be prepared to put in longer hours, however, you learn that when you step away from the computer, email, and phone calls, you maximize that time with family and friends.
FMC: Can you give some advice to our current students?
AW: Be passionate about your field, as it makes it easier to increase your expertise! Computer security can be a very quick learning ramp, if you treat it like a skilled art that you continuously work at to enhance.