Ten tweets with David Litchfield

Database security expert David Litchfield gives us his perspective on database forensics, bad security movies and swimming with sharks in 140 characters or less

Each month I choose an industry leader, security executive or manager, or other noteworthy security name to answer ten questions on Twitter. This month, database security expert David Litchfield, currently a researcher working for Accuvant, gives us his responses to ten questions in 140 characters or less.

CSO @msjoanieg: Let's start with your origins in the industry. How did you get started in security?

David Litchfield @dlitchfield: I watched The Net with Sandra Bullock in '95 and was intrigued. I wanted to know more so switched from a zoology to CS degree.

@msjoanieg: So a Sandra Bullock movie inspired your career??

@dlitchfield: It did... Rewatching the film these days I cringe at the technical errors :)

@msjoanieg: Yes, that's definitely a movie that gets panned quite a bit by security folks! OK, what lead to the interest in database sec?

@dlitchfield: My area was buffer overflows. In 2003 I wrote a paper on defeating GS and SafeSEH. After that, I needed a new challenge.

@msjoanieg: Interesting. What would you point to as one of the most major changes in security since you first started in the profession?

@dlitchfield: Hmm. Probably Microsoft's improvement in security led by Trustworthy Computing and the Security Development Lifecycle.

@msjoanieg: And what excites you these days about being a security professional?

@dlitchfield: Database forensics. It's an area receiving very little attention but it's so important after a breach.

@msjoanieg: What’s your security philosophy? And how do you apply it to your daily work?

@dlitchfield: Minimize risk as best you can but be vigilant and prepared for when your defenses are breached.

@dlitchfield I realised in 2007 100% software security is not going to happen anytime soon so I switched from bug hunting to forensics.

@msjoanieg: A bit of internet research reveals you are also a photographer, and you like to photograph sharks. Why? Tell us more!

@dlitchfield: I love nature especially the sea and it’s my escape. It’s very humbling to confront a great white and look into its eyes.

@msjoanieg: Wow. Humbling, indeed! I also read you were once a UK track & field star. Compare that experience with working in security :)

@dlitchfield: Hmm. Both require hard work and dedication. A posterior cruciate ligament injury ended my T&F career; security is sedentary :)

@msjoanieg: Ha! Sedentary? Depends on the day, right? OK, complete this sentence: If I were't working in security, I would ______________

@dlitchfield: If I were't working in security, I would be working as a stunt double for Steve Backshall :)

@msjoanieg: Cool! I do see a resemblance. OK, thanks, David. We’ve gone through ten tweets. Pass the buck. Who should CSO tweeterview next?

@dlitchfield: Hmm - try @PortSwigger or @arnimarhardar

Cybersecurity market research: Top 15 statistics for 2017