Matthew William Foure, Security Analyst at RRZK

IT and creativity - can they go together? According to our new Security Analyst Matthew William Foure, IT is full of creativity. He explains why that's the case in "For A Cookie With ...". He also reveals why his work sometimes feels like a wild jungle to him, and that IT security needs to be firmly integrated into everyone's daily lives.

Question 1: Tell us something about your IT-Experiences so far. Where did you already work, what did you study?

“I studied maths and computer science at the University of KwaZulu-Natal in Durban, South Africa. After that I worked in London for 15 years for a software-as-a-service provider.  I worked there with quite a few teams over the time. I led some of the working groups there. At some point I had a support team under me, then I led a group of analysts. At that time, I wasn’t specifically involved in security operations, so it’s obviously a little change for me working now as a part of a security team, learning new topics, but also new people. We had a quite different setup structure, different technology, but at the end of the day it’s all similar.  It’s just more about understanding the nuances and the small differences. And so I am glad to learn now from the very experienced colleagues here.”

Question 2: What exactly are your tasks at the RRZK?

“We currently have several smaller and larger projects that we are working on as a security team. As a security analyst, my tasks mainly include: the evaluation of security events, the analysis, writing reports, processing tickets (i.e. handling current requests).”

Question 3: What do you find exciting about your work?

“IT is always about solving a problem and in IT there are many different ways to do that. And I guess, you are always in a process of learning new ways or better ways of solving problems. It’s quite fun, it appeals to the side of me that wants to be creative, because you can be quite creative with IT, even if it doesn’t seem to be an incredibly creative topic. But you can be very creative with how you do things. I might not do something the same way that Mergim, my colleague, will do, but it doesn’t always mean that one way is better or worse than the other.”

Question 4: What would you say is the biggest challenge for the security team of the RRZK?

“One of the biggest challenges is that you have so many devices coming from outside, which you don’t really have control of. If you have a company with just a small number of laptops or devices, you can manage that. But here you can’t control what all students and other university groups with their own devices are doing. So you are very much on the backfoot to gaining control over everything. What we do is at least create some structure to counteract that. Well, it's pretty wild in the IT world (laughs). It reminds me a bit of my wild childhood in South Africa. But that's actually the case everywhere where an enormous number of external devices are managed, not just at the University of Cologne.”

Frage 5: What do you think has to change so that people pay more attention to IT security?

“I think we all have to be more aware of IT-security in everything we do. It’s about increasing the overall maturity and knowledge of IT Security topics. I’ve come from a background where security in general was a bit more a topic, not only in IT, but also in general life.  So I think awareness has to become a part of your life. It must be a part of everything you do. IT security has to become almost a habit, something that comes naturally, something you don’t have to think about.”