From Military Operator to Head of Cyber Threat Intelligence: Gary's story

Gary Ruddell is now the Regional Head of Cyber Threat Intelligence at a global financial organization, but he didn’t always work in cybersecurity.

Starting off as a communications specialist in the UK’s Royal Navy who then progressed to military intelligence, Gary left the military in 2013 and has since worked as a Security Operations Center consultant, Senior Risk Analyst, and Threat Intelligence specialist. 

Fun facts about Gary Favorite movies: The Prestige, Blade Runner, and Interstellar. Favorite games: Metal Gear Solid, Splinter Cell, and Uncharted. Favorite tech: My Ubiquiti networking gear, the Apple ecosystem, Playstation VR, and Leica Q2 camera. Hobbies: Photography and writing.

What drove your interest in cybersecurity while working in the military?

I’ve always been interested in hacking as a kid. I remember watching the movie Hackers with Jonny Lee Miller and Angelina Jolie. Great film! Those scenes have stuck with me since childhood. (When I started actually working in cybersecurity, I quickly realized that real-world hacking will often take days, not the few minutes or hours depicted in movies!). 

As I prepared to leave my military intelligence role in 2013, I heard that some units were working on cybersecurity at a very basic level (i.e., tinkering with Kali Linux on a few computers nothing compared to the military cybersecurity operations we have today), that revived my interest in the topic; it was something interesting and technical that offered plenty of new skills to learn. 

 

Tell us about your background as a Military Intelligence Operator. Did it help your cybersecurity career?

The life of an intelligence operator is all about collecting information and turning it into intelligence so that decision-makers can make critical choices. Where in the world you do it, and with what tools, is what makes it interesting. 

I spent time carrying out operations in the Middle East, on the front lines embedded with some of the UK’s sharpest military units. We used classified systems and techniques to gather information on high-value targets so that they could be detained. I can’t really share specific examples as I’m bound by the Official Secrets Act and would need government clearance to do so. However, I can say that when all the intel comes together, it’s an incredibly rewarding experience. (The movie Zero Dark Thirty does a great job of depicting this!)

Having a military background helps because it cultivates qualities and attitudes that you need to succeed in cybersecurity: 

• Discipline

• Camaraderie 

• Continuous learning 

Everyone, regardless of whether they’re in cyber or not, would benefit greatly from internalizing and executing those three things. 

Discipline, for example, was critical during my early years of studying cybersecurity. I’d spend most evenings learning and practicing until 2 AM after a full day’s work. I’d take some nights off, but that intense focus and work helped me get up to speed and overcome my lack of IT/cybersecurity experience. 

Is working in military cybersecurity different from corporate cybersecurity?

In the military, security is the mission. And everyone around you is very focused on achieving it. In the corporate world, the mission is usually profit or value; so security plays more of a supportive or additional role as opposed to being the ultimate objective.

What was your biggest frustration when starting to learn cybersecurity? 

Getting started! Finding resources on learning how to hack was actually a struggle back then. It was incredibly frustrating because I didn’t know anyone who was a hacker and I didn’t know where to look, as the pool of online learning and practical resources was so much smaller in 2013. Eventually, I stumbled across some basic YouTube tutorials on Kali Linux and things like Hack This Site, which provided much-needed direction and instruction. 

My wife was also incredibly encouraging while I concentrated on learning. She helped me persist even though she had no idea that my late-night sessions burning the candle at both ends would turn into the rewarding career it’s become. I’m extremely grateful for her support.

You passed OSCP on the first attempt. Do you have any advice for others who plan to sit the exam?

I have a guide on passing OSCP for the first time and Hack The Box (HTB) is instrumental to the process. I cracked TJ Null’s OSCP playlist and dozens of other boxes. Then, to test myself, I tried to pop 5 machines in 24 hours on Hack The Box (because that replicates what you have to do during the OSCP exam). 

Before sitting the exam, I spent almost an entire year popping shells on Hack The Box and built up a skillset and methodology based on IppSec’s videos. He does an excellent job of showing his approach to enumeration and isn't afraid to leave in the bits that go wrong in his videos. You get to observe his thinking process as he's trying to fix or research something - which is great for learning. 

It was a memorable experience as I found Hack The Box’s lab environment more fun and friendlier than other lab platforms. The community was (and still is) eager to help, and the forums are still an effective resource for picking up extra tips and tricks.

You don’t have a degree, but you’ve still developed a career in cybersecurity threat intelligence, talk us through that.

A degree is proof of learning; not proof of experience. I joined the military straight out of school and brought my military intelligence experience to my cyber roles. If I were going to school these days, I’d definitely do a cyber degree, but 18 years ago, no one was teaching ethical hacking in universities. Times have changed, thankfully!

What does a day in the life of a Cyber Threat Intelligence specialist look like?

• Checking incoming intelligence feeds for partner organizations and comparing that to our internal data. 

• Keeping up with open and closed-source reporting (a fancy way of saying “reading the news and private emails”). 

• Meetings with security vendors to discuss new threats they see and new features in their tools. 

• Authoring reports that inform businesses about emerging threats. 

Advice for people interested in learning cybersecurity?

Start today, not tomorrow. If you’re starting from zero like I was, I’d suggest giving yourself roughly 18 months to learn all the material you need to know.

I built up my foundational knowledge through CompTIA’s Security+, but the HTB Academy is awesome too. Don’t skip the non-hacking material. This means making sure that you understand: the importance of hardware, how networks work, and how the Internet works all before you even approach offensive security. 

I’d honestly recommend Hack The Box both for beginners and advanced users. I’m not being paid or compensated to say that, it’s just the fact that the practical tools and theoretical training help you get good quickly and develop a job-ready skillset. 

If you’re looking to transition into cybersecurity from a military career, plan your exit early as possible - leaving the (UK) military can take a full year due to notice periods. Toning down or dropping the military persona will also help. This means learning to talk like a civilian and avoiding military language in your CV/resume. 

It’s hard at first, but it’ll make the transition to civilian life much simpler. For those that struggle with the shift, my advice is to make friends with civilian people and get the hang of that culture as you're leaving the military.

Finally, as you set goals for the career you want to pursue, know that cybersecurity doesn’t just mean hacking or penetration testing. There are many other rewarding cybersecurity roles and specialties like: 

• Vulnerability management

• Attack surface reduction

• Governance risk and control

• Security operations 

• Incident response

• Forensic analysis

• Auditing 

Author bio: Hassan Ud-deen (hassassin), Content Marketing Manager, Hack The Box Hassan Ud-deen is the Content Marketing Manager at Hack The Box. Combining thought leadership and SEO to fuel demand generation is his jam. Hassan's also fascinated by cybersecurity, enjoys interviewing tech professionals, and when the mood strikes him occasionally tinkers within a Linux terminal in a dark room with his (HTB) hoodie on. #noob. Feel free to connect with him on LinkedIn.