Giannis Tziakouris had a problem growing up: He kept breaking his PC.
He loved experimenting on his family’s home computer, but things didn’t always go as planned. That’s when his dad told him he had to learn how to fix the PC and get it back up and running, or he’d revoke Giannis’ computer access.
Giannis took up the challenge and decided to lean into his information technology education. While he was still in high school, he started taking Cisco CCNA exams and eventually enrolled at the University of Birmingham in the U.K., receiving a master’s and Ph.D. in computer security.
Now, he spends every day helping others fix their computers on certainly a larger level than his home PC. As a senior incident responder, Giannis helps Cisco Talos Incident Response customers secure and respond to security incidents across the world.
This ranges from planning proactive services such as Cyber Range trainings and tabletop exercises, to responding to active cyber-attacks. He is currently based in the United Arab Emirates supporting customers globally after spending several years assisting customers in the Asia-Pacific region out of Singapore.
Giannis said he most enjoys delivering Threat Hunting service to customers, during which he practices networking, disk and memory forensics to identify threats in their environment.
“It’s exciting because we can see various TTPs being leveraged in different environments, even some zero-day threats,” he said.
Prior to working in incident response, Giannis was in one of the few roles that could be considered more high-stakes than emergency IR, working with the International Criminal Police Organization (Interpol) as a lead digital crime analyst.
He helped with active investigations into criminal enterprises with Interpol member countries involving illegal firearms trades and narcotics sales, as well as crimes against vulnerable communities. He used his cybersecurity background to lead darknet and cryptocurrency-related investigations to track and profile bad actors.
With Interpol, Giannis said he learned that he enjoyed working under pressure and taking on new challenges every day, which is what eventually attracted him to incident response.
“[With Talos IR], there are no two days that are the same,” he said. “You are not working with specific tools or people. We’re playing with different technologies, and it’s extremely challenging.”
As Brad Garnett, Giannis’ team leader, stated several times, incident response requires teamwork and soft people skills along with the technical and cybersecurity knowledge necessary to be successful in the field. While Giannis acquired his technical skills through his education, he developed his soft skills as he started as a university teaching assistant and then at Interpol.
“Cybercrime is global — it knows no boundaries,” he said. “For some techies, communication can be a challenge in a business environment. As part of Interpol, I dealt with stakeholders from a diverse set of cultures and countries. It’s similar at Talos where we need to communicate with various global stakeholders to efficiently solve urgent issues at hand.”
Regardless of the geographic area where the customer comes from, Giannis said most organizations have similar security concerns. Most defenders are still asking many questions about ransomware, info-stealers and state-sponsored actors, he said, and more recently there’s a rising interest in how defenders and network managers can use AI tools to simplify their operations.
Outside of his day-to-day duties with IR, Giannis says he’s even working on an AI tool that can assist defenders to perform more accurate detections in security operation centers.
For him, Giannis said it’s the people that really make or break any security operation, and he urges teamwork and trust among all the customers he works with. Talos IR exemplifies this too, he said, by building a team that works well together and leaves room for a flexible work schedule and time to unwind in a business that has historically led to employee burnout. In his free time, Giannis likes to scuba dive because “it’s extremely peaceful when you’re down there.”
“An organization is nothing more than your employees,” he said. “I have amazing colleagues whom I enjoy working with and learning from, as well. If you don’t have that, it can be very tough [in incident response].”
If your organization would like to work with Giannis or one of his fellow Talos IR team members, you can reach out to them here. Talos Incident Response offers a range of proactive services for security teams, including hands-on tabletop exercises, a state-of-the-art cyber range for training and much more.
from Cisco Talos Blog https://bit.ly/3Up721Z