If the U.S. military awarded a decoration for ethical hacking, Army Col. Gregory Conti would wear it proudly on his uniform.
"Yeah, I consider myself a hacker," Conti, director of the Army Cyber Institute, a cybersecurity research center based at West Point, says in an interview with Information Security Media Group. "I think it's a skill, a strength of our country. It's critical to our success. Silicon Valley is filled with hackers. That's part of our innovative engine that drives the country."
Hacking has gotten a bad name because of cybercriminal activity, but Conti says he identifies with the definition of a hacker as someone who's just interested in the "playful aspects of learning about technology ... The idea of exploring technology, pushing ways that the designers didn't intend, and doing cool and innovative things with it."
Learning is at the core of Conti's essence, whether self-taught as a hacker or formally educated at the U.S. Military Academy and Georgia Institute of Technology, where he earned a Ph.D. in computer science. "You can certainly learn on your own," he says. "... Frankly, it's been my calling in life and I realize I want to learn more."
Conti earned the Ph.D., in part, so he could teach at the college level; he's on the faculty at West Point. But pursuing graduate work provides more than earning the chance to get a tenured position at a university.
"What a Ph.D. does beyond giving you more depth in a specific area [is] give you the kind of classic skill you get from research, how to conduct research that is novel, that advances human knowledge and then how to characterize and share that in way that's useful to the scientific community." Conti says. "Along the way, I also learned how to take those results and share them with the broader hacker community and with the broader public, do interesting work that advances human knowledge and identify important problems because life is short, right?
"You don't want to spend your whole time working on problems that have been solved before, you know, rediscovering fire. ... It gives you more rigor, this framework, and it gives you credentials that open certain doors and certain contacts, like peers. It pushes you in interesting developmental ways."
As part of ISMG's series of careers' interviews with leading information security, risk management and privacy practitioners and thought-leaders, Conti discusses:
- His role as director of the Army Cyber Institute;
- Why he remains in the military rather than pursue a more lucrative career in the private sector; and
- Why individuals thinking of pursuing a career in cybersecurity should consider joining the military.
Conti, who also earned a master's degree in computer science at Johns Hopkins University, is an associate professor of computer science at West Point. A former military intelligence officer, he served in the Persian Gulf and Iraq wars as well as at the U.S. Cyber Command, where he produced a training course on cyberwarfare. Conti has written two books: Googling Security and Security Data Virtualization. In 2009, he co-authored an article proposing the creation of a cyberwarfare branch on par with the Air Force, Army and Navy.