Tetra Defense values a well-rounded approach when it comes to cybersecurity. Preparing for cyberattacks, strengthening defenses, and responding to incidents are all important separately, but they are far more effective when combined. To that effect, we learn from Richard McQuown, Director of Digital Forensics and Incident Response, as he describes how his military experience led him to Tetra.
“Don’t be afraid to be a small fish in a big pond. There’s a lot to learn and your teammates can make you better.”
What first piqued your interest in cybersecurity?
Computers weren’t widely available in schools when I was a student, but my high school actually had a few and we were encouraged to learn programming. One teacher in particular encouraged us to work on them after school. This definitely piqued my interest, but it was only the tip of the iceberg. At 18 years old after high school, I joined the military and maintained a sense of motivation and purpose in my work, which I still carry today. While in the Army, I went through specific training for repairing cryptography machines. Those machines were very similar to those first computers I worked on in high school, but the motivation in the military was what made my training really stick.
How did your career begin?
As an enlisted member, I learned how to fix post-Vietnam encryption machines. After finishing my Active Duty tour, I enlisted in the Wisconsin Army National Guard where I worked while attending college. I also graduated Officer Candidate School and became a commissioned officer and began to serve as a Military Intelligence Officer. I retired after 21 years of military service.
These experiences led me to the Milwaukee Police Department where I specialized in Digital Forensics. I spent many years investigating Internet Crimes Against Children (ICAC) cases as part of a task force. While this work was rightfully draining and unsettling, I valued my work on this team when it came to helping victims directly and being able to provide justice and a sense of psychological comfort to them. I have a strong forensics background, and I’ve used it to teach for many years — I’ve been a certified EnCase instructor for 16 years teaching and also created prepared many different curriculums, including advanced memory. I’m also the current President of the Wisconsin Association of Computer Crimes Investigators (WACCI), a professional group of law enforcement, public sector, and private sector professionals who have joined together to exchange information regarding computer crimes. At Tetra, I can actively use these experiences to again directly help victims whose livelihoods are at stake, teach what I know about technical techniques in digital forensics, and offer solutions alongside my team members. I find it so rewarding.
What brought you to Tetra Defense?
I had actually met Tetra’s President, Cindy Murphy, on an encryption case about 15 years ago. We were working in different police departments at the time, but we were able to collaborate quite a bit. When it came time for me to retire from the police department, I knew that working with her again would be a great opportunity. Joining Tetra for me was an amazing learning curve — I had my specialty in the police department, but now I’m able to work on a wide variety of cases that require me to learn new techniques from my teammates every day. It’s a challenge I appreciate!
How does your team interact in relation to others?
I see our work go hand-in-hand with our Cyber Risk Management side of the house; there’s a lot of overlap there. Something that’s always intrigued me about that division of our organization is penetration testing, which I know our colleagues have extensive experience in. It’s always been something that’s been helpful to learn about on the side, even in my incident response position. Our internal teams are really intertwined, both cyber risk and even our IT team. Their skills are very applicable to what we do and learning that side of the house allows us to do our jobs better, too.
Any advice for aspiring cybersecurity professionals?
This field is vast – it’s helpful to approach it the way that Medical Students often approach their studies. We are by no means doctors, but finding a specialization within cybersecurity is imperative, and sometimes it can be a constant effort to stay on top of your topic. Specifically, for civilian jobs outside of the military, certifications are a great way to separate yourself from the pack and force yourself to stay up to date on your specialization. If possible, I suggest investing in reputable certifications related to your specialty — it will be worthwhile since they are now considered a “gold standard.” They are widely recognized and allow you to get the experience and exposure you need.
A non-work-related question: How do you like to spend your free time?
What I do in my free time depends on a few factors: How interested I am in a new subject to learn, how much time I need to dedicate to a case, or how much energy I have for research. I usually dedicate a few months at a time to research new topics, which helps me avoid burnout. Oftentimes it includes trying to reverse-engineer the techniques that threat actors are using in order to better understand it, resolve it, and preserve evidence of it for justice. This is usually required since many artifacts are not immediately visible; I describe it as if you’re standing above an ocean, hoping to see the movements of a submarine. Away from my screen and research, I still enjoy pole vaulting every chance I get.