Q&A: Stuart Peck

Written by

Stuart describes himself as an “internet dumpster diver and role play espionage expert,” but in less exciting terms, he “helps organizations identify risks and improve their information security maturity over time.” For a highly technical guy, he surprisingly studied ceramics at university (that’s pottery). Luckily for the cyber industry, he finally found his true calling in security

What’s the best thing about your job?

The versatility. One week, I’m trying to get people to give me sensitive information over the phone or through phishing. The next week, I could be training an entire company on how to detect social engineering attacks. The following week, I could be building out policies and strategies or helping develop a threat hunting/incident response capability. There are so many things that make this industry so interesting.

What’s your proudest achievement?

I’m very proud of The Many Hats Club, the community I built, and all the good that has come of it. Whether this was through the charity fundraisers and conferences we put on (which raised over $50,000), OSINT CTF wins, or the hundreds of people who got into the industry through connections made or mentoring from members. I decided to close this down recently, and I hope the legacy will live on through those who were part of it.

Stuart Peck
Stuart Peck

You are being asked to create an ‘all-star’ infosec project team. Who would you pick and why?

Kevin Beaumont – for defensive strategy and intelligence

Daniel Card – for anything both offensive and defensive

Benjamin Strick – for OSINT and recon

Jenny Radcliffe – for physical and social engineering

Lesley Carhart – for incident response and forensics support

Tracy Maleeff – for security operations 

Dave Kennedy – for offensive strategy, motivation and his wicked sense of humor!

If you could change one thing about the industry, what would it be?

Gatekeeping and trolling on social media. This seems to be on the increase recently. Although only a very small minority does it, it gets a lot of attention, which could put people off engaging in the community or joining altogether!  

Dream job?

A games developer or storyline designer for an RPG game

Bucket list client?

SpaceX would be a dream client, just having an insight into the internal operations that go into a mission launch would be amazing

Advice for infosec n00bies?

Start a blog

Surprise us?

I like pineapple on a pizza. Don’t hate me 

Lessons you’ve learned?

  1.  It’s hard to defend assets if you don’t know what assets you have
  2.  It’s impossible to know everything
  3. Always back your stuff up

Bio: Stuart Peck is the director of cyber security strategy at ZeroDayLab. He dabbled with recruitment, ran an information security division and then discovered his passion for the technical side of the industry. He now runs “an amazing team” of people, “doing all kinds of interesting projects.”  

What’s hot on Infosecurity Magazine?