Who is SophosLabs: Joanne Garvey, Threat Researcher

Who is SophosLabs

SophosLabs is at the center of Sophos. It’s the place where highly skilled experts in the field work round the clock to build protection from the latest threats.

But who works there?

In the second of this series, we’re talking to Joanne Garvey, Threat Researcher II from SophosLabs UK.

SophosLabsI grew up in in a small village in Oxford, dreaming over the spires.

In school, I was all about the sport. I was a half decent sprinter and loved team games. Hockey was probably my favourite; it suited my low centre of gravity and abilities with a stick.

At university, I started modules in networking security, and began looking into digital forensics. It fascinated me, and I was hooked.

After uni, I looked very hard for a particular kind of work environment. I took my one and only interview with SophosLabs and have been here since.

My research specialty is Java and exploit malware such as HTML, JavaScript and PDF. I’m also very involved with spam. At the moment I focus on developing a variety of detection methods, but I hope to spend some more time watching the full execution of Java exploits and malware.

I am learning constantly. I was recently surprised to learn of the prevalence of DDoS ransom activities. It happens often, and so many companies pay up!

Outside of work, I’m interested in quantum physics, astronomy, and chaos theory – really, I think they are fascinating! I can’t imagine living without chaos theory or extra thick double cream – they’re both vital to my heart.

I don’t perpetually sit on my brains, however. I do spend the occasional lunchtime playing squash or badminton.

I have an eclectic taste in music. I particularly like Glenn Miller and Meat Loaf. And I love to read, but I have to be able to read a book in one sitting; sleep takes second place when I start reading an interesting book.

In the near future, I think the mobile and tablet market will need some careful monitoring, along with other household devices capable of outside-world connection. I believe these will become bigger targets as a way of harvesting, and ultimately stealing, personal information along with ransomware.

I believe security will need to move in the direction of offering sentinel services, which monitor systems holistically.

For security, I use separate browsers, one with no plugins (e.g., Java, Adobe) enabled and one where they are allowed. I will only use this second browser when I know and trust the URI I’m visiting and am expecting something to open or run.

I use different email addresses for different levels of security, and I try not to use the free email services for any accounts that may hold personal/banking/card information.

sophoslabs-170I consider all information on social networking sites or in email to be public knowledge, so I don’t say much. :)

If I have a well-patched product, I don’t upgrade immediately; I give a little time for the kinks to be worked out and patches applied.

Here’s my advice to users on protecting their security:

  1. Do not click on links in emails.
  2. Do not use daft passwords.
  3. Use separate email addresses for different things.
  4. Do not give every detail of your life on social networking. And please do use the security settings to restrict your details to people you actually know.
  5. Most importantly, a life rule which applies in the digital form too – if it seems too good to be true, it probably is!

I wish the IT and security industry would keep reiterating the basics with people. Social engineering is still the primary method for infection, and so often if only the simple rules were followed it would reduce risk in a big way. We mustn’t think we’ve ever said it enough.

I also think the industry in general needs to continue developing its understanding of security risks and take real steps to make its systems safe.

If you’re trying to get into the security field, you might want to find a mentor. Most importantly, though, stick with it. Keep learning and developing your skills until you can find that way in.

Want to know more about SophosLabs?

Read the first of this series on Numaan Huq, Threat Researcher from Canada, check out our YouTube playlist, or see more on the Sophos website.