Seeing Cybersecurity Threats Before Everyone Else Does: David McGill of ICF

January 10th, 2018 | Posted by Alexa Magdalenski in CyberCapital

Cybercapital Logo White BG

By Renee Brown Small, CEO, Cyber Human Capital, and Contributing Editor, CyberCapital.us Blog

“They are self-directed and can self-manage themselves. They are adaptable, they have the ability to learn and to change because it is a dynamic environment. They are passionate about security – one indication is a home lab.” – David McGill, Vice President, Strategy & Business Development, ICF, on the kind of people who will succeed in cybersecurity

McGill_David v2A recent article noted that, in the first quarter of 2017 alone, an average of 858 malware specimens were created, and David McGill is one of those on the front lines of dealing with such cybersecurity threats. He has a particularly advanced view of these, as his work with the Department of Defense enables him to see threats days or weeks before these become known in the commercial world.

David got involved in cybersecurity full-time in 2011, and at present, he is focusing on cybersecurity vulnerability in operational technology and industrial control systems, and he is also involved with a team that works on other aspects of cybersecurity. One of the things the team is presently working on is creating a synthetic network where malicious code can be inserted, to better train cyber operators to recognize these and thus become more effective. His team is also looking into virtual reality as well as working with the Army Research Laboratory, and still others are working with corporations to help with these companies’ cyber hygiene, which is all about the processes, procedures, policies, guidance, governance and risk management.

David also remarks that one of the newest groups of ICF now works with clients on enterprise resilience, which means identifying the threats to the enterprise’s mission, after which plans are created to address and respond to such threats. He shared that a client company uses gaming technology to investigate complex decision making or create very interesting exercises where the end result is open-ended, rather than predetermined. David also adds that, no matter how much one prepares, the possibility always exists that an organization will be hit with a threat in a way that wasn’t foreseen, which is why the use of gaming technology is appealing.

Granted, technical know-how and, if necessary, clearances are needed to become a cybersecurity professional, but it’s not just these which are needed. David shares that, where a cybersecurity professional is concerned, people who are flexible, self-aware, self-directed, who love to learn and who can manage themselves are what are needed, as the environment is very dynamic. He cites the example of having to deal with an emergency one day and then becoming a help desk analyst the next, and noted that emotional intelligence is also a necessity, since the professional will need to deal with different kinds of people. He also notes that passion is very important, given the environment, and that one indication of this is if an applicant runs a lab from his own home.

David is always on the lookout for good people. He asks for referrals from his team members and from within the company itself for potential cybersecurity experts he could hire.


Renee Brown Small is the author of Magnetic Hiring: Your Company’s Secret Weapon to Attracting Top Cyber Security Talent and CEO of Cyber Human Capital, an HR consultancy that specializes in innovative ways companies hire and keep cybersecurity talent. Download a free copy of her book here. Brown Small is contributing editor of the CyberCapital.us blog.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

You can follow any responses to this entry through the RSS 2.0 Both comments and pings are currently closed.