In the SecureWorld Spotlight Series, we learn about the speakers and Advisory Council members that make our events a success. In Q&A format, they share about their professional journeys, unique experiences, and hopes for the future of cybersecurity—along with some personal anecdotes.
Kevin Dreyer, SSCP, CISSP, is the IT Director and CISO at Maple Reinders Group, a construction services provider based in Ontario, Canada. He serves on the Advisory Council for SecureWorld Toronto and will be presenting at our upcoming conference on April 3rd.
Get to know Kevin Dreyer
Q: Why did you decide to pursue cybersecurity as a career path?
A: When I was about 12 years old, my cousin introduced me to computer programming and I was immediately hooked when I discovered all the things you could do, build, and "manipulate" on a computer beyond playing games. By the early years in high school, I discovered how easily I could beat my brother's high score on video games by hacking the leaderboard, which gave me tons more time to learn other tricks and start connecting to people on bulletin boards over dialup before we got internet (I know, I'm old and not everyone had internet back then). In my first round of college, we had discovered that the school did in fact have a dialup link that allowed us to get on the internet (even though they said they did not), and a small group of us were very happy burning endless hours online meeting other like-minded people and poking around any network we could get into (never breaking anything, though). This curiosity quickly became an obsession, which ultimately resulted in me being removed from the program and searching for a career earlier than planned..
Q: When and why did you join your current organization (employer)?
A: I joined Maple in 1994 when the company was a much smaller version of what it was now and they were looking for someone to take on supporting the computers and processing the payroll, and I saw an opportunity to get my foot in the door at a good place to work and grow with the company. I have worn many hats through the years but always with IT and a focus on Security.
Q: How would you describe your feelings about cybersecurity in one sentence?
A: Cybersecurity is challenging and rewarding even though it can be exhausting, so it's important to celebrate the wins even if they feel short-lived.
Q: What has been your most memorable moment thus far working in cybersecurity?
A: I think my most memorable moment in cybersecurity was not at work but as a volunteer assisting the police in finding a runaway teen using a little hacking and a some forensics.
Q: If you had to choose, what's the one cybersecurity practice people can adopt that would have the greatest impact?
A: Password managers with 100% unique passwords and MFA everywhere possible until a better solution comes mainstream, but you really can't ignore patching and updating your systems.
Q: What are the biggest challenges facing the cybersecurity profession?
A: The industry asks for experienced people all the time but often does not afford experienced cyber professionals the time to mentor the next generation (many of which are super qualified but are being missed by an overloaded system).
Q: What are the biggest opportunities facing the profession?
A: There are a ton of skilled people with a passion for both technology and security that could be tapped to make a huge difference in rebalancing the game.
Q: When you tell people what you do for a living, what do you say?
A: I usually start out with a joke like, "I move an absolute ton of email, have meetings, and try to manage a tight budget while trying to keep the network safe and secure." If they ask more questions, then I lead into some of the security metrics and projects that I find are generally interesting for conversation and see where it goes.
Q: What advice do you have for someone considering cybersecurity as a career and/or someone new to the field who is looking to move up the career ladder?
A: Remember, success hinges on genuine passion and continuous engagement. Start by attending smaller events to network and learn from the community. Don't doubt your abilities; if you have a true interest in cybersecurity, that's your ticket to advancing in the field. Cybersecurity is more than a job; it's a lifestyle that keeps you on your toes, constantly learning. And don't worry about fitting in. The cybersecurity community is welcoming and supportive, encouraging everyone who brings passion and perseverance to their work.
More from Kevin on the personal side:
"During the pandemic, I started a group with my kids called Separated Not Divided to raise funds for 3D printers and materials to make ear savers and face shields and then donate the printers to some schools and kids' programs at local churches. In the end, we made several hundred face shields, about 8,000 ear savers, and donated four printers for students to learn and create with. We even expanded to get homemade face mask and some cleaning chemical donations and had people deliver the items mostly in Ontario but also some in B.C.
Growing up, I had a friend whose family were pig farmers, and I fell in love with baby pigs. So, in 2024, we took a family vacation to the Bahamas to knock swimming with the pigs off my bucket list. The trip was fantastic, and the pictures still bring me blissful joy when I see them.
I also have a serious passion for golf since it is a challenge you really can't beat. I was very happy that I didn't need to give up the game when I broke my back in a Zorb ball with my kids nine years ago, although I had to take a long break from the game and start relearning."
To connect with Kevin Dreyer and other cybersecurity leaders in Canada, attend the 2nd annual SecureWorld Toronto conference on April 3, 2024. Kevin will be presenting a session entitled Challenges and Triumphs for Cybersecurity in SMBs.
Continue to follow our Spotlight Series for more interviews of industry experts.
