In it Since the Beginning.
BreachQuest has built a team of security experts whose expertise has been forged on the front lines of cyber security. Percy Alexander is a member of our Recovery & Remediation team, whose career has spanned five decades and crisscrossed the continent. We spoke with Percy about his journey and how he finds balance in the demanding world of recovery & remediation.
I am Percy Alexander. I’m a senior consultant responsible for client desktop Recovery & Remediation here at BreachQuest. I’m responsible for leading a team that will go on to client sites after being hit with malware. We will scan the computers for malware, capture forensic images, and, if necessary, rebuild all their computers by reinstalling the Windows operating system and possibly any applications they may need. We create a Golden image and then lay that image down on all the computers. We also deploy MDR software to protect the client computers in the future, and we can perform computer decryption activities.
What was your first job in the industry?
My first job in the computing industry was as a Program Analyst at the Pentagon in Washington, DC. But before that, I was a field artillery digital computer operator. I calculated the azimuth and direction of Field Artillery guns, and I was also a radio repairman. Eventually, I was promoted to working at an Army depot, where I sat at a desk with a multimeter, oscilloscope, a soldering iron, and repaired radios. I was stationed in Germany. The unit I was in patrolled the border between East and West Germany at the time.
After my first three-year stint in the Army, I decided to re-enlist. You must give them four more years when you re-enlist and change your job. The first year is considered training. So, I attended a Computer Programmer Analyst training. My first assignment was at the Pentagon.
I was an E6 Staff Sergeant in the US Army. I spent three years at the Pentagon programming reports for congressional inquiries. Congressional inquiries were received if troops were going to be deployed. They would need to know the equipment and personnel strength at various army bases around the country to help make decisions on what groups and capabilities they had. That may be deployable to wherever the conflict may be. I was primarily a COBOL programmer working on huge IBM mainframes.
I know I’m dating myself. I started in the industry before the invention of the PC.
You left the Army for the private industry. What kind of things did you do?
After seven years in the Army, I decided to get out and pursue something in the private industry. I worked as a Programmer Analyst and relocated to Florida to work for Harris Corporation. I subsequently accepted a transfer to California to lead a Marketing Programming team. I eventually moved to Silicon Valley and worked for Syntex Pharmaceuticals in Palo Alto on Laboratory Automation, Signetics Semiconductor, and Amdahl Corporation in Sunnyvale. I saw the invention of Atari and was in Silicon Valley when all those exciting things were going on. I had the opportunity to go work for Apple when they were a startup. But I was married with two kids, and I was dependent on a steady income, so I didn’t go to work for them.
I programmed in COBOL and moved into fourth-generation languages such as Focus and SAS. Eventually becoming a Certified Lotus Notes/Domino developer and administrator, I found myself at MCI -Verizon, back on the east coast. Through the years was promoted into Senior Management of their Data Center operations in the Northern Virginia area.
I took early retirement from Verizon to care for my mother because she was ill at the time. After a few months, I went back to work for a CyberComputer firm and was a team lead for their Desktop Recovery and Remediation team. And then, a year ago, I transferred to BreachQuest. Even though I am getting older, I continue to enjoy what I do.
As somebody who has been there since the beginning, what is the one piece of advice you would give a client?
You know, everyone in the industry always says backups. (See Kyle Posey’s answer) I’ve found that clients may have backups of their servers, but they rarely will have backups of their employee’s endpoints, desktops, and laptop computers. In most cases, if those endpoints were found encrypted by the threat actor, then I recommend reimaging them. And we can do this by using a client’s golden image if they have one (see Percy’s Blog). Or we can quickly and efficiently provide endpoint reimaging as we maintain Windows operating system images that are fully updated and can be rapidly deployed to quickly get a client back up and running.
In many of your roles, you were on-call 24/7. Do you mind that?
I feel like I have been on call my whole life! It’s challenging. I meet many new people in my current travels in support of clients. I’ve been to a lot of places that I’d normally not see. There have been so many places that I’ve started forgetting where I’ve been. I brought a map and put sticky pins for all the places I’ve been. My hobby is fishing, and sometimes my travels afford me the ability to go fishing in new waters. When I know where we are going, I get online to discover what waters may be in the area. I have portable fishing rods. I take my fishing rods just in case I could get some fishing in our off time. That’s how I decompress. I always said fishing is the closest to God you’ll ever be while on Earth.