Tomáš Plesník as the New Head of CSIRT-MU: I Appreciate What We Managed to Build

26 Apr 2021

No description

The CSIRT-MU cybersecurity team has a strong reputation not only at the university but also in the Czech Republic and Europe. Since January 2021, there is a new leader in its head, although he is certainly no newcomer to the institute. We asked Tomáš Plesník how he gets along with the new role of the head of one of the most visible teams at ICS.

Tom, how long have you been working at the institute and what were your beginnings of the journey leading to the career peak of CSIRT?

It's been a while. At the beginning of my studies at the Faculty of Informatics in 2006, I discovered in IS an offer from my colleague Honza Vykopal, who was then looking for testers for the Liberouter project under the auspices of the CESNET association.

The then director of ICS Václav Račanský had the intuition that security is an area that is not yet much addressed in IT. Due to this, it was established the Department of Data Network Security in 2008. I was among the first three people in the team under Honza, who was assigned to lead the newly formed department. As the first project, we worked on the CYBER project for the Czech Army, and then it has continued like this until nowadays.

Have you always been sure that cybersecurity is the right choice?

You could say that. I started as part of a project dealing with testing the IDS system, a standard tool in the field of cybersecurity. Then I moved on to testing a new tool for monitoring network traffic - today it's Flowmon Networks, so again, a cybersecurity topic. So yes, it was a clear choice from the beginning.


„I had one of the longest tenders ever, it took almost two years (laughs).“


What was your path to the highest career level of CSIRT?

We have been growing as a team since 2008 until we have reached the number of team members for a division level. Three groups were formed, and I started to lead one of them over time. And since we operate in the CSIRT so that the main manager cooperates a lot with the head of the operational safety group, which I led, we were naturally in the most contact with the main boss Pavel Čeleda.

This is how I gradually grew to the current position of leader because Pavel basically raised me like this and at some point informed me that he intends to move elsewhere together with Honza Vykopal and I will have to take over the CSIRT-MU reins. So it can be said that I had one of the longest tenders, it took almost two years.

Higher fluctuations are common in the CSIRT team when people are so-called raised and sent on to the world. Have you ever been tempted by work outside the university environment?

Fluctuation for us is an entirely natural part of working life. As we operate - in the usual way in the world - in a project way, we have also set up a clear model of cooperation with our members, which is linked to their study journey at MUNI. We will primarily write bachelor and diploma thesis with them on topics in which they work. After graduation (ideally after five years of working with us), they are ready to join prestigious companies as finished masters with solid professional knowledge and a CSIRT in their CV. They can also decide to go academically for a doctorate and further cooperate with us. Or, of course, they can stay and work with us in the positions of IT specialists.

No description

Of course, different companies tried and still try me to attract, just like any other - at least a little clever person. What made me resist? Because I still enjoy what I do. For example, I appreciate that I can complete my studies at work, I am also filled with a team atmosphere and corporate culture, which is perfect in CSIRT and would indeed be confirmed by everyone who has experienced it. And last but not least, it is also a broader team, such as the ICS project support, with which you want to cooperate.

Moreover, we sometimes exaggerate the private sphere - as we know, nothing interesting is ever completely one-sided. Working for a CSIRT has benefits for me that I wouldn't just get anywhere else.

You took the reins after Pavel Čeled. Will you follow him up, or will significant changes happen in the CSIRT under your leadership?

Pavel managed the CSIRT very well and did it his way. I hope that I will manage the team well too, but also in my way. So, for example, very soon after I started, I restructured the department because it didn't suit me as it was, I chose my representative, which was not officially before, and other little things. But I don't expect any significant changes - we will still function primarily as a security team for Masaryk University, and at the same time, we will continue to implement and look for research-oriented projects.


„Working for a CSIRT has benefits for me that I wouldn't just get anywhere else.“


What awaits you as a team in the near future? What challenges has the CSIRT set for this year?

From the university's point of view, this year is significant in that we have to grasp and address the legal obligations based on the Cyber Security Act. Still, of course, there is also another quality provision of a secure cyber environment of Masaryk University.

Among the big challenges, we are waiting for the announcement of HORIZONT Europe projects that we will try to obtain and the security challenges of the Ministry of the Interior of the Czech Republic, obtaining TA ČR projects. We have also launched a CRP18 + project with the Ministry of Education to increase cybersecurity in a Czech university environment.

And one direct question – are you a though boss?

Yes and no. I can be tough and uncomfortable if something is wrong. On the other hand, I am very benevolent. It is possible to agree on everything with me because I want to ensure that both parties are always satisfied. I often say that I am not a computer scientist because I have a strong emotional side, thanks to which I always try to meet people and communicate with them. But if something is wrong, I am uncompromising. So I have both. Both understanding and toughness.

What do you do for fun when you're not working?

Honestly, I like my job as a hobby, but of course I can't forget our small-town life in Kojetín, which typically consists of things like working on the house and its surroundings, walking the dog for walks in nature or cycling and then ... a bit of peace, well :) And I also like to go for a beer with my friends, of course, together we do various events such as smoking meat or sausages, butchers and the like - just as it is typically in villages.


More articles

All articles

You are running an old browser version. We recommend updating your browser to its latest version.