I was a sysadmin for a couple of decades. I therefore have significant practical experience in all the things that can go horribly wrong in information security. I'm not super-big on the theoretical side, nor up on the state of the art — but I know and trust people who are!