Felix Schallock

Felix Schallock is the co-course author of ICS456: Essentials for NERC Critical Infrastructure Protection and the Owner and Managing Director of TIBITS Consulting GmbH. He brings over 30 years of experience and a diverse IT and OT background to SANS. He built and was part of operations, forensic, incident handling, offensive and audit teams. Continuous learning and research is a foundation of his life and his curious mind. Felix holds a multitude of professional certifications, including GICSP, GRID, GCUX, GCIH, GPEN, GREM, GXPN, GNFA, GMON, GCFA, GSEC, GCPN, GOSI, GCIA, GAWN, GSTRT, CISA, CISM, and CISSP. He has a BSc (hons) in Science in Computer Studies and a Master of Business Administration. Felix has been a key contributor to early versions of the Open Source Security Testing Methodology Manual (OSSTMM), an ISO Subject Matter Reviewer for ISO Standards for the Information Systems Audit and Control Association (ISACA) – ISO 27017, 27001, 27002, ISO/IEC JTC 1/WG 6 N299, SC7 on 38502 Governance of IT, SC7 on 30120 IT Audit, ISO/IEC 29134 Privacy impact assessment – Methodology and has published CVEs as a result of his security research work.

More About Felix
Headshot of Felix Schallock

Profile

Felix Schallock is the co-course author of ICS456 and the Owner and Managing Director of TIBITS Consulting GmbH. With over 30 years of experience and a robust portfolio of professional certifications such as GICSP, GRID, GCUX, GCIH, GPEN, GREM, GXPN, GNFA, GMON, GCFA, GSEC, GCPN, GOSI, GCIA, GAWN, GSTRT, CISA, CISM, and CISSP, Felix brings extensive knowledge and experience to his role. He holds a BSc (hons) in Science in Computer Studies from the University of Derby (UK) and a Master of Business Administration from the Open University (UK).

Continuous learning and research is a foundation of his life and his curious mind. “A day you didn’t learn something is a day wasted”. Felix has made notable contributions to the field of cybersecurity, including being a key contributor to the early versions of the Open Source Security Testing Methodology Manual (OSSTMM), a former ISO Subject Matter Reviewer for ISO Standards for the Information Systems Audit and Control Association (ISACA) – ISO 27017, 27001, 27002, ISO/IEC JTC 1/WG 6 N299, SC7 on 38502 Governance of IT, SC7 on 30120 IT Audit, ISO/IEC 29134 Privacy impact assessment – Methodology and publishing CVEs as a result of his security research work. He started sharing technology related knowledge with others back in the days when the Internet started its wider momentum in the early 1990s. He built and was part of operations, forensic, incident handling and offensive teams. His teaching philosophy is rooted in the belief that "learning is a lifelong effort, and we can and should learn from each other’s experiences as often as we can." Felix emphasizes the importance of protecting the technologies our communities depend on daily and encourages a collaborative learning environment where students can share their experiences to enrich their learning.

Felix's journey into cybersecurity was driven by his curiosity and the realization of the impact of technology on daily life. This curiosity led him to explore how technology could be misused and how to mitigate such risks. "One thought that always came naturally to me was ‘How could someone misuse the technology inadvertently or on purpose and what can be done to reduce the risk of misuse?’ This continues to lead me to deepen my understanding of technologies that have significant influence on our lives."

His decision to work with SANS instructor stemmed from his positive experiences with SANS courses and the supportive community that encouraged knowledge sharing. Felix’s first encounter with SANS was in 2001, and since then, he has continued to engage with the SANS community, finding it a natural choice for his teaching endeavors. "I always enjoyed exchanging experience and knowledge with others. I learned early on that only as a community willing to share experiences with each other can we improve and protect our communities with a faster pace than as single individuals."

Felix enjoys sharing his knowledge and experiences to help students protect critical services. His teaching style involves explaining complex concepts through multiple viewpoints and real-world scenarios, ensuring that different types of learners can grasp the material. "Supporting students in improving their knowledge and hands-on skills over the course of the class and seeing them advance personally and professionally is a driver for me teaching."

Outside the classroom, Felix runs his own company, TIBITS Consulting GmbH, where he works with various sectors, including utilities, manufacturing, healthcare, finance, insurance and information technology, to enhance their cybersecurity defenses. This ongoing exposure to real-world challenges keeps his skills sharp and relevant, which he brings into his teaching.

In his free time, Felix enjoys playing table tennis, reading non-work-related books, hiking, and enjoying nature.

Current and former Credentials / CertificationsGIAC Response and Industrial Defense (GRID)

  • GIAC Global Industrial Cyber Security Professional (GICSP)
  • GIAC Strategic Planning, Policy, and Leadership (GSTRT)
  • GIAC Open-Source Intelligence (GOSI)
  • GIAC Cloud Penetration Tester (GCPN)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Security Essentials Certification (GSEC)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Continuous Monitoring Certification (GMON)
  • GIAC Network Forensic Analyst (GNFA)
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • GIAC Reverse Engineering Malware (GREM)
  • GIAC Penetration Tester (GPEN)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Assessing and Auditing Wireless Networks (GAWN)
  • GIAC Certified UNIX Security Administrator (GCUX)
  • Encase Certified Examiner (EnCE)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • ISO 27001 ISMS Auditor/Lead Auditor
  • COBIT Practitioner Certification
  • ITILv3 Foundation Examination
  • phion Security Expert (PHSX)