From the Field to the Firewall: John Blanzy’s Cybersecurity Journey

In line with Echelon’s value of People with Personality, we are excited to continue our Cybersecurity Champion series, where we spotlight the incredible individuals who make up our team. Each month, we share the stories of professionals whose talent, dedication, and unique perspectives help keep organizations secure. 

Meet John, a Cybersecurity Associate at Echelon Cyber + Risk, whose journey blends athletic discipline, curiosity, hands-on experience, and a genuine commitment to educating others. From his first encounter with an ethical hacker to inspiring local students through STEAM initiatives, John’s path reflects the power of preparation, resilience, and community. 

1. What initially drew you to cybersecurity, and how did that lead you to Echelon? 

   Originally, I was on a campus tour at Northwood University, where I ended up going to school. It was a decision day type of thing, and I joined a seminar with an ethical hacker named Louis De Weaver, who ended up being my professor for two years. His talk immediately sparked my interest. I didn’t know anything about cyber before then. 
   
   I ended up loving it and graduated in three years with a cybersecurity management degree. I had worked a few internships, one in-house as a security analyst, then consulting as a threat intelligence intern. That sparked my interest back into consulting, and I came across Echelon's Risk Advisory practice. It was a new avenue for me, I really liked it, and I jumped ship over to Echelon.
    

2. Are there any cybersecurity trends or emerging technologies that you are particularly excited (or concerned) about, and why?

   AI has dominated the conversation around cybersecurity recently. As saturated as that conversation has become, I’m still super interested in agentic AI. It takes action on behalf of users, which is great because it offloads work. But that comes with a lot of risk if not governed properly.  

   With that technology, the way to properly manage it is to treat AI agents like human users, assign them unique identifiers, access rights, and workflows. As companies rush to implement AI, they have to be wary of the governance piece. 
    

3. You supported the Detroit Pistons STEAM event for kids. What did you enjoy most about inspiring young students to explore technology?

   It was a really cool event. A lot of students came excited about the Pistons being a sports team, so I don’t think they expected a cybersecurity firm to be there. But they were super interested. You could see on their faces when curiosity sparked and then came the onslaught of follow-up questions. They’d play the game I brought, but then they really wanted to learn about what cybersecurity actually is. That was the best part.
    

4. Is there something you learned from playing football that still helps you in your life or career today?

   Football is a complete microcosm of life. The structure of your sport, once it’s over, you keep almost all the same structure in your day-to-day life.  In football, we spend hours scouting opponents’ film. 
   
   One of the sayings in our linebackers room was: ‘What you inspect, you can expect.’ That translates perfectly to incident response. If you’re not actively monitoring and validating, you can’t anticipate or manage risk.
    

5. What's one piece of advice you'd give to someone aspiring to get into cybersecurity today?

   Grab all the free resources possible, especially with AI now. Go on ChatGPT or Copilot and look up free certifications, courses, tool demos. Even writing SIEM rules can be practiced with free demos online. Join a community. Get hands-on experience where you can. Take advantage of free resources.
    

6. What do you think is the key to building a strong security culture inside an organization?

   In-person, interactive exercises are huge. Getting stakeholders directly involved makes a big difference. When people participate hands-on, not just listen, they start to understand the importance of security in a more practical way.  
   
   Assigning ownership is also a major factor. Once groups have ownership, they embody the culture. They take greater care and have more buy-in. It turns security from a requirement into something they feel responsible for.
    

7.  When you face a complex security challenge, what’s your approach to breaking it down and finding a solution?

   We try to solve issues wherever possible, but in cybersecurity not everything can be solved. There’s always a battle between availability and security. Sometimes job functions trump strict security. The key is visibility, document risks, track them, review them. Know where you have to accept risk and where you can implement workarounds.
    

8. Are there any specific resources, books, blogs, websites, or communities that have been particularly helpful or inspiring in your cybersecurity journey?

   One of my favorite resources is The Adversary Universe Podcast by CrowdStrike. It’s extremely digestible, usually 15 to 30 minutes, so I’ll turn it on while walking on the treadmill or starting my morning. The topics are always relevant, and CrowdStrike keeps everything very up to date, with great experts on the show. 

   Beyond that, I always tell people to take full advantage of free tools. With AI now, you can go to ChatGPT or Copilot and find free certifications, courses, and tool demos. Even writing SIEM rules can be practiced with free demos online. I learned a lot by joining communities, getting hands-on experience wherever possible, and using all the free resources available. 
    

9. What is something you have come to appreciate about being part of Echelon?

   I’ve really come to appreciate how diverse the backgrounds are across the company. It feels like everyone at Echelon has touched on a different area of cybersecurity in their career. That makes a huge difference. Whenever there’s a complex challenge, we can cross-pollinate between teams and immediately pull in someone who’s a subject matter expert in that specific area. 

   It genuinely feels like there’s unlimited knowledge here. That ability to collaborate with people who bring such different expertise has been one of the best parts of being at Echelon. 
    

10. Outside of work, how do you like spending your time? Any hobbies or interests that you are passionate about? 

    This fall, I got into coaching for the first time. I’m the varsity and JV linebackers coach at the local high school, and it’s been a lot of fun, it took up a big part of my time, but in a good way. Coaching keeps me connected to football, which was such a big part of my life. Outside of that, I’ve also been reading more, especially about history. And on weekends, I usually go hunting, which has become something I really enjoy.
     

11.  What does being a Cybersecurity Champion mean to you?

    For me, security and risk management are part of who I am. I look at the world through that lens every day, always thinking about how decisions impact both. That perspective is a natural fit for cybersecurity, and it shapes the way I approach everything I do. If I can help people who don’t naturally think that way become a little more aware, whether it’s through public events, casual conversations, or even helping my friends when something suspicious pops up on their phones, that’s success in my eyes. 

    Being a Cybersecurity Champion is about making the world just a little more knowledgeable about security risks, one interaction at a time.