How do you describe your job to average people?
I am presently responsible for an amazing team of security researchers called the Counter Threat Unit at Dell SecureWorks. The CTU Research Group in my personal opinion is comprised of the nation's best security experts on today's cyber threats. We have been told to hire every “A-Player” security researcher we can find which is evident based on the team's tripling in size since 2010. In the commercial world the CTU is the IT security version of “weapons experts on a Special Forces A-Team”.
Why did you get into IT security?
Throughout my 24 year military career as an Army Signal Officer, IT security was a critical element in every network we installed whether in garrison or in support of combat troops deployed. The pinnacle of my military career was working with an elite group of cyber forces with the ultimate mission to operate and defend DoD networks. It was during this period of time I realized the severity of security issues facing this nation and I wanted to commit my professional career to be part of the solution. When I retired from the Army in 2010, I was blessed to join the SecureWorks leadership team in Atlanta who shared the same passion for protecting their clients and making the internet safe.
What is your biggest security challenges?
In this business, there are no single biggest challenges, but multiple, moving challenges that compete for attention. I believed a shared challenge across the entire security community is having to be right 100 percent of the time in a world where threat actors are so agile, innovative, well-resourced and have the total element of surprise. I know security professionals are also struggling how to prioritize their efforts with limited resources while providing innovative (e.g. Cloud/SaaS, Mobile) solutions for their enterprises. Every IT security leader must wrestle with the risks posed by new technologies and service offerings. While there are no absolute “right” answers to the risk question, the age-old formula of mitigating threats against your most critical targets holds firm. The security team should put some science behind defining the weaknesses, the likelihood of exploitation and the resulting impact to the business. It's a difficult but necessary step in the risk/reward tradeoff.
What keeps you up at night?
The unknown... Both in my military experience and now on the commercial side, I've seen how quickly the adversaries can elude today's security controls if not properly aligned/maintained while allowing them full freedom of movement within an organizations network. I also toss and turn because of inadequate visibility, which is most often due to inadequate instrumentation. IT security professionals have to be right 100 percent of the time while threat actors only need to exploit one unknown and/or unmitigated vulnerability or one take advantage of a single user with privileged access. I am also concerned by the potential breakdown of the internet economy due to a perceived lack of confidence in its security given ongoing wholesale e-crime and intellectual property. Most recently “destructive malware” has been added to my worst nightmares which the security community has only begun to address from an organization risk perspective.
For what would you use a magic IT security wand?
Perfect situational awareness both within a client's network and that of adversary movements, tactics, and intent. Removing past and future software vulnerabilities may take more of a miracle but would also go a long way in removing a common avenue of approach for today's threat actors. I believe organizations need to move everything toward a whitelist model where we allow known good versus chasing known (or suspected) bad. This includes where we surf, client-server and server-server communications, application communications, and etc.
Of what are you most proud?
I am most proud of the phenomenal team of security professionals that I work with each day that put team before self, strive to be the very best at what they do, and always go the extra mile to ensure the security of our clients. I am truly blessed to part of an amazing team whose work ethic and commitment to excellence is like no other I have ever seen.