Why Nominated: With over 20 years of experience, Grobman has held numerous technical and cybersecurity leadership positions over the years. In these various roles – from his time as an Intel Fellow to his current position setting the technical and strategic directions for McAfee’s next-generation cyberdefense and data science technologies, threat and vulnerability research, and internal CISO and IT organizations, Grobman has spearheaded a plethora of initiatives to support and educate the wider industry on an array of pressing cybersecurity-related challenges.
Profile: To better educate professionals about the ways cyberdefense capabilities can become less effective over time, he created the “Grobman Curve.” Unlike software development cycles that show resulting products improving over time due to their incremental updates, cybersecurity offerings often go the opposite route because attackers swiftly develop methods to defeat them. As such, organizations looking for the strongest security controls often reap the most success when adopting and deploying solutions early, the Grobman suggests in his theory.
He also is one of the first experts to observe and comment on election security issues and political disinformation/misinformation campaigns, sharing a bevy of findings with government entities, media and the wider industry to showcase a few problems plaguing us all on this front. First, in regard to election security, he has called out how counties in some 20 states have no top-level domain consistency among electoral websites (they’re either .gov or .com) and that many of these lacked even basic SSL support. In sharing such research, his hope has been to convince local election boards to actually take up even the most basic of security controls. Secondly, as disinformation/misinformation campaigns continue to become growingly aggressive and widespread, he has highlighted how these could become even worse with the support of artificial intelligence. He and colleague Celeste Fralick demonstrated this in presentations at the likes of the RSA Conference showing the “weaponization of AI” by creating a fake video that made it appear as if words from Fralick were actually being spoken by Grobman.
Along with testifying before the United States Congress numerous times, writing various technical papers and books, and holding 27 U.S. patents, Grobman has cited the need for the U.S. to look to better solidify its desired position of becoming a world leader in quantum computing by actually developing quantum-safe algorithms that would ensure the long-standing encryption integrity of critical documents.
What colleagues say: “Steve Grobman is a visionary leader in cybersecurity who brings together technical and business expertise with a genuine interest in public policy. He takes a unique approach to his role because, although he is a technical expert, he is deeply steeped in global and national policy issues that continue to deeply affect the cybersecurity industry and McAfee as a business. Steve takes a long-term, strategic perspective to his everyday work while also taking public service seriously.” – Tom Gann, chief public policy officer, McAfee