For many years, Adam Vincent has worked in the tech industry, acting as CTO for Layer 7 Technologies, and as security engineer before that for a few other companies. Then, in April 2011 he decided to break out on his own and create a platform that helps security experts aggregate, analyze, and act to counter cyber attacks.
Adam Vincent is ThreatConnect's Founder and CEO, a company that hasn't just offered security experts a platform to work on, but has also done detective work to figure out who was behind various cyber attacks, managing to link Guccifer 2.0 to Fancy Bear, or linking Chinese-backed hacker groups to the Anthem medical data breach. The list goes on and on.
In an interview with TechNadu, Adam Vincent talks about ThreatConnect, cybersec threats, the importance of the cybersec division in companies and how they need to be taken seriously by CEOs, especially since they're the ones who pay dearly when data breaches happen. Here is our interview.
TechNadu: Tell us about ThreatConnect - How can your platform help businesses and security experts working for them?
Adam Vincent: The ThreatConnect Platform is the industry’s first intelligence-driven security operations and analytics platform. We built the Platform to drastically improve organizations’ ability to put security data in context with intelligence and analytics, making security teams more efficient and enabling sound decision making. The Platform also provides one central place for users in a variety of industries to better understand adversaries by orchestrating security processes, analyzing data, and hunting threats faster.
TechNadu: You've had a long career in the security industry. What do you believe to be your biggest achievements over the years?
Adam Vincent: Before launching ThreatConnect or the idea of ThreatConnect came to be, I was a security engineer/architect. I noticed that the landscape was changing; no longer were cyber attacks being carried out by lone hackers; now well-organized state-sponsored or criminal enterprises were targeting organizations unprepared for threats at this level.
In the beginning, some argued that ThreatConnect was operating in a market that didn’t yet have a “category.” I risked my own capital because I knew that when the ThreatConnect Platform was ready, the market would be too.
I left an established career to start ThreatConnect, and have been achieving milestones as a leader and we have as a company, ever since. I’m proud of everything ThreatConnect has come to be, what we have built and continue to build, as well as the people that I am fortunate enough to work with.
TechNadu: I saw you recently said that the UK would face loads more cyber attacks following Brexit. What would make the UK a bigger target than it is now?
Adam Vincent: Whether there is an orderly Brexit agreed upon between the EU and UK, the impact on cybersecurity is likely to be considerable and immediate. The expectation is that malicious actors will seek to exploit any of the potential loopholes that may emerge to target companies and infrastructure alike, such as businesses relocating their HQs to EU countries in part or in full amid regulatory uncertainty, severe cybersecurity talent shortages in the UK amid departing staff and/or the inability to attract new talent, uncertainty and inconsistency in the regulations between the UK and EU, and, increased perception that the UK will be cut off from EU intelligence and/or UK regulators will have other priorities, thus potentially encouraging bold malicious action.
Our research shows that companies have long relied on cooperation with the state to ward off the more sophisticated cyber offenders. Two in five organizations are sharing a range of data – on malware, ransomware or general cyber threats – with government groups or NGOs. What’s more, four in five respondents agree that a better relationship with government groups would foster a better environment for exchanging threat intelligence data. With the UK government potentially strained for resources post-Brexit, the onus is on companies to secure their own cyber health.
In other words, with or without agreements in force between the EU and UK, the life of cyber defenders is bound to become more difficult. Thus, the largest potential impact of Brexit on cybersecurity is that companies will have to put forth renewed efforts to ensure they are on top of cybercrime identification, reporting, and mitigation.
TechNadu: ThreatConnect has helped solve quite a few cyber mysteries across the years, tying Guccifer 2.0 to Russia's Fancy Bear and more. Are there any such finds that you're particularly proud of your team for?
Adam Vincent: I’ll start by saying, I’m continually blown away by the work the Research team does. While all of their work is impressive, one intel report in particular sticks out in my mind. Prior to Guccifer 2.0 and Fancy Bear, there was Project CameraShy.
In 2015, our team of elite researchers attributed the targeted cyber espionage infrastructure activity associated with the “Naikon” Advanced Persistent Threat (APT) group to a specific unit of the Chinese People’s Liberation Army (PLA). Our assessment was based on technical analysis of Naikon threat activity and native language research on a PLA officer within Unit 78020.
TechNadu: Numerous reports over the years have shown that cybersec experts within companies have a hard time getting the message across to their execs about the dangers their respective companies are in, resulting in low cyber budgets or important issues getting swept to the side. You have quite a bit of experience in this area. What advice do you have for those who find themselves unable to properly communicate the gravity of the situation?
Adam Vincent: If executives aren’t understanding that cybersecurity needs to be prioritized to ensure long term success, they are not paying attention to the news. C-suites and board members are increasingly being held accountable when there is a cybersecurity incident--just last month, Marriott and Equifax’s CEOs testified before the US Senate about the basic measures their respective companies took in an effort to prevent a breach, but ultimately fell short.
My best piece of advice to security teams looking to properly communicate the importance of cybersecurity efforts to the C-suite is to start by measuring and showcasing the time and money saved by using the tools you have. Once you demonstrate value to the business, your security message will be heard loud and clear.
TechNadu: We're seeing a lot of top execs being held accountable in big data breaches across the world. How much of what happened was their fault?
Adam Vincent: This is definitely a changing paradigm. Executives are traditionally accountable for the profitability of their company. Today, cybersecurity is a part of this as it affects the brand perception, intellectual property, susceptibility to theft (data and monetary), which in turn affects profit. Research has shown that nation-state adversaries have stolen intellectual property from private organizations to give their country a leg up, which is a major blow to profits.
Cybersecurity is also affecting physical security in our increasingly connected world. The U.S. Department of Homeland Security warned last year that Russian adversaries launched a campaign that put them inside the control rooms of U.S. electric utilities. If they had been successful this could have caused blackouts. To that, Russian adversaries have already successfully caused massive blackouts in the Ukraine, twice.
TechNadu: What do you believe to be the biggest threat to people's online security these days?
Adam Vincent: To stay ahead of the threats, it is important that organizations invest in their staff and technology. With the advancement of complex cybersecurity threats and skilled adversaries, it is paramount that organizations have the right solutions and people in place to protect their data. Security teams are finding that they do not have the staff to keep up with the constant threats as a result of limited talent, cost of talent, and the sheer overhead of throwing more people at the problem.
TechNadu: Some experts recommend we all use VPNs day in and day out for security and privacy. How do you feel about this? Do you use such a tool yourself?
Adam Vincent: It is very important to use VPNs to ensure your data, and your company’s data if you’re on a work device, is secure. I use VPNs, and they are also necessary for non-security professionals. Everyone should have one and learn how to use it’s fullest potential.
TechNadu: While some IoT vendors do a pretty good job at securing their devices, it seems that most don't. How do you feel about the idea that's being circulated more and more often, namely the governments of the world stepping in and imposing regulations?
Adam Vincent: Whenever physical security and cybersecurity meet there is a reason to think of cybersecurity using a safety mindset. Whenever safety is involved, we MUST have regulation and hope that government regulation does ensure that IoT vendors are held accountable. A stovetop being internet enabled may be of interest to start the oven before you get home, but we must also think about the implications if someone uses this maliciously.
TechNadu: Do you have any IoT devices yourself? How did you choose which ones to bring into your home and which not to? What is your advice for tech enthusiasts?
Adam Vincent: I don’t know anyone who doesn’t own an IoT device at this point. They are an inevitable part of our daily lives. When selecting IoT devices, especially ones for my children, security is a top priority for me. Unfortunately, there is not much anyone, including a professional, can do to trust IoT devices. They are built as black boxes and it’s extremely hard to see what risks you are exposing your home and family to when bringing them into your home. For this reason, I recently separated all my IoT devices onto a separate network at home.
So, what do you think of what Adam Vincent had to say? Let us know in the comments section below. Please share the interview online so others can read it too. Follow TechNadu on Facebook and Twitter for more interviews, tech news, guides, and reviews.