“What we realized is that we have the ability to understand what was happening on the internet at any given time… this access, this visibility – it really lent itself towards understanding not just what’s impacting you, but how to do relate to what’s impacting the global internet?”
We’ve all heard about “cyberattacks” – it seems there is a new article or clickbait headline about them every day. But what can we do to stop them? Better yet – can we predict them before they even happen? David Monnier of Team Cymru is here this week on IT Visionaries to talk about cybersecurity, the importance of a “no-touch audit”, and how – when it comes to global cybersecurity – the best offense is always an active defense.
How do your priorities change the way you view your online security?
The number of possible attacks can be overwhelming. But Monnier has a simple answer: prioritize the threats and work from there.
“If you had some knowledge, some understanding of which of these were being exploited in the wild and towards who… this type of contextual awareness would help you prioritize what decisions you need to be making. And that’s how we’re approaching risk, these days.”
How does “Threat Reconnaissance” help make attacks more predictable?
Cyberattacks are going to happen. It’s not “if”, it’s “when”. By finding patterns in these attacks, businesses can better prepare to protect their assets.
“There are adversaries that are picking specific sectors to attack. They have very similar tools and tactics, regardless of who the victim is. So if you’re ab;e to kind of study and watch their activities – even as they’re attacking… you can apply that to your security.”
Why is cybersecurity becoming an important part of any business model?
When companies are working via the internet, they want to know that the companies they work with have reliable safety nets. Being able to assure clients and customers that your infrastructure is safe is becoming increasingly more important. Team Cymru works with supply chains in order to secure their safety so their customers feel more at ease.
“We have these rules… we’re going to help you live up to them because we’re reliant on you and our business needs you as a supplier for us… there was a sense of ‘we’re in this together.
About the Guest:
David Monnier was invited to join Team Cymru in 2007. Prior to Team Cymru, he served in the US Marine Corps as a Non-Commissioned Officer, then went to work at Indiana University. There, he drove innovation in a high-performance computing center, helping to build some of the most powerful computational systems of their day. He then transitioned to cybersecurity, serving as Lead Network Security Engineer at the university and later helped to launch the Research and Education Networking ISAC.
At Team Cymru, he has been a systems engineer, a member of the Community Services Outreach Team, and a security analyst. David led efforts to standardize and secure the firm’s threat intelligence infrastructure, and he served as Team Lead of Engineering, establishing foundational processes that the firm relies on today.
After building out the firm’s Client Success Team, he recently moved back to the Outreach team to focus once again on community services, such as assisting CSIRT teams around the globe and fostering collaboration and data sharing within the community to make the Internet a safer place.
With over 20 years of experience in a wide range of technologies, David brings a wealth of knowledge and understanding to threat analysis, system hardening, network defense, incident response and policy. He is widely recognized among veteran industry practitioners as a thought leader and resource. As such, David has presented around the globe to trust groups and at events for network operators and security analysts.
IT Visionaries is powered by Salesforce Platform. If this episode makes you want to go deeper into the data security world, check out Salesforce.com/datasecurity and download the IT Guide to Data Security and Governance to learn how to protect your customer data with Salesforce Security Portfolio.
Mission.org is a media studio producing content for world-class clients. Learn more at mission.org.