The Evolution of Big Data with Raffael Marty, VP of Research and Intelligence at Forcepoint

Play episode

Or listen in your favorite podcast app

Apple Podcasts  /  Google Podcasts Stitcher

Data’s evolutionary journey started out like all journeys, nonexistent. However, the evolution of data has been exponential since the dawn of the internet and the birth of the companies that followed. Fast-forward a couple of decades to today, and you may notice that data is everywhere. 

Raffael Marty, VP of Research and Intelligence at Forcepoint talks about this evolution, his own journey into tech, the serial-founder experience, and much more on this episode of IT Visionaries. 

Best Advice: If you don’t have fun anymore, you’re in the wrong place.

Key Takeaways:

  • Big data’s evolution
  • The underbelly of being a serial-founder
  • Data’s visualization’s current state
  • Human behavior and hacking

Raffael’s early start in tech 

As Raffael grew up, he was always interested in assembling and disassembling electronic devices. He’d even go as far as accidentally injuring himself by plugging things into outlets causing fuses to go off. And then in the second grade, Raffael’s best friend got an Apple 2 and that’s when the early programming really started. Raffael hasn’t looked back. And as they say, the rest was history. 

Forcepoint and Raffael’s role

Forcepoint is one of the larger security firms and they have a number of different products. From firewalls to endpoint and insider threat protection tools. All of these tools can be thought of as an engine that acts on certain data and signals. Raffael’s team provides security intelligence to these products. This includes surveying the internet and even the darker corners of the web to get the latest on recent attacks. The team then builds content for different systems to block these kinds of attacks. In combination with this content, Raffael’s team also focuses on human behavior research, similar to artificial intelligence, that they apply to characterize behavioral systems and to the behavior of humans into their products. 

Raffael’s Swiss National Team target shooting experience 

Raffael explains that target shooting is a very independent sport. It without a doubt teaches you how to deal with stressful situations, he continues. His target shooting career started when he was 12 and ended when he was 26. Raffael has taken his learnings from this sport and continues to apply it today.

You’re on your own, you’re sitting there and it could be in a board meeting. Now you’re put on the spot, you have to deliver this content and you might be really nervous because your job might be on the line. How do you present this? It just teaches you that you know it, be in the present, you know your stuff. You’ve pre-trained for this, you have a career that gave you the spot that you’re sitting in. So you’re probably qualified to be there. And so just focus on the moment.

Early days at Splunk

Raffael was a part of Splunk when they were just a 50-60 person company. For reference, Splunk now has close to 4,500 employees. When Raffael looks back, he remembers that “big data” wasn’t even a thing. He saw it as just data analytics, math, and statistics. Back then it was a very niche thing that not many people were looking into. As we now know, things have changed and data is the focus for almost everything we now do.   

Big Data and its link to security

Raffael thinks big data can be a little dangerous and society might have over-rotated a bit too much on relying on the data. We can sometimes not be honest with ourselves when it comes to bias towards the data, as well. There are biases in the algorithms, but Raffael agrees that they’re also some fantastic use cases that wouldn’t have been able to be solved without all of the data. 

I think there are so many problems we can solve with looking at data. We have to be a little careful. History is not a predictor of the future. But, there are so many things we can learn from it and security’s not any different from any of the other disciplines.

Insider Threat Problem

At a certain point in time, this problem was almost something to laugh about, says Raffael. It was believed that external attackers and threats were a much bigger deal, but this has totally shifted, according to Raffael. Something that Raffael and his team are looking for is both of these kinds of threats, external and internal. They’re focusing their attention on when users access their critical data and it moves around. Then, the team is able to see when they’re deviations to behavior from the administration side, internal side or from an external attacker coming in. Raffael mentions that it’s important to maintain this tight control on what the critical data of your company is, that’s step one. Step two, highly monitor all connections from the rest of the network to the internet. However, step two does require you to know what you’re looking for and have that lay of the land of these potential entry points, so the monitoring is very specified.     

Human behavior

As mentioned several paragraphs above, Raffael and his team focus on security intelligence on the products Forcepoint offers, but they also look into human behavior also. And Raffael wasn’t kidding. They have a psychologist on the team to help them understand and analyze human behavior to help further prevent hacking risk. This psychologist gave a talk at the Black Hat conference last year, where she talked about curiosity. Curiosity is typically a positive attribute a person can have, but having too much curiosity can actually be used against you on the internet or in your email. 

The more curious someone is they might actually expose themselves to a number of attacks like phishing. Well, if you’re a very curious person, you cannot resist clicking that link. These attackers get sophisticated. And they’re tricking you in any way. And so we’re focusing on what are the attributes that I can measure about a person, their curiosity, and their stressors. If I know you are a curious person, then I might look at the emails that you get even closer to make sure that there’s a link in there that you could click versus a person that’s super careful, is not curious at all in any way, they’re super conservative, then I might apply different safeguards.

Data Visualization 

Raffael wrote two books, “Applied Security Visualization” and The Security Data Lake” early in his career. Furthermore, Raffael tried starting a company that would take huge amounts of data (terabytes worth) and help users visualize and explore the data in a much more compact way. Unfortunately, this company didn’t come to fruition and Raffael mentions that after 10 years, data visualization still hasn’t been modernized. 

I haven’t seen a tool where I just load the data and it helps me explore and understand what is really happening inside of here. We definitely have gotten to a higher scale, to more nodes and edges on a display and things like that. But fundamentally the problem of making data actionable, we haven’t really done that much on that. 

“The visual analytics component to really deeply understand that data, that’s what I’m still super passionate about it. I haven’t been able to work on it much recently, but I think there’s still lots of work to be done there.” 

Being a serial-founder

Being a founder isn’t easy, as many people know. But, being a serial-founder is a whole different ball game. Raffael compares it to a rollercoaster where the peaks were full of feelings of amazement and the troughs were full of feelings of deep-frustration.

Right out of Splunk, Raffael founded a company called Loggly, a LaaS (logging as a service) company that worked in the cloud. 

We raised VC money and back in the day going when we started [Loggly], I didn’t know what an MVP was or what a pivot is or whatever.”

“I remember we got lucky and got funding by True Ventures and we got into this startup community, all the founders, and suddenly we got exposed to this whole new world and it was absolutely incredible. The connections, understanding the business side of things much better, really focusing on the customer. “

“I think living in the Bay Area, a lot of people that come here, they’re like, ‘oh my god’, all these startups and everybody makes so much money and everybody’s a successful entrepreneur. Well, it’s actually not true. You dig in and a lot of people had a failure and sometimes it’s pretty bad, like where you feel sorry for them. What happened? The founders not getting along and investors and founders and this, you hear everything right. And it was super interesting to see that side as well and getting a little bit of a different perspective.” 

Artificial Intelligence

Raffael found himself trying to resist jumping on this A.I. bandwagon, even going as far as trying to convince himself that A.I. doesn’t exist. While his feelings towards A.I. are somewhat of a joke, his feelings towards AGI, or Artificial General Intelligence, is much more adamant. 

We don’t have that yet and it’s probably going to be a while and it’s more of a philosophical question when that’s gonna happen. A.I., people really use it as a synonym to analytics. And sometimes they use it as synonyms to machine learning and generally supervised machine learning. So that’s a really big topic everybody talks about. I think we have had incredible success with a number of these algorithms. The huge advances that we were able to make, deep learning has definitely catapulted a number of different areas very, very far on things we haven’t been able to do before. But, I have a feeling that we are over-rotating again on this where we feel like machine learning is going to solve everything. If we just have the right data and it will answer all our questions and that’s just not true.” 

Episode 125