Creating a World Safe From Cyber-Attacks with Carbon Black
Rick McElroy, security strategist for Carbon Black and an enthusiast cyber security lecturer, has more than 18 years of experience in educating and advising various organizations on reducing their risk posture and tackling tough security challenges. In this quick interview he discusses the difference between securing a government organization and a private enterprise, and explains why labeling the election system as critical infrastructure is the best thing that happened to America. Share
What's brought you to Carbon Black?
I've been doing information security for the last 20 years and seen the whole breath of it; from government organizations through the commercial and manufacturing sectors. I have a real passion for Cyber and have always been an advocate of privacy. When I first encountered Carbon Black, I was impressed with their mission and technology and decided to come onboard to work with customers on optimizing their endpoint strategy.
What's unique about the Carbon Black solution?
Carbon Black's mission is to create a world that's safe from cyber-attacks. We have a number of products that don't just block malware and viruses, they actually prevent breaches. Our technology provides visibility into attacks and allows users to detect and disrupt attackers quickly and in real time.
Today, we have approximately 2,000 customers worldwide who are actively securing their information by replacing legacy antivirus technology, locking down systems, and arming their incident response teams with advanced tools that proactively hunt threats.
What is the difference between securing a private organization and securing a government organization?
The main difference is in the funding. While the commercial sector has a lot more resources to invest in cyber security, government organizations have limited funding and are often bound to bureaucratic procedures, so procurement takes longer. Introducing new technologies to government entities takes a lot longer than it should.
That being said, the risks that government entities are facing are much higher. While commercial entities worry about identity theft, credit cards and intellectual property, government threats are much higher because we're all dependent on the services they provide.
In your opinion, why did DHS label the US election equipment as "critical infrastructure"?
The electronic election system has been vulnerable for a long time. This move made by Homeland Security places the election system at the same level of importance as the electricity that powers our homes, the water we drink, and the roads and airplanes that help us move around. I like the idea of it because it's fundamental that such systems remain bulletproof.
What can you tell us about the securing our e-city initiative?
Securing our e-city is a non-profit organization which was founded by a community of concerned individuals in San Diego, to bring cyber security education to the public. We give lectures and activities to universities, schools, the military and private entities. We also host numerous annual events that are meant to raise awareness to online security. Our initiatives include the Cybercup competition, a security boot camp challenge for high school kids, and the Cyberfest, where we present the latest cyber advancements that privacy and security professionals are dealing with.
How do you see the future of cyber security?
In the next 5 years we'll continue to see automation processes become more widespread, both through existing technologies and artificial intelligence. I believe these are the technologies that will help to fill in the human skill gap.