IronNet’s Co-CEO Bill Welch did us the honor of sitting down with Aviva Zacks of Safety Detective. He told us about his company’s IronDefense and IronDome and how they are using analytics to keep companies safe from nation-state attacks.
Safety Detective: How did you get into cybersecurity and what do you love about it?
Bill Welch: Prior to joining the IronNet team, I had the privilege of being a part of great cybersecurity companies like Symantec, Zscaler, and Duo Security, all of which have allowed me to get involved in the cybersecurity world in different and exciting ways. Ranging from two-factor authentication and cloud security to data loss and now network detection and response and collective defense, I’ve been lucky enough to evolve with the industry and experience a variety of elements within security.
I love how cybersecurity is always changing and how you’ve got to keep up with it every single day, globally. Whether it’s the threats that are coming from nation-states or malicious actors operating alone to steal intellectual property or impact elections, there’s always a new threat to ward off and companies to educate on the latest cyber concerns to ensure they are properly secured.
SD: Can you tell me about IronNet’s IronDefense and IronDome (not to be confused with Israel’s defense system of the same name)?
BW: With IronDome, we are trying to form a collective approach to protect companies, sectors, nations, and states. We assist enterprises of all sizes in collectively defending by sharing malicious behavior and anomalies—in real-time and anonymously—across companies, industries, states, and even nations who are members of those collective defense ecosystems. This exponentially increases their visibility into attacks that have impacted their peers and might be headed their way. Our moniker is that collective defense is our collective responsibility.
This concept is built upon a few things we’ve observed in the marketplace. One is that cyber is an element of national power and people are using it to achieve political, economic, and military objectives. In our current, modern warfare environment, when a nation-state decides to strike against the U.S., cyber is a key aspect of their attack, and like in physical battles, the only way to successfully ward off these attacks is by working together and sharing resources.
As we look back on WannaCry and NotPetya, we also have reason to believe that cyberattacks are getting more and more destructive. The toolkits attackers are able to access are more advanced, and they are working together to build stronger attack vectors, further validating the need for us to take a similar approach, especially when defending our nation’s most critical infrastructures. The longer enterprises, sectors, nations, and industries continue to defend in isolation, the more prevalent threats will become.
So, what have we done to solve it? We believe that in order to understand what is going on in the cyber world, we need to see what’s coming in and going out. Through our IronDefense technology, we use behavioral analytics, machine learning, and artificial intelligence, and our expert system applies logic to these attacks to define the behaviors that can indicate suspicious and malicious threat campaigns. From there, using IronDome, those threats are shared within the collective defense ecosystem, and our world-class offensive operators and hunters can work with the customer’s security analysts to defend their enterprises together.
SD: What are the industries that use your products and solutions?
BW: We can go up and down the vertical triangle. For example, one of our customers is one of the largest companies in Singapore with billions of assets under management. Others include airlines, real estate, and financial services organizations that range in size and cyber capabilities. These companies have security operations centers with smart people running them, but the problem is that those smart people only have visibility into their own environment and are often stretched too thin. With the persisting talent gap in cyber, not leveraging their great minds across multiple companies only leads to more opportunities for attackers to be successful. That’s where our IronDome comes into play.
SD: What do you think are the worst cyberthreats today?
BW: While the answer to this question changes on a daily basis, right now I think the worst cyber threats are those that are being planned and executed by the nation-states because they have nearly unlimited resources. Across the globe right now, there are nation-states that want to do harm to the normalcy of our world by going after healthcare, economic, and financial infrastructures. When you look at the current pandemic, instead of seeing cyber threats decrease, we’ve seen many nation-states leverage the crisis to cause more damage. They are not afraid to attack and attack hard, so we must take a stronger approach to defense.
SD: Twitter put out a statement that they’re going to allow everyone to work from home forever. How do you think cybersecurity is going to change forever now that we’ve gone through this pandemic when more and more people will be working from home?
BW: I think that the current virtual workforce posture has created an attack vector that is much, much larger than it was before, but that doesn’t mean we can’t defend it. Companies, sectors, nations, and states have been moving from keeping everything in their data centers to a cloud-based infrastructure and doing it in the blink of an eye. Take, for example, IronNet: We now have 306 home offices that we have to protect – each one inside the employee’s own home infrastructure. We have to make sure that employees are practicing proper cyber hygiene, but we have to also make sure that the infrastructure and networks are set up appropriately.
While we are seeing companies adapt and learn how to support this new workforce, I think it’s going to get tougher to support as we see more attackers learning how to take advantage of these new vulnerabilities, and as we learn to defend against them. That’s why we are working to expand our collective defense approach. We see it as an opportunity to come together and defend ourselves, our companies, and our nation.