This discussion focuses on behavior-based network traffic analysis.
Sramana Mitra: Let’s start by introducing our audience to yourself as well as to IronNet.
Brett Williams: I’m a Co-Founder and the COO of IronNet Cybersecurity. IronNet’s mission is to provide the power of collective cybersecurity to companies, sectors, and nations.
Over the last five years, we have developed a suite of software tools that we believe redefines cybersecurity from a collective security or collective defense perspective as opposed to every company trying to defend themselves.
Just a bit of background, I’m a retired air force general. I spent much of my career flying fighters. In the last five years of my career, I got into IT and cybersecurity. In my last position, I was the Director of Operations at United States Cyber Command. We were responsible for operating and defending all of the Department of Defense networks and for planning any offensive operations.
I co-founded IronNet after that. We’re about five years into our journey.
Sramana Mitra: Talk to me a bit about what you do in IronNet.
Brett Williams: We help people think differently about cybersecurity. That is on two levels. The first level that’s very important for us is that companies and nations get out of the mindset of defending individually.
If you look at any business sector, we’ve got a bunch of companies that are spending up to hundreds of millions of dollars a year on a variety of cybersecurity tools. What we’ve proven over time is that no matter how much resource you pour into this, there’s still a potential that a dedicated attacker can successfully breach your cyber defenses and cause some significant damage.
We take our experience from the government and the military where we never defended alone. We never sent a ship to sea just by itself. You always took a collective security approach.
We want to get companies that are like-minded into a concept we call Iron Dome so that we’ve a security approach that takes it beyond what a lot of people think about now in terms of information and intelligence sharing which gets to machine-to-machine exchange of metadata and other critical information.
Let’s say there was an attack attempt on my company. It wasn’t successful but had it attacked your company, it would have been. When we can share that type of information, we can start to get ahead of the bad guys in terms of being able to defend each other in a collective approach.
The other aspect of that is something that our company is uniquely positioned to do, which is to establish meaningful information sharing between the private and public sector. There are a number of barriers to that right now.
On the government side, we tend to get wrapped up in security classifications. We’ve to figure out what policies can allow us to get information back to the private sector. On the private sector side, there’re liability and privacy concerns.
We work with Department of Homeland Security and other government agencies to create sharing mechanisms with the metadata that we collect within Iron Dome so that we can start creating a meaningful machine-speed sharing capability between the public and private sector.
The third aspect is looking at behavioral analytics. Most cybersecurity products rely on a signature. We saw this particular attack somewhere else. We upload it to our cloud and send it out to all the routers and all antivirus products. That’s good if you’re not one of the first people attacked before that signature is sent out.