'Wartime' Security Mentality RevisitedDave Merkel of Expel on Evolution of Nation-State Threats and Response
Five years ago, cybersecurity executive Dave Merkel called upon enterprises to shed their "peacetime" mindsets and adopt a "wartime" stance against persistent cybercriminals and nation-state actors. How have they risen to that challenge?
Merkel was CTO of cybsecurity vendor FireEye at the time of that interview (see: Advanced Threats: Prepare for War). Today, as co-founder and CEO of managed security service provider Expel, he revisits this conversation about adopting the wartime mindset in an interview with Information Security Media Group.
Advanced threats and nation-state threat actors have become almost mainstream over the past five years, but Merkel says he also has seen a palpable shift in mindset among defenders.
"There's an increased self-awareness with organizations that have something to protect," Merkel says. "If I go back a decade, and think about the conversations I was having then, I'd talk to someone and say, 'You know real bad guys want your stuff, right?' And you might go through a 15-minute conversation to get to the 'aha' moment.
"That's very different today. I might still have those conversations, but they're maybe one or two in 10. Eight of 10 are with organizations that are self-aware of their assets, are at least a little bit aware of the kinds of threat [actors] that might be interested in them and are trying to do something - maybe the right things, maybe the wrong things - but something to improve their posture."
In an interview (see audio link below photo) about the wartime mindset, Merkel discusses:
- The evolution of threats and threat actors;
- How enterprises have become better educated and prepared;
- How defenses must continue to evolve with the shifting threat landscape.
Merkel is the co-founder and CEO of Expel. He has been involved in the information security field for nearly 20 years, first as a federal agent pursuing cybercriminals in the era of floppy disks and 2400 baud modems, then as chief technology officer and vice president of products at Mandiant. Following FireEye's acquisition of Mandiant, he served as the global CTO of FireEye. He got his start as a special agent in the Air Force Office of Special Investigations, pursuing cybercriminals and conducting digital forensic investigations, and later as head of AOL's technical security organization.