Rusty Sailors has over 40 years of defense and intelligence experience. He is president and CTO of LP3, chairman of non-profit Protecting Tomorrow, a UCSD 2010 Gordon Engineering Leadership Fellow and a FHOOSH Security Advisory Board member.
“Encryption is an essential element of a cyber security architecture—it’s a critical tool in the tool box. What’s special about the FHOOSH solution is the increase in performance while using encryption.”
Q: What trends do you see affecting data security most this year?
A: Increasing attack sophistication and the breadth of automated attacks are two trends. The simple cyber security solutions just aren’t that effective any more—it’s like having a hook latch to lock the door on your brick-and-mortar business. It just doesn’t protect you against thieves. Attackers with only average skills are using easy-to-use point-and-click online tools that automatically search for and execute attacks…looking for the tiniest crack and then exploiting it. Some people tell me they don’t have to worry because they aren’t targets since they’re just small companies. If you’re on a list of IP addresses or URLs a hacker is using to launch automated hacking tools…you’re a target!
Spear phishing is getting better and better, and leads to more and more bank fraud transactions and the spread of various versions of ransomware. For example, attackers will compromise a mortgage lender and request an electronic payment just at the right time…by the time the fraudulent transaction is caught a few days later, the money is gone. When it comes to businesses, the banks are only liable for a very narrow window of time, so rapid detection really matters.
Q: What are some of the biggest security challenges facing companies you work with?
A: The first concern is the cost of solid security. Too many companies think they can’t afford good cyber security. We have focused on building integrated secure IT solutions that look across client companies to reduce their overall costs while delivering solid security at an affordable price—these opportunities are there if you work to find them.
Insider threat continues to be a challenge. With a highly mobile work force, it’s relatively simple for even lower level employees to steal valuable intellectual property, pricing data, customer lists, processes and critical information from any business. Compartmentalizing this data to just the people who need to know is important, but the risk still exists. Keeping your employees happy matters from a cyber security perspective. Losing people can cost much more than just refilling a position and training a new employee.
Q: Where do you see the most significant advances in cybersecurity over the next few years?
A: Digital Rights Management (DRM) is starting to show up more often now. These types of technologies encrypt files and only allow the recipient to view, save, print and store a document. The technology has been available for a few years, but it’s starting to be actually implemented in larger enterprises now. It enables the owner of a document to control distribution and even “self-destruct” if needed. It doesn’t actually blow up, but is hopelessly encrypted after a certain amount of time. DLP (Data Loss Prevention) technologies are available and advancing—even in Office 365! You just need the right experts to configure them properly.
Q: What drives your interest in cybersecurity?
A: Protecting our client’s businesses matters most. Protecting the nation’s economy down to our local communities is essential—it’s in our DNA as individuals and in our basic culture as a company. Business owners are trying to sustain and grow the American economy, and we’re here to help. They focus on developing a thriving business taking care of their customers and employees…and their families. A single cyber attack can shut down that business. Over 60 percent of the small businesses that are hacked are out of business in nine months because they can’t recover—it’s a burn-the-building-down kind of event. Many business owners don’t understand the significance of this risk and they simply won’t believe it will happen to them. They focus on running their businesses—we focus on protecting them.
Q: What sets FHOOSH apart, from your perspective?
A: Encryption is an essential element of a cyber security architecture—it’s a critical tool in the tool box. What’s special about the FHOOSH solution is the increase in performance while using encryption. This means it’s now feasible to encrypt large files while you quickly move them from one place to another. This is very important and valuable as you organize your data or as you migrate from on-prem to the cloud.
I see FHOOSH being applicable from small companies to very large organizations who have to protect their data while having to move large chunks from time to time. I think this will become especially important when dealing with video files, large geo-spatial imagery files, sensitive DNA information and more. The reliability, protection and performance all have to be there together and FHOOSH provides that critical combination that companies need.