I am super excited to announce that I am joining offensive security company Randori as Chief Strategy Officer.
To understand why I joined Randori, it’s helpful to know a little bit about my background. I am a retired 2 Star Admiral with the US Navy where I served as Deputy Chief of the National Security Agency and most recently served as the Chief Resilience Officer at State Street. This blend of government and private sector experience, working on both offensive and defense cyber operations, gives me a perspective that I’ve found is helpful when developing resilient security programs and one lacking in many organizations. So you might be asking yourself, why would I jump from large organizations, doing a functional cyber role to a 50-person cybersecurity SaaS startup? In short, the opportunity for impact. Attack surface management (ASM) may be a relatively new category in cyber, but it is hard to miss the industry’s momentum toward creating a resilient perimeter, reducing and maintaining the attack surface, and instant alerts to structural changes and threats.
Unfortunately, the need for cybersecurity will not disappear anytime soon. If anything, the issues we face are going to get worse before they get better. While this is the reality we face, it is not cause for panic. Rather, it is a time for resolve, and for cybersecurity professionals to keep the pressure on.
My experience has shown me that companies come in all shapes, sizes and situations. They have different networks, tools and access capabilities, which all mandate a unique security posture. You can’t have a “set it and forget it” mentality — postures must be built, maintained and (most-importantly) improved. All companies start out somewhere along the cyber maturity spectrum. If they are relatively early on the spectrum, I wouldn’t attempt to balloon their program to a size beyond that which they can reasonably maintain. Maturing your cybersecurity posture takes a deliberate hand.
One capability the DOD has invested in heavily is red teaming. From a business world perspective, this capability is more advanced than basic block and tackling. An effective security program should:
- Be designed from an attacker mindset
- Be proactive rather than reactive
- Incorporate a defend forward strategy
- Not be a simulation, but as realistic an experience as possible
From my perspective, Randori’s platform meets all these criteria. I believe offensive security (defend forward) is a key component in future cybersecurity programs. As the undisputed leader in offensive security, I believe Randori is poised to change the very nature of the conversation from SOCs to board rooms.
For a more detailed view of how Randori can help you defend forward by shifting your security program go from reactive to proactive, sign up for a free attack surface review today.
