Alexa Raad is chief operating officer of Farsight Security, based in San Mateo, California. Farsight Security is a provider of real-time actionable Internet threat intelligence solutions.
In this exclusive interview, Raad discusses methods of curbing cybercrime by tracking bad actors through the trails they leave in the domain name system. She also offers some encouraging advice to women and girls interested in breaking into the cybersecurity field.
Farsight Security COO Alexa Raad
Chief Operating Officer
TechNewsWorld: What is Farsight Security’s mission?
Alexa Raad: We believe that everyone is entitled to a safer Internet, and so everything we do starts out with that mission in mind. What we do is provide Internet defenders with very valuable data that they can use to get some context around nefarious acts.
As an example, if you think about Internet threats like phishing and botnets and malware — all of those start with a DNS — a domain name system. And so every kind of nefarious act leaves footprints and fingerprints in the DNS. That’s something that cannot be faked. We provide information that is contextual.
To give an example, a lot of the new domain names that are registered are typically registered with bad intent, meaning criminals are going to use them to commit some sort of act, like phishing attacks, etc. When a domain name is registered, it’s fine, but when traffic starts going to those sites, it becomes much more dangerous.
When people start actually going to a phishing site, it raises the threat level. We have a global sensor network that picks up these resolutions. We collect this data, but without any personally-identifiable information, which is important.
That information allows people to see what’s actually got some traction, and we also add additional information for guilt by association. If a phishing site is actually hosted where there are lots of other bad actors or bad sites, that provides you with some context. You start to follow that and get a better picture of that attack than you would otherwise.
We provide real-time and historical information, and both are contextual. The real-time data is important, because you have to fight these battles in near real time. The historical information is important because you want to know if this was the first time we ever saw this URL or domain name. A lot of these patterns repeat themselves. It is unlikely that a site was bad six months ago and all of a sudden it’s reformed. Having that contextual information is important.
TNW: Why do you have a passion for cybersecurity? Why do you think it’s an important and vital field?
Raad: I believe in the mission of cybersecurity. I want to leave our kids with a safer Internet. The Internet is such a utility — we all rely on it, and we have to have some modicum of expectation that the Internet is safe.
The DNS is a fabric that’s equalizing. Regardless of where you are on the Internet, you have a voice. We’re learning that if Internet is not taken care of, there will be unintended consequences.
TNW: What are some of the key cybersecurity issues today? What are some prevalent or common problems that we face?
Raad: There’s an increasing number of attacks with the Internet of things. The number of Internet-enabled devices is increasing, and all of these connected devices provide vectors for cybersecurity attacks. The race is on for cheaper devices, but the race isn’t necessarily on to create more secure devices.
TNW: What advice would you give to girls and women wanting to get into the cybersecurity field?
Raad: It’s the ideal field for women. To be really good in cybersecurity, you have to have an inquisitive mind, be a problem-solver, and see things holistically.
For a problem that’s complex, you need to think holistically, you can’t compartmentalize. You have to think, how would a criminal look at your DNS architecture? Women tend to think holistically, and if you do, you will excel in this field.
The other piece of advice I would give is that you have got to be your own champion. Don’t wait for anyone to propose something to you or to give you the promotion that you deserve. You have to speak up. You have to be your own advocate, and you have to lay out the business case.
If you want to be promoted, for instance, you have to say, this is what I’ve done, this is what I’ve accomplished, this is what I can do more of, and this is why it’s in your own best interest to promote me. There is an imbalance in the number of women in power, and it’s also at the executive level. Very few women are CEOs or in the c-suite or on the board, and there is a lot that women can offer and do.
Whether it’s because companies recognize the need to hire more women or they have a policy to do so, the opportunities for women are there. The security industry is growing. There aren’t enough people to fill the jobs available, and a lot of them are high-paying, with good benefits. You just need to be your own champion.
TNW: What new cyberthreats are emerging, and how can businesses prepare themselves to face them?
Raad: You see a lot of ransomware. Just a few weeks ago I was at my dentist, and he told me that he had just been the victim of a ransomware attack, and he ended up paying it. You wouldn’t have thought he would be the victim of an attack like that, but someone in his organization had clicked on a link, and all of his patient records were frozen until he paid the ransom.
You will see more of this because it pays well, and it targets people who aren’t well-versed in security hygiene. We’ll see more and more of the security issues and attacks that come because of insecure devices like wearables and Internet-connected devices.
There isn’t an incentive for manufacturers to create more security. The economic incentive is more toward creating devices that are cheaper and more affordable than more security, but it really has to be both. It requires both better engineering and better policy