“. . .the speed to weaponize a vulnerability has decreased down to days from the first PoC.” writes Endgame’s CTO, Jamie Butler. As part of our series from speakers and sponsors of this year’s Retail Cyber Intelligence Summit., we recently asked Jamie to respond to a few questions about the Summit and retail cybersecurity.
What was Jamie’s “game on” moment in cybersecurity? Read on.
RH-ISAC: Jamie, can you describe the work you do for us?
Butler: As CTO, I oversee our Research, Engineering and Product Management teams. I work with our Research team to understand the latest threats and macro trends in attacks. I use those findings to inform our Executive and Engineering teams about what we should be building toward for the future, and I work with the Product Management team to understand the customer and partner use cases, including workflow and integration needs.
RH-ISAC: Did you experience a personal, “game on” moment in cyber security?
Butler: I started programming at the age of 12, but I don’t think I was extremely interested in cyber security until I saw the movie Sneakers in high school. Looking back, I know the movie can be cheesy in some parts, but I still like it as a lighthearted spy drama since it opened my eyes to cyber espionage.
My career began at the NSA and I was there during 9/11, which was definitely a life changing experience and event. After the NSA, I think one of the big “game on” moments for me was when I discovered a corporation selling what I believed were subpar tools to the government. I felt these tools were comparable to what could be downloaded for free off the Internet. I believed our country deserved better, so I set out to build it. Building great products of value that are not just hype, and treating customers like partners and friends is still what drives me today. When I look at the computer security industry and see people or corporations deviating from that standard, it is my “game on” moment and fires me up to be and do better personally.
RH-ISAC: What is the most exciting (or frightening) development you’ve seen lately in your field?
Butler: I think the most frightening development has been the migration of tools and/or expertise from the national level to the cybercriminal domain. Also, the speed to weaponize a vulnerability has decreased down to days from the first PoC. Basically, the attackers are getting better and faster while our business processes are inherently slower. It is an alarming scenario when private corporations basically need their own cyber army to defend themselves.
RH-ISAC: Why is the RH-ISAC Summit important to the retail community?
Butler: I think this Summit is important because of the challenges corporations face in combating the speed and efficacy of cybercriminals. Although segments of the retail sector may compete commercially, I think there is a lot we can learn from each other collectively in the cyber security domain.