Safety Detective’s Aviva Zacks sat down with Timothy Brown, VP of Security at SolarWinds, and asked him about his company’s approach to cybersecurity.
Safety Detective: How did you get started in the cybersecurity industry?
Timothy Brown: I had the privilege to start from scratch over 20 years ago. IT professionals have gone from being the geeks in the backroom to having seats on the board. Now people are excited about the industry because it is truly one of the most rapidly changing industries out there.
I’ve been able to invent security solutions. I’ve met with hundreds, maybe even thousands, of customers around the world to help them with security. I have had a lot of different roles in security, primarily focused on enterprise because that’s where the security issues were at the beginning. One of my big changes is that I now focus on small and medium enterprises because that is my passion.
SD: What does your company do to help protect enterprises?
TB: SolarWinds is in a unique position. We don’t necessarily try to target the CIOs or the CSOs. Instead, we sell directly to the IT professional by giving them the tools and technology that they use to help run their businesses. Our products are powerful, affordable, and easy to use. We help manage networks and servers and solve problems with log management.
We currently service around 250,000 customers in 190 countries, and our customers include all of the Fortune 500.
At the same time, another arm of our business focuses on the small and medium business. We provide products to 22,000 MSPs that are used to both secure and manage over 450,000 small and medium businesses.
SolarWinds takes technology that is often only accessible to large enterprises and move it down the stream, so it’s accessible to everyone.
SD: What do you feel is the worst cyber threat to end-users today?
TB: From an end-user perspective, I wish I could tell you that the worst cyberthreats we face are zero-day and sophisticated adversaries. Unfortunately, there is still a huge lack of cyberhygiene. We make it way too simple for our adversaries to get in. Often it is human error in the backend that makes systems vulnerable.
So, it is important to always start with a good foundation. Make sure you have the basics in place, then move forward into more advanced solutions as you need them. For example, if you’re in an industry that is more of a target because you have data that people want, then you need to put advanced technologies into place.
SD: You said earlier that cybersecurity is one of the fastest developing industries. How do you see cybersecurity in about five years from now?
TB: It is never going away because there is too much money to be made in cybercrime. As an example, Zero Trust is very hot topic today. We are going to have to embrace the fact that companies don’t have a secure enough perimeter anymore. So, in the future, we must strengthen that outer shell.
To do this, you will need to have multifactor authentication and auditing in place. We can treat 80% of the users in a very generic way because they do not carry high risk to an organization. But that last 20% is special because they have access to secure data and if compromised, will do harm to their environment.
Analytics in AI, machine learning, and IoT is going to change a great deal because we’re going to have so many devices with different capabilities. It’s no longer going to be sufficient to use a static model. Dynamic analysis will also evolve in the next few years.
SD: How is SolarWinds preparing to stay ahead of the curve?
TB: We’re working on a lot of different things including putting identity solutions in place. We are making sure that there is good basic hygiene, including patches and nodes. One of the key things for protecting the world today is not just to focus on large enterprises, but to broaden the scope to small to medium businesses as well.