Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Former Scotland Yard detective discusses cybercrime and threat intelligence

Richard Starnes | April 5, 2016
Steve Santorelli, passionate about Internet security and committed to bringing folks together to attack the problem in many ways.

Having worked in the private, government and not-for-profit sectors, from a cybersecurity perspective what are the advantages and challenges for each organization structure?

It is pretty simple, and the key reason why so many of us spend so much time trying to bridge the gaps and bring both sides to the table: the cops are the only group that can make arrests, industry is (still, to a large extent) the only group that has the expertise to track down the miscreants and the NFP sector has the remit to build capacity in places that lack the expertise around the world. Separately, we're screwed. But combined, with a little luck, a lot of trust and sometimes a little beer, we can really make inroads in this fight.

You are the director of analysis and outreach for Team Cymru, a not-for-profit cybersecurity research firm, could you tell us a bit about how your firm came to be and what it does?

We were founded over a decade ago by four geeks who became obsessed with understanding the motivations behind the early denial of service and malware attacks. What makes us unique is that, from the very early days, we have been entirely mission focused as opposed to profit centered. Our motive has always been to 'save and improve human lives' and we really cleave to that in everything we do. We have the support we need to do (somewhat) crazy things that don't generate any profit, but benefit the infosec community and frankly, need to be done by someone to prevent the criminals from utterly ruining the Internet for the next generation. That's why we get to attract so many talented people: you bring your 'A-game' every day and you get to really see the difference you make to the Internet, not just a spreadsheets bottom line.Law enforcement worldwide are still, to this day, working a 19th century process that simply doesn't map to a 21st century criminal evolution. Things have improved, especially when it comes to having geeky cops who have grown up with this technology and care passionately about the Internet, but we still have a long way to go, overall, in how we disrupt and deter criminals.

Having worked in the private, government and not-for-profit sectors, from a cybersecurity perspective what are the advantages and challenges for each organization structure?

It is pretty simple, and the key reason why so many of us spend so much time trying to bridge the gaps and bring both sides to the table: the cops are the only group that can make arrests, industry is (still, to a large extent) the only group that has the expertise to track down the miscreants and the NFP sector has the remit to build capacity in places that lack the expertise around the world. Separately, we're screwed. But combined, with a little luck, a lot of trust and sometimes a little beer, we can really make inroads in this fight.

 

Previous Page  1  2  3  4  Next Page 

Sign up for Computerworld eNewsletters.