CTA Board of Directors Spotlight: Jaya Baloo, CISO, Avast
What inspired you to not only join, but also to help lead CTA?
I was very inspired by the mission of CTA, because it’s so important that defenders cooperate. The best way to do that is to share rich and unique intelligence that can be enriched by other parties. The only way for us to figure out which malicious attacks we need to focus on at an industry-wide level is working together.
What do you hope to accomplish as a CTA board member?
With the goal to work together to have a greater impact, then we need more members. Because more members equal more information equals greater impact! I want to spread the message of CTA far and wide to bring more members on board and in sync with our mission to protect the digital world.
Has CTA lived up to your vision?
The value of intelligence sharing has made a tremendous impact and exceeded our expectations. Initially we had concerns we wouldn’t be able to meet the requirements to share intelligence, but once we fully integrated, we were able to use the intelligence for both our internal defenses as well as that of our customers. The early share process is extremely valuable.
What role does CTA play in the global sharing ecosystem? How is CTA different than other sharing activities that you engage with?
CTA makes automated real-time actional threat intelligence sharing work. With today’s threat landscape, this is critical. The CTA trusted community ensures communication is on-going and collaboration is regular and consistent. Other sharing organizations can’t compete with this model.
CTA recently celebrated 5 years since incorporation, where do you see CTA in 5 years?
In five years, I see CTA with a wonderful breadth of contributing members. I also envision the group doing important work to educate and engage with public and private entities. Over time, I would like to see CTA grow based on its deep trust between members and expand beyond such a US focus, as cyber is an international problem.
Where should CTA focus next / what should be CTA’s next priority?
I think the next logical steps for CTA are to grow the international community and deepen trust between defenders.
Today, ransomware is a prolific high-impacting threat. What do you see as CTA’s role in (deterring, disrupting, responding, etc.) to this beast?
There are three major things CTA can do in response to ransomware. The first is share decryption keys so we can spread them wide, like nomoreransom. The second is finding and disrupting the cybercriminals’ infrastructure. And the third is identifying and disrupting actors from evolving their toolkit. For example, wipers are an even bigger problem, so tracking and stopping the wipers is a smart move.
What keeps you motivated, and who inspires you?
My greatest source of inspiration is my team. I like fixing problems; it’s fun. I love talking to my red team, threat defenders, and SOC and working between the teams to find new solutions and kinds of thinking. I would never be able to consume or understand nearly as well if it weren’t curated by my team. CTA is the same: together, we curate the most important threat info and come up with new ways to think about problems.
Any closing comments you want to leave us with?
I love to be inspired by new ideas and people. I like thinking about new solutions to some of our biggest problems and finding ways to implement them in my personal life as well as my professional life.
We must fix the open wound. Whether it’s in cybersecurity or in climate change, you must stop the bleeding. Focus on the biggest issues and tackle them first.
Jaya Baloo is Avast’s Chief Information Security Officer (CISO) and joined Avast in October 2019. Previously, Ms. Baloo held the position of CISO at KPN, the largest telecommunications carrier in the Netherlands, where she established and lead its security team whose best practices in strategy and policy are today recognized as world leading. Prior to this, Ms. Baloo also held the position of Practice Lead Lawful Interception at Verizon and worked at France Telecom as a Technical Security Specialist.
Ms. Baloo is formally recognized within the list of top 100 CISOs globally and ranks among the top 100 security influencers worldwide. In 2019, she was also selected as one of the fifty most inspiring women in the Netherlands by Inspiring Fifty, a non-profit aiming to raise diversity in technology by making female role models in technology more visible.
Ms. Baloo has been working in the field of information security, with a focus on secure network architecture, for over 20 years and sits on the advisory boards of the NL’s National Cyber Security Centre, PQCrypto and Flagship Strategic. She serves on the audit committee of TIIN capital, a cybersecurity fund, and is also a member of the IT Committee of Sociale Verzekeringsbank. Ms. Baloo is currently a member of EU Quantum having been a member of the EU High Level Steering Committee for the FET Quantum Flagship from 2016 – 2017. Ms. Baloo has spoken widely at high profile conferences such as RSA, TEDx and Codemotion on topics including Lawful Interception, VoIP & Mobile Security, Cryptography, and Quantum Communications Networks. Additionally, Ms. Baloo is a faculty member of the Singularity University since 2017, where she regularly lectures.