What inspired you to help lead CTA as director on the board?
Like many in the industry, I have always believed that better sharing is crucial to our success as defenders, but that sharing has historically been very challenging. From its inception, I was very impressed with the mission and the leadership of the CTA, and I wanted Sophos to be part of that. Presented with the opportunity to serve on the Board, whereby I could further help the CTA to mature and grow, the choice felt like a moral imperative.
What has it meant to you to be a member of CTA’s board of directors?
As the CTA continues to thrive, we not only help to better protect the customers of member organizations, but we also demonstrate to the industry that sharing can work in practice, at scale, among vendors that compete in the marketplace. As a board member, I work with a truly impressive group of people who are passionate about improving threat intel sharing, and who do more than just pay lip service to its value. We commit both the resources of our companies to the effort, as well as our time to help make the overall operation more efficient, expansive, recognized, and effective. We are giving energy to something that will make a significant and durable difference in cybersecurity.
Has the CTA vision lived up to your expectations?
CTA recently celebrated its fifth year – what an accomplishment! Sophos and I are ready for another five years and beyond! In seriousness, CTA has grown considerably in the last five years, especially with membership, visibility, and awareness, and much more thanks to the tireless efforts of Michael, Neil, Jeannette, Jason, and other members who run the group day-to-day. This is also an example of the trust CTA has built among members – no easy feat, but a brilliant example of cooperation amongst competitors.
CTA recently celebrated 5 years since incorporation, where do you see CTA in 5 years?
It’s been great to see our systems and processes mature, our metrics improve, and our ranks grow, which in turn translates to an improved ability to collectively better protect our customers. So much has been accomplished in the past five years, but if you compare our membership to the overall cybersecurity industry, we’ve barely scratched the surface. As we become more massive (more members, more sharing, more practical defense enablement) we become more attractive. The rate at which we can enlist cybersecurity vendors who want to walk-the-walk instead of just talk-the-talk when it comes to sharing will increase, our sharing between the private and public sectors will mature, and our ability to enable better practical defense will continue to improve.
Today, ransomware is a prolific high-impacting threat. What do you see as CTA’s role in deterring, disrupting, and responding to this threat?
Ransomware thrives in unhygienic environments. The CTA is a meaningful contributor to a rising tide effect in our industry, which improves the hygiene of our customers by putting the shared threat intel into practice through our products. While this alone is not a guarantee of safety from ransomware or other threats, it makes the customers of CTA members less attractive targets because they tend to be relatively “more expensive” for ransomware operators to target. Combine this ongoing deterrence with ransomware-thwarting innovations from members, and it helps to disrupt the menace.
The threat landscape is dynamic and increasingly challenging. What keeps you motivated in the battle to gain the upper hand against our adversaries?
I am motivated by progress in the face of a challenge. A sense that improvement is being made, or remains possible, on some timeline. Our industry presents a never-ending challenge in the form of human adversaries, and while it sometimes feels like you’re subject to the Red Queen hypothesis, we continue to produce great technological innovations, people become more cybersecurity aware every day, and our processes and attitudes toward risk management continue to mature. On an industrial timeline, we are in the very early stages of “doing cybersecurity” and I feel like our best days are ahead of us. I find meaning in driving that forward.
Joe Levy joined Sophos as Chief Technology Officer (CTO) in February 2015. In this role he leads the company’s technology strategy worldwide, driving product vision and innovation to both enhance and simplify IT security.
Joe brings more than 20 years of leadership and development expertise focused on information security. Prior to Sophos, Joe was CTO for Blue Coat Systems following the company’s May 2013 acquisition of security analytics pioneer Solera Networks, where he had served as CTO since 2008. Prior to Solera, Joe was CTO of SonicWALL (acquired by Dell), where he led research and development teams with concentrations in the areas of next-generation firewalls, deep packet inspection, cryptography, and secure remote access.
Earlier in his career, Joe spent six years with the security-focused value-added reseller OneNet, where he led product and service design and development, including managed services. Joe has participated in various industry certification and design consortiums, and he holds several security, networking database, and virtualization patents. He has co-authored a book on the topic of wireless network security, covering many of the secure wireless innovations he and his architectural teams have designed. Joe holds a B.A. from Queens College, NY.