Tell us a little about yourself. What was your background before coming to CTA?
Prior to joining the CTA in February 2017, I served as a Special Assistant to President Obama and as Cybersecurity Coordinator on the National Security Council Staff. In this role, I was responsible for leading the development of national cybersecurity strategy and policy, ensuring that the U.S. government was partnering effectively on these issues with the private sector, non-governmental organizations, and other nations, and coordinating the policy response to significant cyber incidents
Before that, I spent well over a decade at the U.S. Office of Management & Budget in a variety of roles and during this time really got to witness the transformative impacts, for better and for worse, that emerging digital technologies had on the business of the U.S. government.
What does your role at CTA look like on a day-to-day basis?
When I’m wearing my hat as President of the CTA Board of Directors, it’s my responsibility to help guide the board as it makes high-level decisions about membership, internal governance, external relations and the future direction of CTA.
Day-to-day, though, my role as CEO requires me to lead CTA’s work in carrying out its mission. I have to maintain a strategic focus and get into the weeds of how CTA’s various constituent elements function and interact. Of course, CTA has enormously talented staff, and it makes my job as CEO much easier knowing that all aspects of the organization’s work — technical, HR, legal, communications and so forth — are in such good hands.
Which aspects of CTA’s mission attracted you to the organization?
What really attracted me to CTA is that nobody’s ever done anything like this before. CTA enables heavyweight competitors to share threat intelligence to improve the security of our entire ecosystem, but still compete at the same time. This kind of information sharing is really critically important because no one organization sees everything they need to see to provide protection to their customers and clients on its own. So, the only way to get the kind of situational awareness needed for effective defenses is for CTA Members and our other non-Member partners to share information with one another.
How has CTA evolved during your time at the helm?
Since early 2017, we have grown to more than twenty-five total members in our alliance. That said, while the organization is on a different scale from that perspective compared to what it was then, we’re still a lean organization internally and have taken steps to ensure we stay that way, retaining a lot of flexibility and the ability to respond quickly to what is a rapidly-changing threat landscape.
We’ve also refined certain aspects of our operation to get the outcomes that we want to see in terms of data sharing, operational collaboration, and non-Member partnerships.
Where would you hope to see CTA go in the future?
CTA is really trying to do three things. First, we are enabling our member companies to better protect end-users — their clients and customers — by sharing threat data at speed and at scale, both in an automated fashion and through human-to-human sharing. Second, we are using that shared information to better disrupt what the bad guys are doing; to answer the question of how we can systemically counter malicious activity across our digital ecosystem. Third, we are trying to elevate the level of cybersecurity across the digital ecosystem.
With those goals in mind, of course, it would be great to continue building our membership, and that’s going to be a necessity if we are to actualize CTA’s founding vision as a nucleus within the cybersecurity industry.
However, what I’m really excited for — now that we’ve scaled up the organization and worked through the kinds of kinks that every young start-up goes through — is to bolster our partnerships and coordination with government entities and through other affiliations with non-Members.
If we are to really tackle cyber threats effectively, we’re going to need to bring together a much broader range of organizations than just our private sector members. Through our Contributing Allies program and other ad-hoc partnerships, that’s what we’re now doing. It’s an exciting time to be a part of CTA.
Q&A conducted by Joshua Kenway
Author: Michael Daniel
The latest from the cyber threat alliance
HOW TO BAKE CYBERSECURITY REGULATIONS: INGREDIENTS FOR BETTER RESULTS
In most countries and economic sectors, organizations have traditionally faced few cybersecurity regulations. However, as the cybersecurity threat has worsened and the dependence on IT has grown, nations are increasingly turning to [...]
Cyber Incident Reporting Framework: Global Edition
Last fall, multiple industry organizations led by the Cyber Threat Alliance (CTA) and the Institute for Security and Technology (IST) came together to provide input regarding cyber incident reporting for US entities This group identified a set of principles and developed a model reporting format that the Cybersecurity [...]