This post is based on an interview with Dan Wachtler. It is part of our series of interviews of OODA Network members. Our objective with these interviews is to provide actionable information of interest to the community, including insights that can help with your own career progression. We also really like highlighting some of the great people that make our continued research and reporting possible. For the full series see: OODA Expert Network Bio Series.

Career Progression:

Dan stumbled into the Cyber Profession accidentally.  While taking a summer Spanish Class at the University of Arizona, he met the CEO of American Protective Services (APS), a company that focuses on physical protection.  He was offered a job.  Dan enjoyed the work, but especially liked the new technologies that were transforming security services.  Dan co-founded IPSA Security Services which provided regulatory risk mitigation solutions. He discovered that he could help banks perform due-diligence on their customers and consequently identify frauds and money laundering schemes.

After September 11^th and the passing of the Patriot Act, “knowing your customer” became even more important.  As the industry developed, Dan observed that many of the functions performed were becoming commoditized.  An Economist at heart (his undergraduate degree), he applauded the way the industry was transforming, as the solutions were becoming more available to the users through standardized applications that could be bought on the market.  But he felt like there was more to cybersecurity than the routine tasks performed by these applications.  Moving from protecting bodies to protecting information felt right. A year ago, he became the CEO of DarkLight where he focuses on bridging the gap to help organizations realize the full potential of artificial intelligence.

A bank needs to use AI to know the customer before it makes a financial decision.  They can accept a low failure rate, maybe 2-5%, and still have overall mission success. The Intelligence Threat is different: that 2-5% risk could have catastrophic consequences.  Today he is passionate about connecting all the dots in a way that allows the human at the top to make good decisions. The bulk of threat intelligence is heading towards commoditization.  Dan sees the need for boutique AI solutions to help the humans in charge solve the final 2-5% risk.  They need to be given the tools to connect the final dots that need connecting; or NOT connect the dots that aren’t important.  It takes humans to do that.

Surprises:

After September 11^th, Dan’s company was a direct beneficiary of the new emphasis on using AI and cyber tools to expose funding streams to terrorists.  Everyone was willing to invest in this important capability.  Today, he is surprised by how short their memories are!  As an example, Dan points to the $1.9 Billion dollar fine paid by HSBC Holdings in 2012.  The bank failed to maintain an effective program to protect itself from money laundering schemes, even though the technology was readily available. He sees many organizations approaching due-diligence from a “check the box” perspective.

Incidentally, Dan faults the Venture Capitalists for some of these problems.  A start-up company isn’t motivated to build cyber into their solution from the start. Investments are made in innovations without regard to their innate cyber structure.  While not a fan of Big Government, Dan admits that this is an area that needs to have strong, enforceable regulations to level the playing field and ensure “apple-to-apple” comparisons can be made with respect to the cyber security of a product or solution.

Advice for Decision Makers:

Train your CISO (Cyber Experts) to be able to speak to the Board of Directors!  They have extremely important information to talk about, but don’t always know how to “speak executive-talk”.   They can learn; they just need a little guidance.

Security Improvements:

An average company has 75 security tools.  Five years ago, the Security Operations Center may have had access to most of them, but not all of them.  Connecting the dots was extremely difficult.  Today, with the ability to use connected sensors, AI, analytics and big data, a more meaningful view of the sensor information can be presented.  Allowing machines to perform the black/white decision tasks can free up human brain power to look at a more holistic view of the cyber landscape.   This is huge!

Risks in The Near Future:

Our Cyber talent pool is not big enough.  Even with all the current interest in growing and grooming this new occupation, we don’t (won’t) have enough trained cyber expertise.  Projections indicate that by 2021 we will be 3.5 MILLION people short in the cyber security field!  While AI and automation will fill many of the roles needed, we will still have a problem of “explain-ability”.  We can’t just trust the machine solutions.  Organizations will need to be able to interpret these actions and explain them so humans can understand.  We could develop a false sense of security if we blindly allowed AI to fill the cybersecurity talent void.

Technology of Interest:

Dan seeks capabilities and tools that can enable the human decision makers to have a better, holistic view of the cyber domain.  If an organization can’t understand why/how the security tools are performing the tasks they do, it’s like “pulling the leaves off a dandelion instead of pulling up the roots”.

Views on Thought Leaders:

Dan follows Rick Howard, the Chief Security Officer of Palo Alto Networks for his innovative approach looking at the cyber landscape.  He depends on his Chief Visionary Officer, Shawn Riley, to get some of the deep insights he needs to run his company.

Quick Hits:

• Book Recommendations: Pretty much anything you can find on the Cybersecurity CANON. They have GREAT stuff!  https://cybercanon.paloaltonetworks.com/  Also, Bytes, Bombs and Spies by Herbert Lin and Amy Zegart.
• Favorite piece of content on OODAloop: Dan starts his day by reading the daily analysis on OODALoop.  He considers it the BEST overview of current cyber issues available.
• LinkedIn: https://www.linkedin.com/in/dan-wachtler/
• Twitter: https://twitter.com/CyberDanW