For our latest expert interview on our blog, we’ve welcomed cybersecurity specialist Tom Kirkham to share his wealth of experience on the topic of cybersecurity.
Tom is the founder and CEO of IronTech Security, a managed security service provider (MSSP) that focuses on educating and encouraging law firms, court systems, water utilities, and financial firms to establish a security-first environment with cybersecurity training programs for all workers to prevent successful attacks.
He brings more than three decades of software design, network administration, computer security, and cybersecurity knowledge to organizations across the United States.
What inspires and energizes you within your work?
I am passionate about protecting everyone from hackers, protecting their lives, money, and their business. In many cases, their business is their life. My main passion is education because it is often severely lacking to most people.
Can you share a little bit about yourself and how you got into cybersecurity?
I’ve been in technology my entire career, for about 40 years now. But a few years ago, there was more and more hacking. It became much more than just hackers doing it for bragging rights or just because they can.
It has become a huge industry, we now have to worry about nation-states influencing elections, hacking government voting registration, military, and intellectual property.
In 2015, I was put on an ISIS kill list by the United Cyber Caliphate. An online retailer was hacked and about 9000 people were put on a kill list. Since this event over the past 6 years, cybersecurity has been a project of mine.
What notable cybersecurity challenges have you overcome?
We had a lateral movement ransomware attack with multiple payloads. It took me, our organization, and multiple vendors to stop the attack, and clean up after the attack. We had all hands on deck and every minute counted.
We had to shut down a surgeon’s office, but we were successful. We overcame that, only because we were able to respond within minutes.
What are your favourite things about working in your field?
It’s constantly changing. I love change, I’ve embraced it my whole life. There is nothing in technology that changes as fast as cybersecurity.
The best information security specialists are curious about how to hack and steal things, some people may say you’re born with it, but I’ve always been curious as it helps tremendously in this field to think as a criminal would.
Can you tell us about one accomplishment that shaped your career?
I am a successful technology investor, I lived through the .com days in the stock market. At that time, I was investing in 20-30 technology companies purely because of the vision that these companies were providing.
Many of them have gone bust since, but again it goes back to the constant technological change that fascinates me.
When we were first struck by the pandemic, we saw reports of an increase in cybercriminals phishing through Covid themed scams and attachments. Are these pandemic themed cyber crimes still happening?
Yes, these themed cyber crimes are still happening. The big thing we noticed besides the COVID-19 themed scams, was the 1000% increase in attacks (in a matter of days) on remote access technology.
People were trying as fast as possible during March of 2020 to get everyone working from home because the offices were shut down. We had hundreds of remote access points we had to roll out, and we were able to do it safely.
As there has been such a surge in working from home, this has created concerns for cybersecurity professionals, exposing businesses to many threats. What preventive measures would you recommend a business takes to fill those gaps?
VPN (Virtual Private Network) connection to the corporate network. MFA (multi-factor authentication), you need to have these additional pieces, just using a username and password is insufficient in today’s world.
We recommend making sure the computer that is connecting is company property so it is properly secure. Once that computer connects to the company network it is a company network computer.
What advice would you give to someone wishing to start their career in cybersecurity?
It’s never going to hurt to get certifications. There are so many specialities within the industry you can just pick and choose what interests you the most. I think it’s really important to understand the hacking industry.
You have to understand the sheer scale of it. I recommend you join the local FBI Infragard chapter in your state and follow Infosec news feeds. Read every single day. Stay up to date on the latest news alerts, study them, and understand what the attack vector is.
What are some misconceptions that you believe businesses have about cybersecurity?
They think they are too small to be hit with a cyber attack. They think it’s an IT problem. Information Technology and Information Security are two different specialities that have different objectives. If you want to protect your business you need to find an infosec specialist to discover the right tools for fulfilling your infosec needs.
Does your organization use log and metrics data to improve and secure your systems? How do you find managing logs assists your day to day work?
We use both manual and automatic tools to alert us of unusual activity or security attempts like attempted login attempts.
We review those to make sure we have all of our plugs filled. For devices such as industrial control systems, you must. It’s the only way you can monitor and respond.
All of your devices should be monitored if possible. We implement something called SOAR (security, orchestration, automation, response). It takes both automated and manual systems to receive alerts and mitigate them.
Are there any books, blogs, or any other resources that you highly recommend?
This is How You Tell me The World Ends by Nicole Perlroth. She is a cybersecurity reporter for the New York Times. After reading, you will be shocked by the size and scale of the cybersecurity industry.
Would you like to share any cybersecurity forecasts or predictions of your own with our readers?
I believe there is going to be a worldwide cyber pandemic. I hope I’m wrong. But the United States in particular is woefully vulnerable to hacking. There is no other nation on earth that has this much connection to the internet.
If you enjoyed this article then why not check out our previous blog post comparing REST vs SOAP?