For our latest specialist interview in our series speaking to technology leaders from around the world, we’ve welcomed the COO of DNSFilter, Jen Ayers to share her insights from the world of cybersecurity including the latest trends she is seeing on the rise and what business leaders need to keep in mind for the rest of 2021.
Jen has over a decade of experience in senior roles at leading cybersecurity tech companies such as FireEye and Overwatch which has led to a deep understanding of the modern threat landscape and how existing tools are evolving to protect organizations.
Tell us about the business you represent, what is their vision & goals?
I’m currently the Chief Operating Officer at DNSFilter. Security via DNS has been around for years, but our goal is to change the way the industry thinks about DNS security.
We are the fastest tool for identifying, categorizing, and blocking malicious domains and stopping users from accessing content that could harm them or their business.
Can you share a little bit about yourself and how you got into cybersecurity?
As a child, I actually wanted to be a physician. However, I ended up enlisting in the US Army right out of high school and spent four years there. Fun fact: the cybersecurity industry is full of ex-military.
After being honourably discharged I went to work for GE and got my degree in business. I started out on their network operations team before moving into their information security program. At the time this team was very small, as were most infosec teams, even at large companies like GE.
I knew then that I wanted to stay in cybersecurity, but it wasn’t until I left GE and began working for a company called Mandiant that I really realized it was my passion, and that I had a particular interest in threat intelligence - how are bad actors getting access to data, and how do we stop them?
When we were first struck by the pandemic, we saw reports of an increase in cybercriminals phishing through Covid themed scams and attachments. Are these pandemic themed cyber crimes still happening?
Absolutely. Criminals are constantly taking advantage of trends. Right now we’re seeing thousands of domain-based scams related to unemployment, PPP loans, and impersonations of the SBA.
They may not be explicitly COVID-related, but they’re taking advantage of the economic environment and news cycle that COVID-created.
As there has been such a surge in working from home, this has created concerns for cybersecurity professionals, exposing businesses to many threats. What preventive measures would you recommend a business takes to fill those gaps?
In today’s “boundaryless” world, the mandatory pieces of a secure work-from-home setup are:
- A password manager
- Two-factor authentication (no excuses here!)
- Protective DNS
There are definitely more tools you can pile on to feel more secure, but to me, these are the table stakes. And the benefit of these preventative measures is that they require interaction from your employees.
They use the password manager, they have to use 2FA, and if they click on a link that’s malicious they see a block screen. So it helps drive that cybersecurity conversation a little bit more.
What advice would you give to someone wishing to start their career in cybersecurity?
Don’t be afraid to start. Whether a career change, first job or just exploration. Don’t be afraid to tap into the myriad of resources that are available to begin researching, learning and even talking to people. Attend a local conference, attend a big virtual conference, reach out to people on social media. Just...start.
What are some misconceptions that you believe businesses have about cybersecurity?
That it is set-and-forget. Creating a team buried under general IT responsibilities, and giving them a sliver of the budget is not going to solve a comprehensive business problem. Buying one tool as a magic button will not suddenly make you “secure.”
Cybersecurity should be a key part of a business strategy, woven into every aspect of your day. and Your tools, processes, permissions, and training should be revisited all the time. You can never let your cybersecurity posture go stale.
Are there any books, blogs, or other resources that you highly recommend?
I am not a huge reader - I learn by doing. But a book that I love and always recommend is The Nibble Theory. It talks about the sphere of influence and self-awareness and how you can and do influence others.
The author, Kaleel Jamison, was one of the first women to enter the field of management consulting, so I appreciate her perspective as another woman in a male-dominated field.
Would you like to share any cybersecurity forecasts or predictions of your own with our readers?
2021 so far has been a repeated slew of top news relating to cyber attacks, especially for ransomware hitting critical infrastructure and services.
This has been predicted for a long time & it’s not going to stop, it has a distinct opportunity to continue to get worse unless appropriate security measures are taken. So instead of a prediction, I will offer a hope that 2021 will be the year that companies choose to make a stronger investment in cybersecurity programs and learn more on how CMMC compliance can assist their operations.
If you enjoyed this article then why not check out our post on open source business intelligence tools.
Want to learn more about securing your systems? Then why not learn more in our guide covering what is SIEM?