Davey meets a professor who has the last laugh about Jeff Bezos, and witnesses the US Secret Service reveal some secrets.
Davey meets a professor who has the last laugh about Jeff Bezos, and witnesses the US Secret Service reveal some secrets
I’m not in the globetrotting conference Premier League along with Jon and Steve, but there are some events that tempt me to abandon my Yorkshire hermit role. One of these is the annual NetEvents global press and analyst summit in Silicon Valley. It’s unique in that it exists to bring innovative startups and established vendors across a broad spectrum of network, AI and security sectors before (so-called) influential journalists and analysts.
Not in the usual “here’s a hall full of stands, and you can find the lecture hall over there” kind of way. Rather, with mornings populated by interactive panel sessions, followed by afternoons of speed-dating-style round tables talking with vendors, and evenings chatting over dinner and drinks. It’s all very sociable, and that allows those of us who fall under the media and analyst umbrella to get a feel for what’s driving innovation in these companies.
This year, I found myself back in the Hayes Mansion in San Jose, which is a bit Pontins meets American Horror Story, in the nicest possible way. Back in the 1930s, the mansion was something of an innovator itself, much like the state-of-the-art hotels you find dotted around the Valley today: self-sufficient electricity supply, post office and even railway station. It was something of a communications visionary in its own way – which leads me onto Professor David Cheriton, who gave the opening keynote presentation along with a question and answer session.
PC Pro readers may well have heard of this Stanford professor, what with him being one of the first investors in Google and VMware. He’s invested in more than 20 companies across the years, picking those that spark his interest in innovative technologies that solve real-world problems. His job these days is as the founder and leader of the Distributed Systems Group at Stanford University.
Both myself and Steve were blown away by this guy. His presentation was full of quotes that could be pulled together and published as the “Little Book of Tech Startup Advice” and become an instant business bestseller. I’m not sure that Amazon founder Jeff Bezos would buy a copy, though, as Cheriton doesn’t appear to be his biggest fan.
Yet few could argue with his warnings about the cloud, what he refers to as the medieval computing landscape of AWS. “You have Jeff Bezos, who’s built this walled garden called AWS, which is a castle. He basically says, come under my protection and you’ll be safe.” Cheriton continued: “Exactly what happened in medieval days with the king; you felt that the highwaymen were a problem. They weren’t a problem – they were part of his overall plan. You build this castle; the peasants are beholden to you because you protect them from the highwaymen.”
Cheriton went on to explain how AWS is sold as the public cloud, but it’s an ‘if you pay for it, you can use it’ model. On that basis, he quipped, “I claim Disneyland as a public park because you can pay, and you can go in and use it.” So public cloud is a complete misnomer.
The actual thrust of the talk was on “how to pick the game changers”, but the professor’s insight into the cloud, Amazon and proprietary lock-in was amongst the most eloquently expressed I’ve ever had the privilege of listening to. He spoke of AWS providing thousands of services, new ones being added every day, all of which are there for the purposes of lock-in. “You find these startups and big companies end up where they develop some application and it’s using 100 of Jeff Bezos’ little services that are unique to AWS,” he explained, “so somebody then gets a big bill from Bezos, and it’s very hard to move that application.”
Not because it’s highly dependent on those services, but rather it’s slightly dependent on them, meaning it can’t function properly without them. “Bezos basically says you don’t need your own brain, you can do your thinking with my brain. I’m not faulting him, but I think that anybody who wants to have an independent business should be aware that he does want to own the entire universe here...”
If you ever get the chance to listen to Cheriton speak live, I’d recommend you sell a kidney to get there.
JASK puts AI in the SOC
One of the reasons I don’t pass up sacrificing a whole week of my working life to travel to San Jose for the NetEvents summit can be summed up by the panel debate entitled, “Can AI solve the internet cybersecurity epidemic?” This was chaired by Robert Kierstead, the special agent in charge of the Seattle Field District of the US Secret Service.
For me, getting access to these people is well worth the trip. Otherwise, I wouldn’t have enjoyed the irony of the Secret Service man throwing up a PowerPoint slide displaying the Secret Service’s cyber-asset locations. Glorious! Almost as glorious as being given a Secret Service T-shirt by Michael Levin, formerly a deputy director of the National Cybersecurity Division of the US Department of
Homeland Security, branch chief of the Secret Service Electronic Crimes Task Force in Washington and Secret Service liaison officer with the CIA and NSA.
These days, Michael – who I now consider a friend – runs the Centre for Information Security Awareness (CFISA), which brings educational training to law enforcement, business and consumers alike. He also took part in a panel discussion on botnet evolution this year, but I digress.
While the likes of Cylance, which had its CSO Kumud Kalia on the panel, is well known for pushing an AIdriven defence agenda, there were others that are more quietly putting AI (or machine learning, to be precise) into defensive action. Although I hadn’t been aware of JASK before the event, I quickly realised it could be an interesting startup considering Greg Fitzgerald was involved.
Greg is another person I’ve bumped into before at NetEvents. He’s a former founder and advisory board member of Cylance itself, and Javelin Networks – another startup he was involved with (as COO and a founding investor). Greg reminds me of Cheriton in many ways. Although they’re opposites in terms of presentation and style, Greg was a hacker for the US government when he started out, and is now a Silicon Valley marketing man through and through. He has a knack of knowing real innovation when he sees it. That isn’t easy in the cybersecurity business, which is drowning in wannabees and hype.
JASK, if you ask me, isn’t deserving of either label. So what does it do? The clue is in the name, which literally means “Just ASK”. It uses machinelearning technology to overcome the very real-world security operations centre (SOC) problem of too much information. Specifically, too much threat information. Hold on, I hear you say, can there be such a thing as too much data about a threat? Well, no, if it’s a real threat and not something innocent that’s been flagged up as such.
Most incident response teams, be they in-house or outsourced, employ highly trained security analysts to determine if a security incident is a real threat or a false positive. Assuming the former, they allocate appropriate resources to combat it. Of course, these resources are finite, whereas the volume of ‘incident’ data is seemingly endless. Just sifting the false positives out of the equation wastes valuable time and can mean real incidents that need to be dealt with aren’t actioned immediately as they take their place in the queue to be checked.
JASK aims to address the lack of trained security analysts and researchers by filling the void with AI. It does this by applying machine learning to effectively filter the false positives from the incident-reporting data stream. What’s more, it also promises to prioritise the real threats, so filtering advanced attacks that are underway from all the lower-level malware and cybercrime activity. Not that the latter are unimportant, but prioritising enables a much better incident response than simply tackling every threat as equal in potential impact.
What I find refreshing here is that JASK isn’t pretending to take the human out of the loop, but rather providing us with better data to make our jobs within the security operations centre less stressful and more effective. Of course, I’m not known for my shyness during panels such as this, and so was the first to pitch a question at them. That question being aimed directly at the Secret Service man: “I’m interested to know how the Secret Service is using AI at the moment?”
Kierstead looked a little taken aback for a moment, before replying that the Secret Service is technology agnostic and “we are studying various AI technologies without committing to any particular one”. And that was that. A shame, although despite the earlier map of Secret Service locations, I didn’t really expect the intelligence community to open up – but you have to ask.
A sentiment obviously shared by Steve, who also directed a question at Agent Kierstead: “I’m intrigued by the earlier comment that, basically, the NSA weaponisation of tools is just something we have to live with, that it has become part of the landscape – because it seems to me that there must be a national cybersecurity picture of responsibilities, oversights, and so on. How does your role fit with the NSA? Are you ringing them up, saying why are you guys letting these tools out? Or is there actually no ability to do that, with everyone in their own silo and there’s no response?”
And there was no response, other than “we are primarily a law enforcement agency, not an intelligence agency. I don’t know the best way to answer that question.” So, a good morning was had by all, at least in the PC Pro seats…
Facebook power admin tips
I am, according to Facebook, officially a “power admin” these days. Indeed, I belong to a closed group operated by Facebook itself, where my fellow power admins can discuss the ins and outs of running a
“JASK is providing us with better data to make our jobs more effective”
large group. In my case, as regular readers will know, the group in question is the Mazda Bongo Owners Club. It brings together owners, would-be owners and businesses involved with this old Japanese import MPV that’s commonly converted into a campervan. My own van, christened Jean-Claude (damn van), is 18 years young, and has even been the subject of a PC Pro feature before.
I started as an admin of this group four years ago, and in that time have helped it grow from 1,500 members to the current 9,500, of which 7,500 are “active” at any given time. In terms of stats, 100 new members are approved to join the closed group each week, and monthly we see 2,500 plus posts, 30,000 comments and 50,000 likes (or reactions, as Facebook calls them).
Obviously, engaging within the group is paramount to community building such as this, but there must be a framework within which that engagement takes place. The same applies whether it’s a business extension or a community project; leave it to run riot and your group will tear itself to pieces.
Thankfully, Facebook is listening to power admins and adding tools to help. My top five tips are:
1. Use the rules feature to set boundaries of acceptable behaviour, and don’t be afraid to impose them.
2. If you do delete a post or eject a member, use the notes facility from the admin activity menu to explain your reasoning. This can help if there are queries or appeals, especially in a very busy group such as mine.
3. Make use of the group insights resource to spot any downward posting trends to formulate ways to combat these.
4. Take full advantage of the new announcement feature, if it has reached your group, which does away with the old one-pinned-post-only restriction.
5. Add value to your group by using the newly added mentorship programme facility, which helps members build relationships and support each other. It’s great for technically orientated groups.