mike fluharty He currently serves as President and Managing Partner. True Zero Technologiesis a veteran-owned small business with a broad portfolio of cybersecurity products. His interest in technology began in college, and his first career position at his Center for Medicare and Medicaid Services solidified his passion for the field.
Since then, he has held various positions supporting federal organizations, specifically the Department of Commerce, Department of Homeland Security, and Department of Health and Human Services.
recently Executive Spotlight In an interview with ExecutiveBiz, Fluharty highlighted some of the emerging technologies shaping the current federal landscape, including the cloud and artificial intelligence, and discussed the biggest cybersecurity challenges currently facing the U.S. government.
What are the biggest challenges for federal agencies as they move to the cloud? What solutions do you propose to address this problem?
There are two main aspects: security and the actual basic implementation.
Basic cloud skills are becoming more and more expensive as people move from outdated technologies to more streamlined and scalable enterprise solutions. To move to the cloud, whether it's Google, AWS, Azure, or any other cloud provider, in a way that doesn't impact existing systems and allows for the same interconnections that those same systems have traditionally utilized. The required skill set is difficult to scale.
It's very different when you have one or two systems that need to be migrated to the cloud than when you're scaling to 100,000+ servers or endpoints and moving into this unrealistic environment where you have no control. This change is a paradigm shift in the way governments, the private sector, and various other business groups think about controlling technology. You need to make sure from the beginning that each group understands what their responsibilities are, the demarcation points, and how to effectively implement the mission and technology. As we continue to embrace new aspects of this scalable and flexible cloud environment, we need to ensure we have a framework that can accommodate these new capabilities and be used over and over again. This is only from an operational perspective.
The second aspect is the new concept of CNAPP, which is thinking about how to continuously secure the same network that you're modernizing and building on this elastic, scalable infrastructure. How do you overlay concepts like CSPM for posture management and security? How do you overlay cloud workload protection across all these different microservices? And where do you find the talent that understands how to do that in a business-oriented, mission-oriented approach?
How do you attract that type of talent to a particular mission because A. it's expensive and B. it's in high demand? How do you keep that person excited about the mission? So how do you get them to understand the necessary management perspective that says, “We're here to support your business and make sure it thrives''?
True Zero is a cybersecurity company, but we understand that businesses drive security to protect their businesses, including their employees, constituents, and data. That thinking needs to be instilled in specific engineers and architects and implemented in a way that scales with the needs of the company.
What do you think is the biggest threat facing U.S. cyber systems today? And what can you do to protect yourself from that threat?
The biggest threat is complacency. There are tons of tools and tons of processes across agencies, whether it's the Department of Defense, the intelligence community, or the private sector. There are frameworks and methods for adjusting your security approach to be threat-centric, allowing you to understand what your organization's specific assets, data, identities of interest, and attack targets are. There are defined methods for verifying external attack surface management to support specific missions. There are customized tactics to verify a user's identity and aggregate all of these components while directly tying them into a Zero Trust strategy with evolving concepts. The inherent convenience and availability of cybersecurity platforms creates a world where the basics take a backseat and people become complacent. They stop considering the value of being basic and rigorous in terms of their ability to protect existing systems.
Let's take identity management as an example. If your organization has a traditional active directory or authentication approach that you've used for years, you may feel secure with an identity-based approach to resource access. But at the same time, the very act of not continuously examining the objective data provided by that active directory or identity data may be the reason why the primary attack vectors exploited by APTs are successful. Again, people and organizations become complacent. They enjoy normal, comfortable and often inexpensive solutions. They don't know or often deprioritize the organizational importance of checking to see if they're using local accounts, if they're over-leveraging privileged accounts, etc. to avoid bad things from happening. They are not applying the due diligence and basic cyber hygiene necessary to do so. This becomes a tedious task that was supposed to save the target mission. Bad things happen and incidents occur. However, what is important is the ability to detect and recover from those incidents. That means stopping incidents in their early stages to minimize damage to your business so you can continue your mission with confidence.
Often, if nothing bad happens, we become complacent and think enough is enough for now. This is especially true if you pass an audit. That's great, but passing an audit doesn't make you secure, it just proves that you have the ability to meet a certain framework at a certain point in time. Use the same framework to ensure that you are protecting the above infrastructure and missions from threats on a continuously measurable basis with objective and technically relevant data. To be clear, this same concept of complacency is directly tied to organizations not investing adequate funds in cybersecurity due to the fact that nothing bad has happened in the past. And it is mistakenly assumed that that is a reasonable approach to reducing funding for future cybersecurity initiatives. This is a concept that is prevalent in many enterprise environments.
Fortunately, recent executive orders have placed greater emphasis on the unacceptable risks to the American public associated with cybersecurity complacency and have encouraged changes in thinking related to cybersecurity requirements at the department and agency level. It's helpful. Yet, every day we see the damage done by large commercial and government organizations and the impact they have on citizens in the United States and abroad.
Which emerging technologies do you expect to have the biggest impact on the federal landscape over the next 5-10 years?
There are obvious ones that are big buzzwords when it comes to national-level considerations, like quantum, neural networks, and generative AI.
Internet of Things security is one of the biggest, yet most fundamentally misunderstood concepts today. Fundamentally, we are required to understand bespoke processes and these systems that don't work the same way, while also integrating SCADA, ICS, IoT, and a variety of traditionally disconnected or unknown We're looking at ways to focus on the interconnected nature of organizational devices. A traditional operating system should work. It sounds complicated, and it is.
A programmable logic controller is not the same thing as a DLL on a Windows box. They are fundamentally different in the way they interact with the underlying systems, and therefore in the way they are interpreted and protected. Most people understand them far less than they understand traditional networked computers and operating systems. Therefore, it is important to educate him about the technologies that focus his expertise on these technologies while being able to protect his IoT devices in an objectively safe, secure and measurable way. Top priority.
The second comes from the CNAPP perspective mentioned earlier on cloud modernization and cloud security technologies, and being able to start protecting individual workloads, such as microservices and non-traditional serverless technologies. These could be Lambda functions within AWS, or Kubernetes clusters from a containerization perspective, that are pervasive across all of these different cloud entities. We need to gain insight into how they work at a fundamental level and what our responsibility is as consumers of this technology, so that we can proactively stop incidents within these platforms with directly applicable approaches of zero trust, cybersecurity posture management, workload management, and application management at scale.
Finally, perhaps the most important technological advancement since the advent of computers is AI, specifically generative AI. When properly applied, it can be a game-changer in terms of your ability to quickly respond to threat-centric entities and protect your entire enterprise from threats.
Over the past year and a half, we've all seen how ChatGPT helps modernize and handle menial tasks, but that doesn't mean it replaces humans in that particular chain. What that means is that humans have become more efficient and able to process data and concepts that actually matter. Rather than worrying about how to say a sentence or write something syntactically, you simply address the semantics of the syntactic output. This allows us to support requests in a more efficient format and reduce triage and delivery time.
I will explain this from an operational perspective. True Zero has the term “Actionable Intelligence Operations” and is embedded in this same mission and threat-centric productization. The concept of AIO is DevOps style alerting. This allows us to take threat-centric items and apply artificial intelligence, genAI, and large-scale language models to create high-fidelity content faster, helping our customers stop malicious content. You will be able to deliver to the mission. that things happen.
We use this DevOps-style approach to enable quality assurance, rather than replacing everything with an unchecked AI-based approach. In this way, you can enhance your processes and greatly increase your work productivity, as long as you run them in a safe manner within a given large-scale language model. GenAI is a multiplier so powerful that it resembles the next digital age, with many capabilities behind it that will help the world drive mission and cyber success today and into the future.
