Employee Spotlight: One Minute with Paul Reid

With deep infosec expertise, Paul helps organizations take a proactive stance against security threats.

Paul Paul Reid HeadshotReid is a veteran of the complex, fast-paced world of cybersecurity and an important steward in Interset’s technology partner ecosystem. Leveraging his deep information security expertise, Paul helps customers around the world integrate Interset’s powerful security analytics to detect insider threats before data is stolen.

Paul has served as a technology strategist for more than two decades for innovative technology companies. In these roles, he leveraged his deep expertise in computer security, biometrics, network security, cryptography, and more to guide customers, partners, industry analysts, and journalists through the intricate cybersecurity landscape.

Paul has been published numerous times and has shared his perspectives as a keynote speaker at prominent industry conferences. He has delivered addresses at the NATO Information Assurance Symposium on the need from better data management and classification, at SANS@Night on the need for stronger user authentication at endpoints, and at Microsoft TechED on how to leverage machine-assisted classification of emails. He is also an author with Prentice-Hall on Biometrics for Network Security and an inventor of a number of email and document security patents.

Q: How did you come into this field of work?
I came into the security field while working for a defense contractor that spun out an authentication security startup.

Q: As a seasoned security professional, what are the biggest changes you’ve seen in the industry over the past decade? What do you expect to see in the next decade?

Over the past decade, the attack surface has grown with the need to interconnect and share. I came into the information processing age working on mainframes and minicomputers. The move to micro-computing and interconnected LANs increased the pace of business but also opened up our attack surface. If we look today at IOT—connected homes, connected cars, connected everything—the attack surface is larger and growing every day. The barrier to entry for an attacker today is very low. You no longer need to create your own exploits, you can leverage a readily available attack framework.

Over the next decade, I believe there will be a shift away from defending using traditional cybersecurity techniques. We will need to use behavioral indicators of compromise more. In addition, advances in cryptography and trusted execution environments will hopefully raise the bar on the level of sophistication required to attack. We will also see more hardware-based attack vectors being found. This will be caused by the rush of companies bringing connected products to market without spending the time to make sure they are secure.

Q: In your opinion, what are the critical capabilities of a modern SOC?
Today’s security operations centers (SOC) need to be proactive and not look out their rear window at attacks. The SOC will evolve into a holistic threat center that will tie physical and logical security together. SOC teams will grow to include professionals skilled in risk mitigation, financial fraud, and theft prevention. These skill sets—in addition to the cyber ones today—will fill many of the softer skills that are lacking in today’s SOC. At the end of the day, the threat actor is human, and human nature needs to be understood better.

Q: What advice do you have for aspiring security professionals?

Cybersecurity is more than bits and bytes of our craft. It is important to have a rounded background. Take courses in human psychology, financial fraud, and international affairs. Understand that real-world events often have a cyber outcome.

Rapid-fire Round

Q: Coffee or tea?
A: Coffee—strong and sweet

Q: Classical or hip-hop?
A: Classical hip hop!  

Q: Tropical beach or urban cityscape?
A: Urban cities

Q: Electric toothbrush or regular toothbrush?
A: Electric, but not connected!

Q: Ice hockey or curling?
A: Passionate about hockey, curling is fun to watch!

Follow Paul Reid on LinkedIn.