Eric Malawer, managing director and CEO of BluVector, a cybersecurity technology company, recently spoke with ExecutiveBiz regarding the company's work with Comcast Government Services, LLC, as well as how artificial intelligence and machine learning have shaped the marketplace. Malawer also discussed the shortage of talent in the cybersecurity field in addition to the ways BluVector addresses and solves challenges for its customers.
“One of the biggest challenges that you have within artificial intelligence (AI) and machine learning (ML) domain is that those solutions have been many steps ahead of the reality of the problems in the marketplace, making AI and ML a “nice to have“ feature, often acquired through an R&D or innovation program. Recently, we've experienced a closing of that gap. There is a better understanding and recognition that AI/ML can address those relevant, timely problems.“
ExecutiveBiz: How do BluVector's offerings fit along with Comcast's products and services in the federal sector?
“It's essential to understand BluVector's capabilities as well as Comcast Government Services, LLC, to see how those two entities come together. BluVector offers advanced threat detection and advanced threat hunting. We are looking for unique and novel threats coming into a network, as well as detecting those threats existing within a network.
At the same time, Comcast Government Services, LLC offers high speed broadband and access to government customers, with services to support that. We are able to merge these specialties to enhance our offerings.
Comcast built and manages its network. We are part of a set of NextGen capabilities that Comcast has both acquired and invested in, to help with securing the network. Finally, we are aligned culturally in our commitment to service for our customers, the government, and our country.“
ExecutiveBiz: What are the most significant problems influencing cybersecurity professionals today?
“We look at a number of problems that have become particularly acute in this environment, such as the impact of COVID-19. Within defense, large enterprises are hyper focused on continuity of operations and availability of the network.
Oftentimes security can lag behind, particularly in a crisis environment. In large enterprises, you have a defense and security apparatus that is now focused on a new set of challenges and problems that revolve around two areas: continuity of operations and availability of the network.
At the same time, you have large swaths of communities within large enterprises, who are now working remotely. That opens the attack vector considerably, where you're not just managing one consolidated enterprise, but you’re not managing thousands of micro-enterprises.
That has accelerated a lot of the issues and the complexity associated with broader digital transformation. As organizations become more complex, they become more vulnerable.
You’re seeing our attackers becoming more sophisticated, more creative and more opportunistic. They have leveraged a more sophisticated set of capabilities. In this environment, consequences have become more severe.
Attackers are looking at vulnerabilities in healthcare, hospitals and pharmaceuticals, where clinical trials and vaccines are developed and distributed. So, all the sudden, you’re looking at a set of consequences that aren’t just around privacy or corporate interest. It has become a matter of life and death.
In some ways, those are a different set of risks that we’re seeing, but in other ways, they are a hyper acceleration of risks and dynamics that were already evolving within large enterprises.“
ExecutiveBiz: What do you think about talent in the technology and security industry?
“There is a scarcity of talent and a high turnover rate that people operating security centers are facing every day. In the age of COVID-19, a lot of that talent is deployed against other problems that need to be addressed around networks, operations continuity and network availability within an organization.
There are a few dimensions to that, especially when you’re talking about cybersecurity analysts within a Security Operations Center (SOC) environment, which can be high pressure and fast paced. There is a lot of burnout. As an industry, we have to figure out how to allow those resources to better focus their time and energy on higher value activities to reduce that burnout.
As a professional within the IT and security domain, there is a lot of interest in professional development, as well as staying abreast of cutting-edge capabilities.
That’s one area where we’ve seen AI/ML provide an interesting opportunity; not just in the direct and applied value that it can bring to doing your job, but also in the indirect value of introducing professionals to new capabilities.“
ExecutiveBiz: Can you talk about BluVector's history of applying AI technology to improve cybersecurity capabilities, including protecting against cyber threats?
“What is compelling about BluVector is that our genesis is centered around specific critical problems that have been identified by the government, by the defense sector and national security communities.
If you look at our advanced threat detection capabilities and our advanced threat hunting capabilities, both of those capabilities are born out of research and development (R&D) funding, which BluVector was selected to develop in partnership with the U.S. government.
That’s the DNA of BluVector. We are recognized by these communities as a leader in this space, where they could partner with us to help address and help develop NextGen capabilities in response to a number of their most acute problems.“
ExecutiveBiz: What is the true value that AI and machine learning has brought to the government contracting and federal sectors? Why is there so much hype around AI technology?
“AI/ML solve fundamentally unique sets of sophisticated problems at a speed and scale that traditional solutions cannot.
The reality though is your AI/ML is only as good as your data. If you don’t have unique data, it’s really hard to argue that you have unique insights. The hype around AI is you’re really looking at the convergence of a few things.
First, I think that hype is now driven by better understanding in the marketplace. The marketplace is better able to discern between those who are doing true AI/ML and those who are simply using it as a marketing tool.
Second, companies that are doing true AI/ML have been better educated and informed about solving identified problems within the marketplace. They are not solving a problem just because they can, but because it’s been recognized as a problem by the marketplace.
And third, there is an excitement around better alignment between the capabilities and a recognition of the problems that can be solved and how to move forward to close that gap.“
ExecutiveBiz: With cybersecurity and AI capabilities expanding at a rapid pace, what will the future look like for companies like BluVector in the coming years?
“If you look at the value that BluVector focuses on, the real value is that we identify unique threats when they first enter a network. Using AI/ML can enable you to identify threats that other capabilities simply cannot.
As attackers become more creative, aggressive and learn how to better leverage AI/ML, you need these capabilities to identify unique and novel threats that are being developed. BluVector can give our customers the confidence that we will be here to support and continue to invest in our technology to stay ahead of evolving threats.
As organizations and their networks become more complex basic visibility within networks is critically important. A basic understanding of threats coming into your network or the threats already on your network is critical, as well as understanding your network traffic overall.
Another way to think about a lot of these capabilities is around intelligent process automation, such as automation at scale. AI/ML provides a very unique opportunity to scale that human element and better focus limited resources against more acute problems.
AI/ML is not a magic bullet. It's not going to do everything for you, but it's a way to supercharge the productivity of those more critical high value resources. More broadly, within opportunities in the marketplace, AI/ML will bring great value within the cyber security domain.
AI/ML winners will bring real solutions to real problems versus abstract solutions just because they are possible. A better educated and more disciplined marketplace will be able to assess real AI/ML companies from those using it as a marketing tool and understand the value of AI/ML in the context of the specific problems it can solve. Ultimately, we expect better alignment between supply and demand in the AI/ML marketplace.“