An Interview with Adam Burns, Manager of Cybersecurity Analysts at Digital Guardian Part I
In part one of our Q&A with Adam Burns, we discuss his background in security, ransomware in the news, and what traits make for a successful analyst.
Thanks for sitting down with us today. Can you tell us a bit about your journey to DG? Were you always interested in security?
Like many in my generation, I played with computers and tinkered with electronics as a child, and I was always fascinated with how things work. We did not have smartphones or take technology for granted like the more recent generations do. I’ve wanted to work in this field for as long as I can remember.
I went to a Vocational Technical High School where I took programming and computer classes for half of the year for all four years. After that, I went to and graduated from Wentworth Institute of Technology (WIT) with a Major in Computer Networking and a Minor in Computer Science. I then landed a great job right out of school, as a Systems Engineer at Kaspersky Lab and that is where my interest in security was born. From there I migrated to Verdasys, now Digital Guardian, and I could not have wished for a more fulfilling and enjoyable career.
Taking a step back, how would you describe your role and why it’s important to someone who may not know as much about security?
I'll answer that in two ways, as an analyst, and as a manager. So as an analyst, my role is typically to identify anything suspicious, or anomalous, and notify the appropriate party for remediation. And here at Digital Guardian, it goes beyond that with the managed service. We build a relationship with our clients and understand their unique needs. Maybe there's a risky user group that needs closer attention, or maybe the clients are going through a reduction of force, whatever the scenario, we're going to work closely with clients to close those gaps. It's a personalized service.
And as a manager, I want to make sure that all of our 200+ clients are happy and are receiving value from the service. All of our customers are unique, and some have complex use cases and requirements. And again, I work closely with those clients to make sure that we customize our service and deliverables to meet those unique needs.
And then going off of that, can you explain how your team differs from Ben’s (Ben McGraw, head of Digital Guardian’s MDR service) team at DG?
Sure. Ben's team is focusing on the cyber threat side of things. It could be malicious programs or malicious actors. Where on our side with data loss prevention, we're protecting a company's intellectual property from data loss or theft, either from malicious intent or even accidental actions. So, I would say on Ben's side of things, it's more of viruses, malware, and ransomware, and on our side, the DLP side, it's about protecting the data itself, the intellectual property.
Right. And it’s the two teams working together that makes DG so effective.
To close the gaps. Exactly.
What would you say is the most overlooked aspect of your job or the value you deliver to customers?
Industry knowledge and experience. We have 200+ customers from diverse industries with different global presences of all different sizes. Unfortunately, clients sometimes don’t want to move as fast as I’d want to, and I see that as a positive problem our competitors can’t always claim.
Ransomware has been in the news a lot recently, how can DG's agent and solutions help mitigate some of the vulnerability?
It's a good question. Through our investigations and discovery, or through third party threat intelligence services we use, we can utilize zero-day indicators and proactively block these malicious threats, such as ransomware, across our entire MSP space, which encapsulates over one and a half million endpoints. And our clients don't need any special licensing. All of our customers benefit from ransomware protection.
Have the roles or responsibilities of a security analyst changed in recent years? If so, how?
A security analyst is still data-centric, however, how we look at data has changed a lot. There is a lot more obfuscation and cat and mouse games happening than ever before, requiring the security analyst to think outside the box in terms of data analysis and correlation. Even recently, with the COVID-19 pandemic, security analysts all over the world have had to deal with a change of normalized usage at home. Things that might have seemed anomalous before could be deemed part of everyday life now.
Another big topic in security right now is the skills gap and workforce shortage. In your experience, what kind of personality or set of traits make for a successful analyst?
Being good at security analysis typically requires an analytical mind, but more so I find the ability to see data and scenarios through different lenses and perspectives helps a lot. Whether it is a data owner, end-user, threat actor, or someone at the C-suite level, all will approach a problem differently and the data usage and risk around their actions could be drastically different – and that comes into play when making informed decisions as a security analyst. Of course, we want to find all true positives, and have no false positives, but being able to think across the broad spectrum of different users and their independent behaviors can be the difference between a good or poor analyst.
Click here to find part two of our interview with Adam Burns!