Human Threat Hunters Are the Next Big Thing in Cybersecurity, Says Former Unit 8200 Head
Venture firm Blumberg Capital announced the appointment of Ehud Schneorson as managing director in September, after he retired from command of the Israeli equivalent of the NSA
The cybersecurity industry is in the midst of adopting a new paradigm, according to brigadier general (ret.) Ehud Schneorson, former commander of Unit 8200, the Israeli military’s equivalent of the NSA in the U.S., and British GCHQ. Speaking Monday at Calcalist’s eighth annual digital and mobile conference INSPIRE Digital@Mobile, Schneorson said the traditional mindset that breaches could be stopped with the deployment of technology-based barricades is giving way to an approach that puts human cyber-threat hunters at the center.
For daily updates, subscribe to our newsletter by clicking here.In September, venture firm Blumberg Capital announced the appointment of Scneorson as managing director, after he retired from command of the unit in April 2017. Schneorson was appointed as the commander of Unit 8200 after decades of service in signal intelligence, cyber and special ops.
The main difference between 8200 and the venture capital world is down to two factors, authority and responsibility, Schneorson said. “In the military the job is total, 24 hours a day every day until you step down, and everything is on you. Subsequently, your authority is also very broad, as you affect both the people and the operations under your leadership but also help to shape much wider policies and strategies for not just the unit but Israel itself.” In venture capital the responsibility is split between the partners, Schneorson explained.
“In both domains you need to identify the right technology, but just as important, you need to identify the right teams that can bring it to fruition,” Schneorson said.
A determined attacker will always find a way to get around defenses, but “his biggest nightmare is a defense team made up of brilliant people,” Schneorson said. The right people for the job, he said, know how cyber operation rolls out, either from the attacking side or from the defense side. Cyber teams in organizations need to start operating like intelligence agencies, instead of doing policing job.
To overcome an extreme shortage in the number of people that can take on that sort of job, Schneorson said he expects that AI-algorithms that can support small enterprise proactive cyber defense teams will gain traction.