Jeff Engle, Head of Product at BlueVoyant

Jeff Engle, Head of Product at BlueVoyant: “Protecting a company from cyber attacks isn’t just the role of the CISO or his team”

According to Wikipedia, Brazilian jiu-jitsu “revolves around the concept that a smaller, weaker person can successfully defend themselves against a bigger, stronger, heavier opponent by using leverage and weight distribution”. To put it into security terms, if you’re a small company then you can fight off better-resourced attackers through some nimble defensive moves. Which is relevant here because Jeff Engle is both trained in the art of Brazilian jiu-jitsu and Head of Product at BlueVoyant.

And security has been the backbone of Jeff’s fascinating career. One that has saw him earn the Purple Heart when serving in the US Army, where he latterly worked in the Special Operations Command. He worked at senior levels for heavyweight cyber security companies before creating Conquest Cyber – this was brought into BlueVoyant’s already impressive armoury last November.

In short, when Jeff talks security we should all listen. We would particularly point you to what he sees as the biggest cybersecurity challenges and his advice on prevention strategies. You will see that people are a recurring point. “Cybersecurity is everyone’s responsibility,” he points out. You need to create a culture to match, and can’t rely on technology alone. “A technology-centric approach to cybersecurity isn’t enough to ensure all-around protection since hackers often use people as entry points.”

For more advice, and Jeff’s view on the role of governments in cybersecurity, keep reading.

Could you please introduce yourself to our audience and share how you ended up working in cybersecurity?

I’m Jeff Engle, Head of Product at BlueVoyant, and President of Conquest Cyber, a BlueVoyant company. I’m a combat veteran and Purple Heart recipient who served in US Army Special Operations.

Before coming to work in the cybersecurity field, I spent nine years as a leader in the US Army Special Operations Command, called upon for some of our nation’s most sensitive and dangerous work. After medically retiring from special operations, I worked with the Defence Threat Reduction Agency, where I quickly learned that war was no longer fought only on the battlefield, though many of the battlefield philosophies and tactics still applied.

This led me to create and head Conquest Cyber (now a BlueVoyant Company) with the mission to ensure cyber resiliency for sectors critical to our way of life. With the increase in technology development and usage comes an increase in cyber threat actors, so cybersecurity is the field to be in.

I wrote a book called ‘All the War They Want: Special Operations Techniques for Winning in Cyber Warfare, Business, and Life’ which was published in 2023.

What are the biggest cybersecurity challenges those in leadership roles are facing?

There are many challenges for those in leadership but the increase in complexity, lack of transparency and context, and culture all play significant parts.

Enabling employees to be able to work from home or anywhere outside the office, is one of the largest contributors to the challenge. There are so many more endpoints to secure that safeguarding remote and hybrid working environments will continue to be a big challenge in cybersecurity. To protect their environments organisations are buying more and more cybersecurity tools. Businesses typically deploy 45 cybersecurity tools on average to protect their networks and systems.

That’s a lot of tools and yes, those tools all require people to manage them. There is a global shortage of cybersecurity professionals, so the sheer number of tools leaders are using to protect their organisations is unsustainable. Organisations need to consolidate and automate as much as they can so leaders can get a clearer picture of what they can prevent and what they might need to adapt to. Organisations should also look for a cybersecurity partner that can fill many of their security needs to avoid more tools to manage and help ensure a unified approach that is fully deployed, properly configured and effectively managed.

Finally, a third challenge for those in leadership roles is creating a culture of security. Protecting a company from cyber attacks isn’t just the role of the CISO or his team. Cybersecurity is everyone’s responsibility. CEOs and C-Suite executives play a pivotal role in fostering a culture of security within their organisations. Their commitment to cybersecurity sends a strong message to employees, partners, and customers that security is a priority.

Worth a read: Let the games begin: Paris Olympics puts AI to the test

What are some prevention strategies you believe every business should adopt?

Select a framework. In order to make good decisions and communicate them effectively an organisation needs to be able to map requirements and decisions to something. That is the role that frameworks play. Recently, NIST released NIST CSF 2.0 and there are several updates that make it more user-friendly for organisations across industry and government.

Simplify your technology infrastructure. Deploying and maintaining many tools is expensive and time-consuming. Consider having one or a few comprehensive solutions that contain all the necessary functionality. This way, you’ll streamline and simplify your security infrastructure.

Conduct regular cybersecurity audits. There is an old adage that says “people don’t do what you say, they do what you check”. Conducting audits regularly helps you assess the state of your organisation’s cybersecurity and adjust priorities as needed. During audits, you can identify programmatic cybersecurity vulnerabilities, and compliance gaps and better understand how you might fare in different scenarios. Essentially, this will allow you to understand where your program is and what specific areas of your program should be prioritized moving forward.

Manage supply chain risks. In a supply chain attack, cybercriminals infiltrate or disrupt one of your suppliers and use that to escalate the attack further down the supply chain, which may affect your organisation. In BlueVoyant’s ‘State of Supply Chain Defence: Annual Global Insights Report,’ released in December 2023, the impact of supply chain cyber breaches had surged by 17%.

To keep your organisation secure, it’s important to have visibility into all the suppliers you are connected to. Every business needs to have an effective third-party cyber risk management program that rapidly identifies and resolves critical cybersecurity issues.

Create a culture of security. A technology-centric approach to cybersecurity isn’t enough to ensure all-around protection since hackers often use people as entry points. According to Verizon’s 2023 Data Breach Investigations Report, 74% of breaches involve a human element.

Regularly conduct cybersecurity training with employees. Make sure your employees know and follow your cybersecurity policies. Communicate major cybersecurity risks to your staff and foster a cyber security culture among your team.

What is it about generative AI that makes it so prone to exploitation by threat actors? Conversely, how can it be used for good?

Generative AI models and related tools are becoming more and more accessible through open-source, inexpensive and cloud-based means. Just as organisations can leverage Gen AI for cybersecurity, cybercriminals can use Gen AI to develop sophisticated attacks that are adept at evading cybersecurity measures.

Through a growing ecosystem of GPT-based tools, Gen AI is lowering the barrier for new threat actors to conduct highly sophisticated attacks. In addition, Gen AI by making it easier for cybercriminals to pull off attacks, is increasing the volume, making it more difficult for defenders to respond.

However, organisations can use GenAI for good, to become more efficient when it comes to cybersecurity.

As an AI-native system learns how to perform certain tasks, it can help security analysts surface information that they need to make decisions quickly. This accelerates analyst workflows, freeing them to focus on additional tasks, thereby scaling their team’s output.

GenAI can enable teams to analyse data from different sources or modules, enabling teams to conduct traditionally time-intensive, tedious data analysis with speed. But perhaps the most significant advantage of GenAI is the shift from reactive to proactive cybersecurity. By alerting teams to potential threats based on learned patterns, GenAI allows for pre-emptive actions before a breach occurs.

Worth a read: Logitech gives keyboard and mouse owners one-click access to ChatGPT

What role do you think governments play when it comes to cybersecurity?

When it comes to security, every organisation should do its part. Governments cannot protect them all – they have a hard enough time protecting themselves from the relentless onslaught of attacks by advanced persistent threats.

Laws and regulations are like vehicle recalls. There have to be a lot of crashes in order for the government to write, vet, and approve something and then it goes out. So, government action typically comes well after the risk is broadly realised. It is critical that business leaders use these governmental frameworks as a foundation rather than their whole program. We must first reach for maturity — doing what we’re supposed to do every single day.

What advice do you have for aspiring professionals wanting to work in cybersecurity?

Be a lifelong learner and get those certifications. Not because they are the end-all-be-all, but it is a box that will likely continue to need to be checked. Never stop studying the topics that they “prove” you know because a certification doesn’t mean applied knowledge or that current needs are addressed.

Be careful not to accept opinions as facts, even when presented that way.

Interviews worth a read

Avatar photo
Tim Danton

Tim has worked in IT publishing since the days when all PCs were beige, and is editor-in-chief of the UK's PC Pro magazine. He has been writing about hardware for TechFinitive since 2023.

NEXT UP