Home » Christopher Ahlberg: Foreseeing Threats to Cybersecurity
Mirror Review's Visionary Security Leaders, 2019
MR_Magz_Visionary_Security_Leaders_Coverstory_Dec2019

Christopher Ahlberg: Foreseeing Threats to Cybersecurity

Christopher Ahlberg

The rise in the widespread use of technology has brought with it a rise in cybercrime. As threats increase, it is becoming more important for enterprises to directly address issues related to risk and security. They should focus on developing a strategy with a security mindset, keeping the primary focus on how decisions suit overall organizational risk profile and facilitate operations while retaining security.

The Co-founder and CEO of Recorded Future, Christopher Ahlberg reflects, “It is important to note that this kind of thinking does not have to lead to a culture of fear, but should lead to one of confident decision making.

A Multi-Faceted Leader with a Commitment to Serve

Christopher is a Swedish-born technology entrepreneur and computer scientist. Before making his way into the business world, he served in the Swedish Army as a Ranger. While working in the army, he experienced various challenges and learned the value of hard work along with the importance of building and being able to rely on a great team. Eventually, he left the service and went on to pursue degrees in computer science at Chalmers University of Technology.

After completing his Ph.D., the versatile leader leveraged his knowledge into practical applications, allowing him to start a company called Spotfire. The company, now owned by analytics software giant TIBCO, focuses on utilizing data visualization for business intelligence. Spotfire presents data in a way that that makes it easier for business leaders to understand information and quickly make decisions. Seeing the impact of information from a business standpoint, Ahlberg began to consider how data might be assembled in such a way that it could predict real world events. “I sold Spotfire in 2007 and soon thereafter began work on what would become Recorded Future,” remarks Founder Christopher.

The Eureka Moment

While at Spotfire, and even beforehand, Christopher to envision all the ways that seemingly disparate data might come together to produce something meaningful. And there was just so much that was openly available. There were different and diverse data ranging from sports scores and weather reports to financial filings and organizational announcements, along with technical information from things like DNS servers and other behind-the-scenes technologies. He figured that by gathering all of that data together, with his technical teams, they could start to piece together what was happening in the world from several different perspectives and ultimately tell the complete story.

Even better was the idea that by telling that story and through trend analysis, we might be able to predict the future. That had huge implications from a security standpoint,” shares Christopher. He wanted to deliver relevant threat insights in real-time and thus Recorded Future came into existence. Recalling those earliest days the CEO adds, “I happened to be at home, running on my treadmill, when I had the ‘eureka’ moment, ran upstairs, and quickly wrote out plans for Recorded Future on a napkin. The rest is history.” Ten years later, his vision has become reality. Today, Recorded Future serves every major industry and vertical across both public and private sectors including financial services, military, and industrial organizations, with nearly 500 customers around the globe. In May of 2019, the company was acquired by Insight Partners for $780 million making it the largest pure play cyber threat intelligence company in the world.

Offering Universal Threat Intelligence Solution

From an intelligence standpoint, the team of Recorded Future is witnessing much greater integration across the entire security organization. Christopher asserts, “The way things have traditionally been organized—that is, along the lines of vulnerability management, security operations, and incident response—has led to siloed activities.” He knows that cybersecurity activities happen quickly and these continuously evolve until they are effectively managed. This requires accurate information and ongoing coordination in real-time.

Over the last year, Recorded Future has introduced several new services to make this process much easier. First, using the Recorded Future Express browser extension, which is a lightweight tool that scans browser-based applications, identifying and alerting to potential threats as they on screen. The company’s Security Control Feeds was another major release it had this year to cut threats off at the root. These lists of threat indicators like malware and unsafe websites are assembled by Recorded Future analysts who assess what should be added based on specific business contexts such as third-party risk, prioritizing software updates, and more. Security Control Feed data is considered to be “block-grade” because it automatically blocks high-risk indicators of firewall malicious activity, email security, and endpoint solutions without further enrichment. As a result, security professionals can save time and turn their focus to more pressing issues.

To deliver better cybersecurity solutions, the company has included a third-party risk module into its platform to support organizations in evaluating risk associated with vendors, partners, contractors, and any other external parties. Third-party risk tackles the problem of malicious actors and software getting into networks because of how security practices can differ from one company to another.

Assembling a Team with the Expertise for Success

With the growth of cyberthreats in the global marketplace along with a rapidly changing landscape, having an exceptional team is by far the most important asset to ensure success. The technical team of Recorded Future is made of the smartest, most imaginative, and hardest working people in cybersecurity. Here, Christopher’s role is to attract, retain, and incentivize those staff and remove any barriers to their success.

While recruiting any candidates, the dynamic leader likes to see whether the candidate is passionate about the work he/she do along with a technical drive as per the nature of their business. To further conclude this, the versatile leader adds, “Ultimately, I look for people who just get things done. Get it done – and be nice and respectful about it.”

Recognizing Threat Trends to Bring Innovative Solutions

In the last couple of years, the instances of massive cyberattacks have increased globally. Attacks like phishing still exist because it is very effective and allow hackers to gain access to a network. In fact, there are more complicated attacks involving compromising technical network vulnerabilities or web applications. Witnessing such scenarios, Christopher believes that security professionals have to monitor both internal and external risks. To tackle the current and emerging threats, many organizations are bringing innovative solutions to the market thereby making everyone more secure online.

Similarly, Recorded Future is developing security intelligence solutions that help security teams to make better decisions faster. “We have aggressive growth goals, which means that our company needs to continue to build in processes so that we can accurately measure and improve on progress,” notes the CEO. The industrious leader, along with his team, is always making sure that they are listening to customers so that they can integrate the gathered feedback into their product innovation. Being a leader in the security business is a serious matter; therefore, he has to strike a balance between the importance of accomplishing the task at hand while maintaining an open and fun culture.

Insights for Business Leaders

According to Christopher, companies can benefit by paying attention to the following key issues:

  1. Many companies still underestimate the threats that exist in the world and the ability of these threats to reach them. Many believe that because of their size or line of work, they won’t be a target. Recorded Future is witnessing a surge of attacks against small and medium-sized businesses in particular. As a result, regardless of employee count or industry, no one is inherently immune from cyberattacks.
  2. It follows that organizations must make a concerted effort to understand their own risk posture. Too often, organizations tend to tackle problems on an as-needed basis, rather than thinking strategically and developing a plan to understand and manage risk. Buying the latest firewall or SIEM may truly be the best use of that next dollar, but knowing internal risk posture is a critical step towards making those decisions.
  3. Third, and maybe the most important point to make, relates to the power of the “people” component when it comes to security. This is the kind of thing that our industry repeats time and again, but it is worth doing because so many of the same issues keep coming up. People are the first line of defense for the vast majority of cyber attacks. They deserve a high degree of training and awareness so they can keep bad guys out and protect sensitive information. Additionally, I am obviously a big believer in the power of technology. It can do things that people can’t in terms of scalability and data processing. But similarly, people can do things that technology cannot. We invest in an ever growing team of analysts who use our platform to gather information and then think creatively and critically to turn it into truly meaningful intelligence. Finding the right combination of people and technology is a formula for security success.