Stephen Moore, Chief Security Strategist at Exabeam
What would you describe as your most memorable achievement?
It’s difficult to name just one thing – often it’s a collection of small wins or the unexpected that most positively changes one’s life. As a junior-level director, I had the honour of leading the technical response to a major breach involving a nation state threat actor. The result of the response morphed my career and I became the Staff Vice President of Cyber Security Analytics at Anthem. This position was a new role and I was the youngest at that station which in itself seemed to me, an achievement. In this position, I created and staffed a new 6,000 square foot Cyber Security Operations Centre and program – later recognised as one of the finest in the industry. During it all, I got to see those I had mentored move into leadership positions, and senior level positions and that makes me incredibly proud – tie your achievements to the growth of others.
What first made you think of a career in technology?
Access to information is the great equaliser. In the beginning, when I became a general IT technologist I could solve problems with my mind instead of my back; the mark of those from where I came. Growing up on a farm, you had to rely on failure and tribal knowledge of those who lived nearby to build, break, and fix things. For extra money, we’d buy broken equipment, repair it in the barn, and sell it – this began when I was 12 years old. I left the farm and the lessons I learned there to study business and computer information systems. I was fortunate to help build some of the first online loan application systems; tying mainframes and new web technology together. I love to create for the purpose of benefiting others. The build, break, fix mindset helps me today when advising others on security strategy and breach response.
What style of management philosophy do you employ with your current position?
At my core, I will always remember that those in fear will not innovate and I share this theme in almost every meeting, keynote, and mentoring session I hold. Spend time on self-reflection, know the two or three things at which you are great and delegate or “outsource” your disinterests and weaknesses to those better than you. True love for those for which you are responsible will also take you places – often in IT we lack the emotional intelligence for this.
What do you think will emerge as the technology trend of 2018 and why?
The use of Machine Learning to illuminate and care for our IT environments, especially the devices we’ve ignored in the past, particularly in security. The amount of data that needs to be analysed daily is staggering. Over time, human response deviates in coverage and in training, but that’s not the case for a machine. Additionally, people can’t scale to the data – nor can they be trained (and re-trained) quickly enough. The use of Machine Learning to make sense of your IT world, and then doing something about it with intelligent response – this is incredibly exciting and is already happening today.
What do you currently identify as the major areas of investment in your industry?
I’m seeing great investment in centralising vast organisational information for analysis within data lakes – and then attempting to do something with it via either DevOps or orchestration. This becomes almost an investment in IT method and culture. Without help, direction and goals, these can turn into nothing more than science experiments that provide little operational value, but scoped properly, the philosophy and output is impactful and career changing.
How do you deal with stress and unwind outside of the office?
Even if short on time, a brisk walk is always on the docket. Several years ago, I had a serious health scare that made me rethink my life and formulate the ingredients of an ideal day. Included in my list is a walk to our nearby village to clear my mind and making time to help someone else. You simply don’t know how many days you have left, so make each ideal by your definition. I ask my mentees to evaluate the situation at hand and ask if you will remember it in one year. That’s a good start and cuts out most worry.
If you could go back and change one career decision, what would it be?
There isn’t one event that I’d change, but I would have fired some bad bosses (people to whom I reported). There were far too many who were okay with burning out and causing undue stress to their staff. Interestingly, these ‘undesirable’ characteristics provided the bedrock of leadership philosophies that I deploy today, so maybe they were secretly paying it forward by teaching me what not to do! Next, I’d say to understand the power of ‘notables’ outside your current employer. Earlier in my career I never thought about contributing to our larger technical community, volunteering, and creating shared content.
What advice would you offer somebody aspiring to obtain C-level position in your industry?
If a CIO or especially a CISO, never forget to follow the money. Stop struggling with relevance and be friendly. Understand the sales, marketing, and legal teams and how you can help them. Be a great simplifier. Go down and brief the sales team during sales kick off. How does your work help retain or acquire new customers? Provide written talking points explaining how your area of the company is a differentiator in the industry. The board and your executive leadership team cares about this – a lot.