Five Minutes With: A Head of Security

Aviation enthusiast Andrey Slastenov warns that human error remains one of the security industry’s biggest unsolved challenges.

What was your route into cybersecurity?

I got my first computer at the age of seven, which was the beginning of my fascination with technology. When I was younger, I was also part of the FidoNet community, which nerdier readers might appreciate. I started my career as a network engineer managing routers, switches, firewalls and other complex environments. During this period, I faced plenty of DDoS and other network attacks, which led to a gradual transition into network cybersecurity.

If you could retrain for a dream job, what would it be?

Working in an R&D role, focusing on cutting-edge security networking and security solutions, exploring new techniques for threat detection, and designing more resilient architectures.

What has been your most challenging role to date?

Whenever I’m involved in sophisticated incident response to security threats that require immediate attention. This normally involves coordinating and managing people across teams, countries and continents under time pressure. For example, we worked with a large financial organisation that recently faced a DDoS attack. Because of the real-time nature of the business, this posed a huge challenge.

What’s the biggest misconception about cybersecurity?

People thinking it is only about technology and ignoring the human element. It means they are underestimating a huge risk factor for organisations, including insider threats. Ultimately, cybersecurity involves bringing people, processes and technology together.

Best and worst thing about your job?

The best thing about my job is that it’s an intellectual challenge. Every day there is a new development in this space and a new issue to solve, which means we need to be constantly working to improve our solutions.

The worst thing is the pressure. Cybersecurity threats never sleep, and can occur anytime and anywhere, which can be exhausting.

What advice would you give to industry n00bies?

“While modern technologies can mitigate some issues, clicking on malicious links or making configuration mistakes will always be a vulnerability. This unpredictability seems to have been unavoidable for the industry so far.”

First, it’s crucial to master the fundamentals and understand how networks and systems work at a basic, technical level. This will help you a huge amount in the field.

Equally, it’s important to get hands-on experience, such as participating in things like capture the flag challenges. Of course, cybersecurity is a broad field with a huge number of subsectors, so you should choose carefully, but networking as much as possible is a great way to get involved and gain experience.

Finally, the threat landscape evolves so rapidly that everyone should make sure they’re reading widely to update their knowledge.

What’s the biggest as-yet-unsolved problem in cybersecurity?

Again, it’s got to be the human element. While modern technologies can mitigate some issues, clicking on malicious links or making configuration mistakes will always be a vulnerability. This unpredictability seems to have been unavoidable for the industry so far.

Tell us a guilty secret

Sometimes I go too deep into the rabbit hole. I love getting absorbed in technical research and detail, which sometimes leads to me getting stuck and losing sight of the quickest route to the outcome.

What industry or sector do you think cyber could learn from?

I think there are lots of parallels between cybersecurity and aviation. As an aviation hobbyist, I know that the industry in general has really robust operating procedures, testing protocols and incident investigation processes. These have been built to largely exclude the possibility of errors, and in particular human errors.

What are the biggest security challenges surrounding edge adoption?

The ever-growing number of smart technologies and sensors using the internet (e.g. CCTV cameras and IoT devices) is a huge threat. They can easily become outdated and remain unpatched, making it easy for attackers to find and exploit vulnerabilities by deliberately infecting them.

We are seeing numbers that indicate the size of the botnet problem is roughly doubling each year, which is a real worry.

On balance, is AI a good or bad thing for network defenders?

In my experience, it is largely a positive for network defenders and helps security analysts with threat detection by crunching the vast amounts of data we need to process and act. Advanced AI can analyse traffic patterns and automatically detect and mitigate threats before they can cause harm.

That’s not to say there are no risks, but I am optimistic that it can do more good than bad and it has been of huge benefit to me in my role.