Cyber Security Game Changers

Security Experts Defend Against Cyber Crime

By Diane Bosser Photography by Gary Landsman

Cybersecurity professional Benjamin Tedesco ’02 helps national and corporate organizations defend against cyber criminals, who work around the clock, from around the world, to infiltrate protected networks and steal data.

They sneak in while average citizens sleep, eat, and go mall shopping, and while contractors develop new weapons systems for the US military. Cyber anarchists, commonly known as hackers, disrupt networks, raid financial accounts, and plunder data. Armed with lightning reflexes, hyperfocus, and tenacity, Benjamin Tedesco ’02 battles against hidden opponents in the high-stakes game of cybersecurity. More international arms race than Playstation matchup, the game goes on round-the-clock, 365 days a year.

“Not to be overly dramatic,” says Tedesco, a cybersecurity professional who was a member of the Montgomery Scholars program, “but we are actually protecting America by stopping foreign invasions.” Regularly, Advanced Persistent Threats (APTs), or technically sophisticated adversaries with the financial backing of organized crime syndicates (or even entire nations) are on the prowl to breach high-value targets.

Some of the most common methods of cyber-attack involve spear phishing, stolen passwords, malicious code, denial of service attacks, and the exploitation of misconfigured devices. Hospitals, banks, government agencies, energy companies, and commodities manufacturers are favored targets. American consumers, too, make for easy prey. Last holiday season, a breach of credit and debit card data affected more than 40 million Target shoppers. In September, 56 million Home Depot customers learned they were at risk from a breach that went undetected for months. Attacks on energy facilities, and military and intelligence contractors pose serious threats to national security. Tedesco, the patriot, is not exaggerating when he talks about the critical nature of cyber defense.

After 10 years in the business, the 32-year-old Montgomery County native remains optimistic about the cyber industry’s ability to fight back by detecting and responding to breaches. During the last several years at Booz Allen Hamilton, a business consulting firm based in McLean, Virginia, he spent days and weeks on Red Bull-fueled “rescue” missions, where his proactive threat detection and incident response team hunted and analyzed forensic data in client systems that had been breached. They sifted through layers of evidence to locate suspicious anomalies, called “outliers,” which are out-of-the-normal programs—but not necessarily spyware. The team would zoom in and take a closer look at each needle in the digital haystack.

“The idea behind the software we use is similar to that of laying clear acetates (transparencies) over a baseline drawing,” he says. “Each layer should line up perfectly atop the one below. Anything that deviates from the norm, or standard configuration, will easily stand out. That’s where we figure out what’s really going on there.”

With active top security clearance, Tedesco has been called in to work at federal government agencies and defense contractors. He recently moved to a smaller, niche firm that specializes in Endpoint Threat Detection and Response (ETDR) products. As a consultant for Bit9+Carbon Black, a Boston-based firm, he interacts with his team of cybersecurity detection and prevention analysts—he calls them the “security ninjas.” He still works with corporate clients, the federal government, and forensic security consulting firms, like his former employer. The biggest attraction, he says, is the opportunity to help build and tune tools for incident responders to use every day in the field, and then to be able to guide the organizations on how to use the latest and greatest technology. “It was an offer too good to pass up,” he says.

Beyond firewalls and out-moded detection software, Tedesco teaches clients how to use next-generation security tools to protect their data. In an industry that grows exponentially each year, potential for workers with the right skills—and personality traits—is open-ended. Tedesco recently switched from intensive analysis/forensics work at client sites to consulting work he can do from remote locations, including his home.

Tedesco’s meteoric rise coincides with the rapid changes in cybersecurity. Antivirus software, which boomed from 1990 to 2000, has proven ineffective, as it only worked to stop “known bad” malicious programs. Hackers every day are writing new programs for new targets, thereby sidestepping the old “signature-based” security methods. These next-generation prevention tools employ “white listing” practices, which only enable “authorized” applications to run; newly downloaded/installed programs only are able to run once a user or system manager “approves” them to do so. In addition to preventing bad files from running, these new tools help incident responders to quickly monitor and contain enterprise-wide breaches in a fraction of the time it used to take, given that all of the execution and network data for a system is logged and made easily searchable for a “hunt team.”

“I’ve seen it work firsthand,” says Tedesco, “at client sites—where Bit9 made an extremely vulnerable enterprise stronger than any other enterprise I’ve seen. It makes me excited to see how this is all coming together… It was like going from driving a go-cart to driving a Formula One car.”

Cyber (Job) Security

According to the US Department of Labor, cybersecurity is among the fastest-growing professions in America. This includes positions as information security analysts, computer and information research scientists, software developers, systems managers, and network architects. In Montgomery County, potential employers include the more than 18 federal agencies and installations, including the National Institute of Standards and Technology’s new National Cybersecurity Center of Excellence, as well as approximately 40 cybersecurity companies.

“It takes more than good computer skills to do well in cybersecurity,” says Booz Allen Hamilton senior associate Anthony Harris. “It takes an appetite for information. There are continually new weapons and opponents in this arms race, so you have to constantly be learning… what you learned two years ago may not work today.”

To help meet workforce demands, Montgomery College introduced an associate degree program in cybersecurity in 2010. The program provides entry-level computer technicians with information security expertise (i.e., threats and vulnerabilities, prevention hardware and software, etc.), and prepares them to sit for industry certification exams. It has won numerous awards, including a National Center of Academic Excellence in Information Assurance for two-year education, from the US Department of Homeland Security and the National Security Agency (NSA). It also received recognition and official certificates for meeting industry standards in courseware and training.

And the word is out. Enrollment in the College’s cybersecurity programs increased 19 percent in its second and third years (2011–2013). By fall 2013, all 800 seats were filled, and more than 200 students were pursuing a cybersecurity major. The program’s growth led to hiring two new full-time faculty members and adding two cybersecurity certificates. By next year, students can pursue a degree in digital forensics, an in-demand specialization.

With a fast-paced industry comes opportunity for those with the right skills. In the early 2000s, Tedesco pursued associate’s and bachelor’s degrees in computer science, mainly because there was no such thing as a degree in cybersecurity. Over a decade later, he continues to hone his skills and knowledge. He is working on a master’s degree in homeland security and information security and forensics at Penn State University. He expects to finish in 2017.