Career Notes 3.20.22
Ep 92 | 3.20.22

Derek Manky: Putting the rubber to the road. [Threat Intelligence]


Derek Manky: Hello. My name is Derek Mankey and I am the Chief Security Strategist and VP of Global Threat Intelligence at FortiGuard Labs. 

Derek Manky: When I started cyber crime was not known to many people. Now, you know, when people ask what I do and I say, well, I'm in cyber security there's a lot of interests actually, which is a good sign. If you talk about cybersecurity, people think it's highly technical and some aspects are of course, but they just don't know where to start.  

Derek Manky: My father bought me a 286 system when I was about seven years old and I was the only kid on the block with the computer at the time, and I loved it so I knew I always wanted to do something in tech. I didn't know security at that point, but I did have this dream in high school of becoming Mission Control for NASA. Working with mission critical systems in order to, um, work in high stress environments, I guess, to have a big impact. 

Derek Manky: Post-secondary I got into of course, computer science and system technology, and did a lot of coding. I love programming and so that was my 24 hour routine it seems. A lot of low level languages. Working, not only with C and C++, but Assembler and x86 code, and that got me into more debugging and then reverse engineering. Which inherently again, I didn't, wasn't thinking of a security track at the time, but just being really passionate and interested about that naturally it got me interested in malware and computer viruses as well and how they work. 

Derek Manky: I had a lot of passion around programming so I became a teacher for awhile. Not many people know that about me and I was teaching programming and object-oriented programming. Then I actually got a phone call from a friend who was hired at Fortinet and suggested that I apply and that's how I started my journey here. This was a real 18 years ago. I applied into Fortinet and I got hired actually as a software engineer working on our flagship operating system at the time. And shortly after that, um, there was some opportunity to work with our FortiGuard Labs team, which again, existed all the way back still in 2004. And that's where really started putting the rubber to the road and connecting my previous experience with programming and debugging and knowledge of operating systems and all that with real-world applications that we were already doing in the Labs back then. Some of my first projects I worked on were actually with our antivirus engine writing new code detection routines to catch the latest and greatest malware at the time. 

Derek Manky: We're always up at night that's what, what keeps us busy. Today it's vastly different compared to when I started we had only a handful of researchers and analysts, and we were working graveyard shifts because that's all that was needed back then. If you looked at the threat landscape, um, it wasn't incredibly complex like it is today. Fast forward to today of course it's a completely different beast.  

Derek Manky: I think it's important to get the message across that it doesn't have to be complicated. You don't have to enter as a very senior level expert in the cybersecurity field. There's a lot of tools out there. Great podcasts like this one or resources to listen to and do that education piece, I think is really important. At the same time, as I said, my career path started as a developer. I didn't even start as a cybersecurity expert. There are a lot of entryways. And in fact, in terms of careers that's growing in the industry, it used to be more specific as an example, just malware analysts that's quite specific. Nowadays, there's so many things with data science, as an example, machine learning models, those are very hot in our industry. There's not just one cybersecurity position. You have to understand there's many different ones. So it's important to understand the makeup of those positions and, and it's much easier actually to find a fit nowadays, even at a, at an entry level. 

Derek Manky: A big part of my leadership style is about interoperability. Being able to have true teamwork between not only my team, because I have multiple departments in my team, but between other organizations at Fortinet too. That's a really important piece because as we discover new attack techniques, we got to make sure that we can share that information with relevant teams so that they can add safeguards from the development stack as an example, to protect against them. 

Derek Manky: I think it's really important just like we do with incident response, just like we do with defending against new threats and that whole speed theme on intelligence, it's the same thing with learning from mistakes. You'd have to definitely acknowledge it, own anything, step up to the plate, and really try to move, move forward with that in stride is as much as you can.  

Derek Manky: I've always wanted to make an impact in terms of fighting the war on cybercrime. I expanded a lot beyond just my early days of a malware analyst. Today, I'm actually wearing multiple hats. I lead our global threat intelligence team. I have a team of malware analysts and reverse engineers who are still looking at the what's new and breaking it down and understanding the threat. I also wear a hat for the threat intelligence piece. So making sense of all of that data coming in, how can we actually separate the signal from the noise, find new leads that we can use for threat hunting. And the other piece is industry. That's a big part of my job. Something I'm very passionate about. Is working with industry I've been building partnerships, private to private sector partnerships, private public sector partnerships. It's all in an effort to fight cyber crime and to lead on disruption and really to try to make it more expensive for cyber criminals to operate. 

Derek Manky: It's hard to find resources, as we know, there's always been a skills gap shortage. So when it comes to the team, we have to have rockstar performance. And so I like to have everybody on my team who are really self-sufficient and independent, but working together that's my leadership style. I like to empower people so that they can step up to the plate own different aspects. Because again, we're juggling multiple things from our analysis to threat intelligence, to information, sharing, to, uh, customer engagement and consulting and the C-suite side of the house. All of that needs to come together under the hood.  

Derek Manky: There's a lot of things looking back in my career and achievements that I'm definitely happy with. I wrote the original bylaws for the Cyber Threat Alliance, which we co-founded back in 2014, set up zero-day research programs in the industry. There's a lot of things that have had an impact. But when I walk away, I would like to really see a reduction like a dent, if you will, or hopefully a crater in the, in cyber crime itself. Unfortunately, as I said, it's been a problem that we've observed that profits are just, you know, we talk about a trillion multi-trillion dollar industry now that has to be reduced. We need to see more people arrested. And that's why I'm working with Interpol. I'm on an expert working group with them and seeing more impacts like that, that I can walk away with a more Rosie feeling in my stomach.