Zimperium Blog

Don’t take a knife to a gunfight – the mobile security dilemma

mobile_security_wild_west

Zimperium is growing with more customers, partners and most recently, more talent! We’re pleased to announce the appointment of John Michelsen to the role of Chief Product Officer, CPO. John will be working closely to manage our development and product roadmap to continue our commitment to excellence for our enterprise mobile users around the world. So how did we lure the CTO from CA Technologies to Zimperium? The answer – a mix of cutting edge technology, the chance to work with trusted and respected peers, and the opportunity to provide enterprise customers with a solution for their greatest vulnerability – their mobile devices.

We recently sat down with John for a meet and greet to understand his background and his thoughts on mobile security. In his own words, John shares his vision and excitement for what he calls the Wild West of Mobile.

By: John Michelsen

First, I’m really excited to be joining this innovative company! When my friend and prior CEO at ITKO, Shridhar Mittal, was looking for his next adventure, I suggested he look into the growing IT security space. According to the Piper Jaffray survey, security is the #1 spending priority with 75% of CIOs expecting to increase spending in 2015! (That’s up from 59% in 2014). Network (firewall) and Endpoint security were the top two segments of the market expected to see an increase in spending.

Businesses across every industry are struggling with how to adopt IT Security solutions and policies that protect user privacy, sensitive business IP and more. The attacks on JPMorgan, Home Depot, iCloud and most recently Sony, have created a climate that is ripe with fear coupled with the pressure to take action. IT security is now a hot boardroom issue. When Shridhar mentioned Zimperium to me for the first time I was excited for him to be at the center of the action! After he accepted the position and asked me to join, I simply couldn’t refuse.

I love analogies so this is likely the first of many that you’ll hear from me. The way I see the mobile security landscape is like the Wild Wild West. Bring Your Own Device (BYOD) policies have fundamentally changed the security landscape, but customers are still bringing knives to the gunfight when it comes to combatting hacking. Underground organizations are making it their full-time responsibility to undo security policies and best practices that modern day technologies were originally developed to protect. Hackers are using sophisticated tools and techniques to gain access to things they shouldn’t have access to – and there seems to be no end in sight to their vigilance. Whether it’s breaking encryption, stealing credit card or sensitive personal information, holding companies hostage to their demands, the majority of attacks today seem to begin with a single compromised user and/or a host or network based attack.

Unlike in the physical world, cyber criminals are afforded unprecedented anonymity. Instead of breaking into one house, one bank, one car – a hacker can operate in privacy from the comfort of their living room, and execute a well thought out large scale attack resulting in multiple victims.

Prior to joining Zimperium, I served as the CTO of CA Technologies. Security is one of CA’s largest business units and they are one of the largest identity mgmt. providers in the market. Most, if not many banks in the world, use their products on the backend to securely identify access, and in many cases, data. During my tenure at CA I could see the economic draw for cyber criminal attacks. Why target one victim when you can have millions with one orchestrated attack? Advanced attackers were evolving but businesses were not keeping pace. Businesses both large and small need to start thinking like the bad guys in order to get ahead of the cyberattacks facing enterprises today.

We only have to look into our history to predict future behavior. In the wild west the bad guys used to attack stage coaches simply because they were usually transporting people with money or goods. What happened when locomotives came along? Well they simply switched gears again and followed the money. Instead of attacking one stage-coach, they were able to rob a really valuable target with more people, more money and more goods – for roughly the same level of effort. Do you think those first locomotives came with security? Here’s a hint – no!

In today’s technology rich market innovation trumps security. Businesses are focused on user experience, getting to market and making it faster, better cheaper – but not necessarily more secure! We’re so excited to get products to market that sometimes we forget to make sure they are safe and market ready. The same is true of mobile devices. In a rush to embrace the hottest technology to optimize our workforce enterprises have enabled a mixed bag of mobile security strategies that provide immeasurable value to the workplace – without the time tested security that our corporate networks, desktops and servers have enjoyed.

That is why I’m here. I’m excited and passionate about helping to develop and deploy a solution that forces us to think like the bad guys. We have the best and brightest at Zimperium. This team of security experts has the DNA and talent to see where enterprises are getting exposed and have developed a mobile solution from the ground up to detect and protect against sophisticated malware and network based threats. I fundamentally believe that an enterprise’s great vulnerability is in the mobile devices they let in and out of their organization. It’s the area where they have the least experience and greatest change — the perfect environment for weakened security. I look forward to sharing my thoughts on mobile as I begin my journey.

More about John

John is a highly respected technologist who has lived his career helping enterprise customers push the leading edge of IT transformation. His experience is broad ranging from databases to middleware, virtual cloud management, multi-channel web applications and service virtualization. What you might not expect, is he is an avid line and country ballroom dancer. (We will be asking for a demonstration at our next sales meeting!) He is also Dad, to his daughter, a sophomore in college, and his son, a senior in high-school. If he’s not chasing the next greatest technology, sweating it out on the dance floor, or helping his children achieve their goals, you can find him on the road with his motorcycle.

With 12 patents awarded or in process, market-leading inventions, John is a true factory of innovation.

John joined CA Technologies in 2011 through their acquisition of ITKO, a company he founded and drove successfully for 12 years. At CA Technologies, John set the strategic direction for service virtualization and was responsible for driving their continuous innovation vision. Prior to ITKO, John’s experience includes leading SaaS and E-commerce transformations for global enterprises.

We’re excited to welcome John to the Z-Family! Look for more guest posts from John coming soon!