A Year in Review with Kevin Mandia
With 2021 nearly behind us, we could think of no better way to close out this year of Eye on Security podcasts than to bring on the individual responsible for founding Mandiant more than 17 years ago, Kevin Mandia. Beyond leading our company as CEO since 2016, Kevin is simply a well of cyber security knowledge, with frontline experience dating back to the 90s when he served as a computer security officer in the United States Air Force.
It’s hard to believe, but it’s been one year since we announced the SolarWinds incident. The discussion kicks off with Kevin telling host Luke McNamara, principal analyst, about how he felt during those first few days in early December 2020, and how impressed he was at the multiple teams working feverishly up through the holidays and beyond to make sense of a tough situation.
Kevin has never been one to shy away from expressing his feelings on the importance of attribution and holding threat actors accountable. He touches on both topics, and adds that nations need to work together, or else cyber criminals can theoretically commit crimes from thousands of miles away without any fear of real repercussions. Kevin follows that up by discussing the individual roles of the public and private sectors in cyber security, and how each has an important role to play.
Asked about 2022 and beyond, Kevin shared three things he hasn’t seen yet that are on the top of his mind: 1) Industrial control system (ICS)-aware malware being used in the United States, 2) A good false flag operation (although he considers some of them to be intentionally clumsy), and 3) A nation change data (excluding log files or config files that might be changed to achieve a particular result).
Kevin closes out the chat by discussing the future of our Mandiant Advantage platform and the overall importance of having the right intelligence, the benefits of partnering with the right organizations especially for information sharing, and what’s in store for Mandiant in 2022 and Kevin’s overall vision for the company now that we have completed our rebrand.
Listen to the podcast now!
Note: This episode was recorded prior to the news surrounding the Log4j vulnerability.