IT Life: Safe And Sound

cyber security

Dave Palmer, director of technology at Darktrace, tells TechWeekEurope about machine learning, dreams of being an astronaut, and how he hopes the days of email are numbered

Tell us about your company, how long have you been in IT and what are your areas of expertise?

Darktrace was founded to bring a new, mathematical approach to the cyber security challenge, based on the principles of the human immune system. It helps companies defend against advanced threats that are already inside their networks, using machine learning that detects truly anomalous behaviours in real time.

Prior to Darktrace, I worked in the UK’s MI5 and GCHQ for 13 years. It was the challenge of building and maintaining massive highly-connected IT infrastructures that are targeted by new attacks every day that was an inspiration for Darktrace’s approach. Whilst I started my career in software development and then global infrastructure, I’ve certainly learnt a lot about machine learning and probability theory in the last two years!

What’s the favourite IT project that you’ve ever worked on?

Dave Palmer v2 (1)The Darktrace journey is really exciting right now, but looking back into the past I’ve always been fascinated by the Disaster Recovery projects that I’ve taken on. Finding out what really matters to people and operations in a crisis situation when ‘all bets are off’ is an exhilarating insight, and often calls into question why resources are expended on so many other things that don’t seem to work or that don’t actually matter. I think it would be interesting to watch enterprise security teams go through similar exercises and discover whether it changes some legacy approaches and mindsets.

What technologies were you involved with ten years ago?

It feels like a lifetime ago, but I was ripping out all non-IP and old routing technologies out of rarely-touched parts of global networks. A lot of ATM had to go, but there was plenty of much older stuff than that! I particularly remember having to design around the limitations of high-assurance network encryptors, especially with legacy real-time apps – this felt like the irresistible force versus the immovable object philosophical debate.  Security felt like a massive overhead back then. I’m hoping in the next ten years we can make it more seamless for both technical teams and our users.

What do you expect to be using in ten years’ time?

Firstly, I hope in ten years we will all be using a successor to email. Like a lot of people, I’m personally frustrated by how shallow it seems as a medium now, and how poor it is for working with global teams and customers. I’m expecting a future in which our default communications methods are encrypted, tied to identity, timely and above all enable rich collaboration.

Secondly, there is no doubt that computers will be even cleverer in ten years, thanks to new advances in machine learning that are still in their early days now, and this will transform the way we deal with cyber security. The level of nuance and subtlety that machines are starting to deal with is amazing.

What do you think is the greatest challenge for an IT company or department today?

Complexity! Over a certain size of company, the ability of an IT department to fully know what the business processes are, or know how software and data is being used, basically becomes impossible as nearly everyone is doing something different. Webapps, BYOD and outsourcing are turbo-charging this problem. For most IT departments, moving to a mindset of embracing and managing complexity, rather than slowing it and resisting business modernisation is going to be a defining challenge of at least the next five years.

CloudsecurityTo cloud or not to cloud?

I can’t get past that definition of the cloud as ‘somebody else’s computer’. There are lots of great use-cases that I would use the cloud for, but for the foreseeable future, ‘crown jewels’ data and intellectual property is likely to stay on equipment that can be directly monitored with the highest confidence.

The last two years of high-profile hacks haven’t been interesting because hacks happened, but because the hacks were only identified after they became a crisis. I would worry that sensitive data in the cloud will accelerate many companies from incident to crisis with even less chance for detection and response.

Who is your tech hero and who is your tech villain?

My tech heroes are those people who are there working for you all night when something has gone wrong – maybe it’s an outage, or a virus outbreak or an urgent patching rollout but many businesses have these people and many wouldn’t survive without them.

My tech villain would be the security person that insists that they are managing a completely clean network – it immediately creates unrealistic expectations and makes it difficult for him or her to later go back to the company board and ask for help managing risk. The idea of having a clean corporate network is becoming more and more untenable.

What’s your favourite device ever made and what do you use the most?

You’ll never prise the iPhone from my hands! The ability to land in a new country, find out where to go and how to travel there, book a place to sleep, translate foreign languages, correspond with the team and carry a massive amount of reference data (as well as the Silicon Valley TV series) is beyond what I could have imagined even back at college. It is breath-taking in retrospect.

Apart from your own, which company do you admire the most and why?

SpaceX, I can’t think of a company with a bigger goal than making human life multi-planetary. That the team has quickly made real impact on space operations and does so with a pretty open dialogue with the public is an inspiring role-model.

What did you want to be when you were a child?

An astronaut! I’ll be clamouring to get at the front of the queue as soon as we need to start building secure space networks.

How much do you know about hackers and viruses? Take our quiz!