Every single environment that I’ve ever seen has always been compromised, and that’s what’s most scary about what we do.
Derek Dean doesn’t just have a flare for the dramatic; the reality of today’s cyber environment really is as volatile and vulnerable as he says. Fortunately, he works for a team of people who make it their mission to improve that sometimes bleak outlook.
“A lot of what I deal with are the really bad situations,” Derek says. “You could call it disaster recovery.” Often, that means pulling Stealthwatch customers back to good standing when something goes wrong. “It’s frightening sometimes, because it’s really down to how [the customers] react.” he says. “When you see [something suspicious] happening and you point it out, [the customer’s] response is either ‘oh crap, we need to investigate this,’ or ‘I don’t have time to deal with this, this is somebody else’s problem.’”
Of course, Derek appreciates when the customer is invested in finding solutions, and in some cases, they have no choice. “There’s been massive hacks in the news, and the next day I hear from that customer,” says Derek. “We have to export everything that’s on their NetFlow collector and get it off to the FBI as soon as possible.”
However, customers also seek Derek’s help for less dire reasons. One common issue occurs when a company environment grows exponentially, and their NetFlow overpowers the system. Derek worked to troubleshoot this problem with a legacy computer technology customer recently: “The initial deployment had a limit, and as the network grew and what they wanted to see on the network grew, the system became overloaded,” he explains. “Our mantra now [with new deployments] is: ‘you’re going to need more than you think.’”
To learn how Stealthwatch can help mitigate data loss, click here.