Security Analyst Spotlight Series: Adam CookNovember 7, 2018
Organizations rely on our cyber intelligence analysts to be an extension of their security team. Our global team of analysts provide relevant threat research, much needed context, tailored remediation advice and managed takedown support to make our clients’ jobs easier and more efficient. Crucially, by having analysts within the intelligence and collection cycle, we’re able to minimize the real-time false positives that cause nightmares for most organizations.
In our Security Analyst Spotlight Series, we bring our analysts out of the shadows and into the spotlight, showcasing their expertise and interests so you can learn a bit more about a “day-in-the-life” of a Digital Shadows Intelligence analyst.
Name: Adam Cook
Team: Managed Services Intelligence
Title: Team Lead, Cyber Intelligence Analyst
Q: How did you get into cybersecurity?
After attempting to liven up my Criminology course at Liverpool I started to take an interest in contemporary geo-political issues, which led to an interest in studying for an MA in Intelligence. During this course I focused on cyber security issues and the emerging field of cyber intelligence.
Q: What’s your favourite part of the job?
The chance to research into things that you are interested in for work is something I consider invaluable, so that would have to be my favourite aspect. I am also excited for the future. The need for cyber security professionals isn’t going to fade anytime soon – this is gold dust in terms of motivation. Besides that, my team are awesome, and people take a genuine interest when you tell them what you do for work.
Q: What advice would you give someone wanting to become an intelligence analyst?
For any students thinking of studying intelligence or applying for graduate jobs: forget everything you know about trying to turn a small number of ideas and references into many thousands of words! Analysing intelligence requires the exact opposite: turning multiple ideas, facts and observations into short, concise judgements. This is something I struggled with at first having spent so long writing heavily theoretical essays, but am now glad to have both as a skill.
Q: What areas of cybersecurity are you most interested in and why?
Developments in Internet of Things (IoT) technology was one of my first interests as I started to get to grips with cyber security. In particular, I was drawn to the idea that as our devices become “smarter” they also increase our attack surface and make us more vulnerable.
I was able to combine this with my passion for sports when completing my dissertation thesis for my Masters, which looked at cyber security risks to major sporting events. Here I explored some of the growing risks to these events as they introduce, and become more reliant on, smart technology. IoT expansion now stretches across areas such as athlete performance, spectator experience and the optimization of venue infrastructure. Data can be shared and accessed through IoT devices more easily with the use of smart watches and tablets used by players and coaches; the same technology can now enhance a viewer’s experience through the provision of live stats and player tracking. Stadiums now use ‘connected’ systems to provide suitable sporting environments that aid lighting, temperature and recovery facilities. The dissertation highlighted future scenarios where these may be able to result in tangible physical harm to those involved.
Q: What has been your favourite project or investigation to work on?
I’ve been lucky enough to have worked on a variety of investigations and projects. Specifically, I enjoy investigations into attacker infrastructure such as the email accounts and domains they use to conduct their campaigns. Here I get to use our Shadow Search product and a variety of open source tools to perform my investigations. Every now and again you find yourself following an interesting trail along WHOIS records, cached website pages and DNS lookups that you can combine with our own intelligence repository to paint a picture for the client of how a threat actor operates and structures their campaign.
In terms of projects, achieving consistency and assuring the quality of the incidents we produce for our clients is something I am very passionate about, so being in a position to help train and guide the team in identifying false positives and producing high-grade reporting is something I love to do.
Q: What are the most significant cybersecurity trends that organizations should be aware of?
Data exposure is something that is becoming increasingly significant and is seemingly gaining more mainstream coverage year on year. It seems that we are hearing of these incidents on a much larger scale now; from the Equifax breach, to the Cambridge Analytica scandal, and now with high profile breaches such as those that affecting the sales intelligence firm Apollo. Both people and large organizations are affected by these. While basic cyber hygiene such as good password practices are a necessity, it seems these can only go so far, especially when large firms that are in the business of collecting data on people are being compromised and that information is then exposed publicly. The nature of these concerns is credit to the work we do at Digital Shadows as we try to give our clients an insight into their online exposure and manage that risk.
Aside from this, I am personally interested in how smart devices and systems are being securely configured as they continue to offer increased connectivity in our everyday lives. The use of the IoT in transport, power grids, fire safety systems, building temperature control and POS machines, despite being at the early stages of development, is something I think we should be attentive towards in the future to ensure security is at the forefront of these innovations.
Bio: Adam is a Lead Cyber Intelligence Analyst in the Managed Services Intelligence team. He is responsible for delivering tactical and operational threat intelligence, context, and recommended actions based on the most critical and relevant risks collected through the SearchLight platform. Adam completed an undergraduate degree at Liverpool University and then went on to study for a Masters in Intelligence at Brunel University London.
Interested in hearing more from our intelligence team? Check out our blogs or subscribe to our weekly threat intelligence podcast, ShadowTalk.