Minimize your digital risk by detecting data loss, securing your online brand, and reducing your attack surface.
A powerful, easy-to-use search engine that combines structured technical data with content from the open, deep, and dark web.
Digital Risk Protection
Read our new practical guide to reducing digital risk.
New report recognizes Digital Shadows for strongest current offering, strategy, and market presence of 14 vendors profiled
Read Full Report
Organizations rely on our cyber intelligence analysts to be an extension of their security team. Our global team of analysts provide relevant threat research, much needed context, tailored remediation advice and managed takedown support to make our clients’ jobs easier and more efficient. Crucially, by having analysts within the intelligence and collection cycle, we’re able to minimize the real-time false positives that cause nightmares for most organizations.
In our Security Analyst Spotlight Series, we bring our analysts out of the shadows and into the spotlight, showcasing their expertise and interests so you can learn a bit more about a “day-in-the-life” of a Digital Shadows Intelligence analyst.
Name: Christian Rencken
Team: Managed Services Intelligence
Title: Senior Cyber Intelligence Analyst
Q: How did you get into the field of cybersecurity?
A: I began my cybersecurity career in Sales in San Francisco and it wasn’t long before I realized I wanted to be on the ground floor looking for threats. Intelligence analysis grants me the bird’s-eye-view of our customer’s risks, and we can see threats developing from all different areas, including the dark web. The proliferation of devices connected to the Internet increases the average user’s experience to a whole new world of cyber exposure, which easily can begin to snowball and turn into a threat.
Q: What areas of cyber security are you most interested in?
A: I’m most interested in the structure of different groups, whether nation-state or criminal. This has been somewhat of a newfound interest, but as I’ve been studying the threat landscape I’ve come to learn how important each group’s structure is to both accomplishing their tasks and maintaining anonymity.
Regarding the intelligence analysis job itself, I really enjoy the exposure to the open and deep web and understanding how to maintain operational security in this new cyber world we are so quickly rushing into. Nearly every action I take while surfing the web, whether it’s using my credit card on point of sale systems or communicating on social media, is influenced by what I see working here at Digital Shadows.
Q: What has been your favorite online investigation to work on?
A: During the Winter Olympics in 2018 we conducted daily intelligence briefings with a client that was sponsoring the event. Every morning we briefed the client on cyber events from the previous day as well as possible threats in both the South Korean region as well as the broader cyber landscape. On the final day of the call we worked with a team of security and intelligence analysts from different organizations to assess the threats that had emerged over the course of the games, locate where the attacks were coming from, and make recommendations for how the client could mitigate against these threats both at the time and for future events.
Q: What are the most recent cybersecurity trends that people should be aware of?
A: One of the most recent and significant cybersecurity trends has been the different ways to monetize off of cryptocurrency related campaigns, but I predict this to start to slow down as we see the decrease of the “cryptomania”.
Going forward from here I’d say that collectively we need to be aware of the continued interference and influence campaigns on the United States elections coming up in November. This one is particularly interesting to me because for something like this, it’s not as if we can simply focus on dealing with a new tactic, technique or procedure (TTP) or vulnerability; this isn’t something that can be fixed just with a patch. As recent indictments have shown, threat actors targeting elections use a variety of techniques – often traditional and common ones such as social engineering and spearphishing – in aggregation and over a prolonged period of time. It is this persistence and operational sophistication that makes it so difficult to defend.
Q: What advice would you give someone wanting to become an intelligence analyst?
A: My first bit of advice is to be open-minded. Intelligence analysis isn’t something that you only do at work, but it is something that you adopt outside in life as well. Principles like not following your emotions, but following the facts, interrogating evidence, being happy with being wrong, admitting your mistakes quickly, and objective reasoning are all crucial tenants of this position.
My second bit of advice is to familiarize yourself with the intelligence industry you’re in. Obviously in this case it’s cyber intelligence, so for this job specifically I would recommend learning as much about cybersecurity fundamentals as you can. And don’t worry about being confused at first because of the complexity.
Q: Tell us one thing that most people won’t know about you?
A: There’s probably a lot, but one thing that surprises people is just how much I like to turn on live feeds of African wildlife videos. Often times when I’m in need of a breather or relaxation, I will throw on a live feed of a watering hole in Africa and watch the animals go by. I love being outdoors and I’ve always been obsessed with African animals, so watching them peacefully pass by is a form of meditation for me.
Bio: Christian Rencken is a Cyber Intelligence Analyst at Digital Shadows, which he joined in mid-2016. Christian has a passion for intelligence analysis and all things global affairs. He holds a BA in Anthropology, a minor in Political Science and a Certificate in Applied Business from the University of Colorado. He also has a certificate in Entrepreneurship Essentials from Harvard’s HBX Business School.
Interested in hearing more from our intelligence team? Check out our blogs or subscribe to our weekly threat intelligence podcast, ShadowTalk.