Derek Manky: Putting the rubber to the road. [Threat Intelligence] [Career Notes]

A

You're listening to the Cyberwire Network powered by N2K. Are you ready for AI in cybersecurity? Demand for these skills is growing exponentially for cybersecurity professionals. It's why CompTIA, the largest vendor neutral certification authority, is developing SEC AI Plus. It's their first ever AI certification for focused on artificial intelligence and cybersecurity and is designed to help mid career cybersecurity professionals demonstrate their competencies with AI tools. And that's why N2K's SEC AI practice exam is coming out this year to help you prepare for the certification release in 2026. To find out more about this new credential and how N2K can help you prepare today, check out our blog@search certify.cyber vista.net blog and thanks.

B

What'S your 2am security worry? Is it do I have the right controls in place? Maybe Are my vendors secure? Or the one that really keeps you up at night? How do I get out from under these old tools and manual processes? That's where Vanta comes in. Vanta automates the manual work so you can stop sweating over spreadsheets, chasing audit evidence and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data and simplifies your security at scale and it fits right into your workflows. Using AI to streamline evidence collection, flag risks and keep your program audit ready all the time. With Vanta, you get everything you need to move faster, scale confidently and finally get back to sleep. Get started@vanta.com cyber that's V A N T A dot com cyber.

C

Hello, my name is Derek Manke and I am the Chief Security Strategist and VP of Global Threat Intelligence at Fortiguard Labs. When I started, cybercrime was not known to many people. Now you know when people ask what I do and I say oh, I'm in cyber security, there's a lot of interest actually, which is a good sign. If you talk about cyber security. People think it's highly technical and some aspects are of course, but they just don't know where to start. My father bought me a 286 system when I was about 7 years old and I was the only kid on the block with a computer at the time and I loved it. So I knew I always wanted to do something in tech. I didn't know security at that point, but I did have this dream in high school of becoming mission control for NASA, working with mission critical systems in order to work in high stress Environments, I guess, to have a big impact. Post secondary, I got into, of course, computer science and system technology and did a lot of coding. I love programming and so that was my 24 hour routine, it seems, right, a lot of low level languages working not only with C and C, but assembler and x86 code. And that got me into more debugging and then reverse engineering, which inherently again, I wasn't thinking of a security track at the time, but just being really passionate and interested about that. Naturally it got me interested in malware and computer viruses as well, how they work. I had a lot of passion around programming, so I became a teacher for a while. Not many people know that about me, but I was teaching programming and object oriented programming for a while. And then I actually got a phone call from a friend who was hired at Fortinet and suggested that I apply. And that's how I started my journey here. This was over 18 years ago. I applied into Fortinet and I got hired actually as a, as a software engineer working on our flagship operating system at the time. And shortly after that there was some opportunity to work with our vortiguard Labs team, which again existed all the way back still in 2004. And that's where I really started putting the rubber to the road and connecting my previous experience with programming and debugging and knowledge of operating systems and all that with real world applications that we are already doing in the labs. Back then, some of my first projects I worked on were actually with our antivirus engineering, writing new code detection routines to catch the latest and greatest malware. At the time, we're always up at night. That's what keeps us busy today. It's vastly different compared to when I started in Fortiguard Labs. We had only a handful of researchers and analysts. We were working graveyard shifts because that's all that was needed back then. If you looked at the threat landscape, it wasn't incredibly complex like it is today. Fast forward to today. Of course, it's a completely different beast. I think it's important to get the message across again that it doesn't have to be complicated. You don't have to enter as a very senior level, you know, expert in the cyber security field. There's a lot of tools out there, great podcasts like this one, right. And resources to listen to and do. That education piece I think is really important. But at the same time, as I said, my career path started as a developer. I didn't even start as a cyber security expert. There are a lot of Entryways and in fact, in terms of careers that's growing in the industry, it used to be more specific. As an example, just a malware analyst. That's quite specific. Nowadays there's so many things. With data science as an example, machine learning models, those are very hot in our industry. There's not just one cybersecurity position you have to understand, there's many different ones. So it's important to understand the makeup of those positions. And it's much easier actually to find a fit nowadays, even at an entry level. A big part of my leadership style is about interoperability, being able to have true teamwork between not only my team, because I have multiple departments in my team, but between other organizations at Fortinet too. That's a really important piece because as we discover new attack techniques, we got to make sure that we can share that information with relevant teams so that they can add safeguards from the development stack as an example to protect against them. I think it's really important, just like we do with incident response, just like we do with defending against new threats. And that whole speed theme on intelligence, intelligence, it's the same thing with learning from mistakes. You have to definitely acknowledge it, own anything, step up to the plate, like I said, and really try to move, move forward with that in stride as much as you can. I've always wanted to make an impact in terms of fighting the war on cybercrime. I expanded a lot beyond just my early days of a malware analyst. And today I'm actually wearing multiple hats, right? So I lead our global threat intelligence team. I have a team of malware analysts and reverse engineers who are still looking at the what's new and breaking it down and understanding the threat. I also wear a hat for the threat intelligence piece. So making sense of all of that data coming in, how can we actually separate the signal from the noise? Find new leads that we can use for threat hunting. And the other piece is industry. That's a big part of my job. Something I'm very passionate about is working with industry. I've been innovating for 15 years in the industry, building partnerships, private to private sector partnerships. Private, public sector partnerships. It's all in an effort to fight cybercrime and to lead on disruption and really to try to make it more expensive for cybercriminals to operate. It's hard to find resources as we know. There's always been a skills gap shortage. So we have to have rock star performers. And so I like to have everybody on my team who are really self sufficient and independent but working together, that's my leadership style. I like to empower people so that they can step up to the plate, own different aspects because again we're juggling multiple things from malware analysis to threat intelligence to information sharing to customer engagement and consulting in C suite. But all of that needs to come together under the hood. There's a lot of things looking back in my career and achievements that I'm definitely happy with. I wrote the original bylaws for the Cyber Threat alliance which got started actually we started it, co founded it back in 2014, set up zero day research programs in the industry. There's a lot of things that have had an impact but when I walk away I would like to really see a reduction like a dent if you will or hopefully a crater in the in cybercrime itself. Unfortunately as I said, it's been a problem that we've observed that profits are just, you know, we talk about a trillion, multi trillion dollar industry now that has to be reduced. We need to see more people arrested and that's why I'm working with Liverpool. I'm on an expert working group with them and seeing more impacts like that that I can walk away with is just going to make me with a more rosy feeling in my stomach.

B

At Talas, they know cyber security can be tough and you can't protect everything. But with Talus, you can secure what matters most. With Thales industry leading platforms, you can protect critical applications, data and identities anywhere and at scale with the highest roi. That's why the most trusted brands and largest banks, retailers and healthcare companies in the world rely on Thales to protect what matters most applications, data and identity. That's Thales T H A L E S Learn more at Thales Group Cyber Innovation Day is the premier event for cyber startups, researchers and top VC firms building trust into tomorrow's digital world. Kick off the day with unfiltered insights and panels on securing tomorrow's technology. In the afternoon, the 8th annual DataTribe Challenge takes center stage as elite startups pitch for exposure, acceleration and funding. The Innovation Expo runs all day connecting founders, investors and researchers around breakthroughs in cybersecurity. It all happens November 4th in Washington D.C. discover the startups building the future of cyber. Learn more at the end. Cid.datatribe.com.