Author: Scott Kinka

The Bridge Podcast - AT&T CybersecurityOn this episode of The Bridge, I’m joined by Melanie Thomas, Principal of AT&T Cybersecurity. We’re talking about the evolving cybersecurity landscape and so much more.

AT&T Cybersecurity’s Edge-to-Edge technologies provide phenomenal threat intelligence, collaborative defense, security without the seams, and solutions that fit your business. Our unique, collaborative approach integrates best-of-breed technologies with unrivaled network visibility and actionable threat intelligence from AT&T Alien Labs researchers, Security Operations Center analysts, and machine learning – helping to enable our customers around the globe to anticipate and act on threats to protect their business.

During our conversation, we got into the increasing demand for managed cybersecurity services among smaller companies, the importance of starting with basic cybersecurity concepts and education when working with customers, diversity in the cybersecurity landscape and why cybersecurity it a team sport.

  • Melanie’s role at AT&T focused on managed threat detection and response (MTDR) and managed endpoint security with SentinelOne.
  • The importance of diversity in the cybersecurity industry and the benefits of bringing different experiences and perspectives to the table.
  • The growth of women in the cybersecurity landscape.
  • The natural progression of AT&T from network services into cybersecurity due to changes in the economy and work landscape.
  • The impact of hybrid work on the cybersecurity landscape, with the shift to remote work increasing the importance of topics like VPNs and mobile security.
  • The need for companies to consolidate their security infrastructure as they adapt to remote work and close physical locations.
  • The shift in the security focus from securing physical locations to securing individual identities.
  • The ongoing challenges in cleaning up security vulnerabilities created during the COVID-19 pandemic.
  • The importance of top-down support, corporate policies, and acceptable use conversations in improving cybersecurity.
  • The role of VDI (Virtual Desktop Infrastructure) and DaaS (Desktop as a Service) in endpoint security.
  • The evolving strategies of businesses in response to hybrid work.
  • The adoption of cloud services can significantly impact security tool selection and integration.
  • How responses to security breaches often require collaboration between various security teams and experts.
  • How AI can be used for both good and bad purposes, emphasizing the need for vigilance and visibility in security efforts.
  • Predictions for the next 12 to 18 months.

The Bridge Podcast - Melanie Thomas AT&TABOUT MELANIE THOMAS

Lead Managed Endpoint Security (MES) with SentinelOne offering, serving as service lead engineer, operations manager, and SME. Support customers deployment of the SentinelOne agent in their environments, tuning for false positives, true positives, network control, and device control capabilities. Guide customers and Threat Hunters/SOC to fully utilize the SentinelOne platform with the USM Anywhere (USMA) platform integration to perform threat hunting, research, and mitigation actions throughout their endpoint deployment. Advise on customer Incident Response Plans to build use cases and automated orchestration actions. Support AT&T Incident Response Team (IRR) in utilizing SentinelOne and USMA for active incident response engagements.

Working with the AT&T MTDR team on USMA by providing training, reference materials, procedures, and technical documentation to SoC and Tier-3 Analysts. I research, troubleshoot, document, deploy, and tune USM Anywhere for customers. Also working with AlienVault teams to expand the capabilities of USMA in analyzing 560+TB of log data through numerous deployments by creating investigations on alarms, consulting customers on cyber security best practices, and providing environmental awareness to their on-prem and cloud environments.

CONTACT MELANIE

LinkedIn

Web

 

SUBSCRIBE ON YOUR FAVORITE PLATFORM

          

 

Scott Kinka:

Well hello and welcome to another episode of The Bridge. This is one that I’ve been looking forward to since I’ve seen this power lady chat at our summit a couple of weeks ago. My guest this week is Melanie Thomas. She’s a principal in cybersecurity at AT&T. How are you, Melanie?

Melanie Thomas:

I’m wonderful. How are you?

Scott Kinka:

I’m great, I’m great. You’re not only the principal of cybersecurity at AT&T or a principal at cybersecurity, you have some other things that you do. Tell us a little bit about that.

Melanie Thomas:

I do. So outside of what I do for our services here at AT&T, which are very, very fun and varied. We all wear a lot of different hats. Outside of AT&T, I’m also an adjunct professor, so I teach at the University of San Diego for the CSOL program, which is the master’s in cybersecurity operations and leadership.

Scott Kinka:

Gotcha. And is that where you got your MS in cybersecurity from San Diego?

Melanie Thomas:

It is actually not. I actually got my master’s in cyber from George Washington University.

Scott Kinka:

Fantastic. So how did you end up doing this at University of San Diego then?

Melanie Thomas:

I love living in San Diego, so there’s that. It’s also a local school, it’s a beautiful campus, very, very well-regarded school, but I also have a lot of respect for their law program. So they hold a law symposium every year. It’s one of my favorite events and the program director, Dr. Michelle Moore is also a very well-respected cyber professional here in the city and the industry. I set the direction of the program and it asked me to come onto the program a few years ago and it wasn’t a great time. So I finally found a great time to do it last year, so I’m going into my second year of teaching now.

Scott Kinka:

Got it, got it. And how many classes do you teach?

Melanie Thomas:

Three. So only one per semester because it’s a lot right? I am working at the same time but three different courses and I’m building one right now.

Scott Kinka:

I had some time in the classroom myself teaching graduate work and it was a lot of fun. I love it. I can imagine. I’m quite a bit older than you, so I’ll get to a point where I get back to it would be my so all good. Well that’s fantastic. Tell us about what you do at AT&T. What does being a principal of cybersecurity mean?

Melanie Thomas:

Right. It’s a really vague title. They leave our titles very vague, so I am with two different services. So we have sister services here under the AT&T cybersecurity umbrella. So at AT&T Cybersecurity there’s lots of different services underneath it. So we’re not your same company that you call for your cell phone bill that you call for your internet plan. Right. We’re a different part of AT&T business and we’re really focused on the cybersecurity end. And so the services I work for are the managed threat, detect and respond, the MTDR service, as well as managed endpoint security with SentinelOne. And so these are sister services. We have customers that bundle both services where our teams have visibility into all that great logging from firewalls, endpoints, all that great things. And then also directly manage SentinelOne directly on the endpoints as well for monitoring and throughout response.

Scott Kinka:

Got it. And you were largely working in or with the SOC team there at AT&T, is that true?

Melanie Thomas:

Oh, absolutely. Right in there with all the teams. So I have the great benefit of working across multiple teams. So I am largely with our provisioning team, so helping with the security engineers who provision the services initially with the customers. So I have a chance to coach that team as well, learn about talking to the customers, this is how we want to provision into your system, what does your network look like? What are your security concerns, what are your compliance concerns? How do we want to make sure that we’re monitoring all that correctly and feeding that into our soc. We also have a great team of threat hunters that I also have the chance to work with as a team that’s in there proactively threat hunting, doing incident response as well. And then we also have a SOC team, so a different set of team members there who are 24/7/ 365 monitoring all of that between the consoles.

Scott Kinka:

Got it, got it. Well, eyes on glass.

Melanie Thomas:

Yes, yes, yes.

Scott Kinka:

Fantastic. And I would imagine that for a lot of your customers, I’m thinking about AT&T and those who would be your customers, and I’m sure they’re all over the map in terms of size, but knowing being a big partner of AT&T ourselves at Bridgepoint, your customers are mid-market and enterprise very often I would imagine that many of them have their own security operations as well. Do you find that you’re working beside them or do most customers just sort of hand you the keys on their security operations?

Melanie Thomas:

We’re finding that originally it used to be that right where the price to entry to some of the services was so high that you almost had to be a large company to even get managed cybersecurity services as part of your budget. Luckily and unluckily maybe a lot of companies need that extra helping hand, they need the expertise they can’t hire on directly. And so in the past several years we’re seeing many more smaller companies and so we’re seeing mom and pop shops, we’re seeing very small companies need help. We’re seeing customers, for example, that have less than a hundred endpoints. So we’re talking really small businesses that need just the same help and we help them just the same on incident response and monitoring that we would a significantly large international corporation.

Scott Kinka:

Got it. I was going to ask you why it’s so hard, but let me save that because I think that’s probably appropriate later in our discussion we’ll get into a little bit more of what’s happening in the broader security landscape in a minute. So let me take a step back and we’re going to tie it back to you for a moment. First, I mean with that educational background, do you find that you end up with an opportunity to leverage your educational background in your day-to-day with customers and with your peers in the AT&T soc?

Melanie Thomas:

I do. I do. And it’s a double-edged sword. Sometimes you feel very soapboxy, you’re like, oh well let’s talk about theory, right. Let’s talk about going back to basics and incident response and why it’s important to have a plan and some of those basics. So in some cases, in some customer cases, for example, if this is their first foray into security, they’ve never had those conversations. They don’t know what it’s like to do scans. They don’t know what visibility is like. They don’t have a good handle on their endpoints. And so easing into those conversations is a little bit not as overwhelming as if it happened right? As soon as an incident response is happening and you’re flinging terms and acronyms at them and it’s a lot harder. So we do find a lot of times that, especially during the provisioning process, there’s a lot of education upfront where we can’t assume that the customers have mid-range or expertise in any level of cyber, much less just basic endpoints are on premises. So just traditional cybersecurity knowledge. So things that we all take for granted a lot of times, much less a wit ability to know and counteract some of these more advanced threats that we’re seeing come out.

 

Empowering Women In Cybersecurity

Scott Kinka::

Got it. Makes a lot of sense. So let’s just tuck back into you a little bit. I did a little bit of reading, but I want to ask you a general question and I hope it’s not an unfair question, but with those who follow the show, we talk a lot about personalities and also a lot about my background as well comes out on that. And so those who follow along now I have a couple of girls and I had two girls before my son and both of them ended up in tech or around tech, but it’s usually not a straight line. Again, I hope that’s not offensive and I hope it’s not out of bounds, but I mean here you are security queen and that’s not usually an equation for people to make one, how did you end up there? And two, do you have advice for women or for girls who are just trying to figure it out, younger women as they’re thinking about cybersecurity as an option, as a career.

Melanie Thomas:

Oh, thank you. I love it. And like you mentioned, it’s not necessarily a super linear path. A lot of us start and regardless of who you are, you start in a lot of different ways and you find yourself pulling toward cyber, pulling toward it, but that wasn’t your initial path. So I first started my degree, for example, my undergrad, I was in philosophy, definitely I teach cyber law now, but that’s not necessarily where I started out. But when you start finding yourself leaning more toward the logic of it or more toward fun dynamic challenges, cyber is definitely an industry to get into. It’s growing. There’s a million different ways to do it. So everybody comes to it differently. I think I also mentioned this to my students sometimes too, that it helps the industry when you bring different experiences to the table. So if you only have a team that is only ever traditional, they’ve had the same exec certification, same exec experience, all go into the same team, you don’t have that good variety. So it’s beneficial to the team, to the enterprise, to the industry when you’re able to bring multiple points of view when you’re able to bring different types of experience to the table. I think you see that also with the FBI, when they look at special agents, they recruit special agents from a variety of industries, a variety of experience because that helps in the overall pool of approaching solutions and things like that. So I’d say don’t be afraid of it. We’re a growing population now inside of cyber. I think when I first started many, many moons ago, I think we were only I think 8% I want to say of the overall ratio metrics wise of the industry. I think now we’re at 13, so we’re growing, but a lot of room to grow.

Scott Kinka:

What I think I just heard you say, I don’t want to put words in your mouth so I’m going to read it back and then you tell me if I’m right, but diversity enables us to do our job better.

Melanie Thomas:

Absolutely.

Scott Kinka:

So you’re basically saying join me ladies.

Melanie Thomas:

Come on over. Yeah, absolutely.

Scott Kinka:

I get it. I love it. Thank you for that. And I think, I mean it’s amazing. There’s no question it’s been a male dominated industry forever. And I say that all the time, you don’t need crusty old guys like me driving everything, right? I mean, we are past our prime.

Melanie Thomas:

We need all of that. And we need allies too. We need allies that want us on the table. We need all of that.

Scott Kinka:

Totally. Yeah. There’s quite a group inside of our industry on the channel side of the house, women in the channel who’s doing a great job around this too, and several others. There’s a group that several of my associates had been involved in that I got involved in a little bit around here in Philadelphia, which has since been sort of the mantle’s been picked up and run by Microsoft. But originally it was started in Philadelphia, it was called Wine Women in Tech, well still is called Wine Women in Tech. And we would have a couple local winemakers and preferably if we could have winemakers who were female with big networking events, you know what I mean? And then just bring people in and we took it upon ourselves to serve the wine because we weren’t adding a lot to that conversation other than just here’s the safe place to have this chat.  So I applaud everything that you’re doing and I’m thrilled to be able to have this conversation. But I’ll say to everybody here, when I first met Melanie when she took the stage on the first night of our summit and just did an amazing job in front of a room of several hundred of our strategists and another a hundred people from her competitors was probably 500 people in the room and she did an amazing job. So I was really excited about this episode as a result. So let’s check two more things on that by the way. On your LinkedIn profile, you mentioned Hope Punk. Can you tell us a little bit about Hope Punk?

Melanie Thomas:

I love the idea of Hope Punk and I love that you’re asking about it personally. We should socialize this one, right? Everybody needs to be a Hope Punk. It is a radical idea. It’s a joint movement of bringing optimism and bringing good and all moving in the same direction that ultimately we can still fight for the good fight. We are all moving in a good direction. We are all moving for positive change. We are all moving in kindness to each other. It’s all team effort. I think cybersecurity. So James lla for example, I was on a Sands course with him recently. Cybersecurity is a team effort, it’s a team sport and our teams do that very much so. It’s never one person who is the smartest person in the room. It takes a team effort to attack the bad guys just as much as they’re attacking us and go in this together. And so it’s hard sometimes when you’re on the other side of it. So being the good guy side, we have to play by the rules. Bad guys don’t have to play by the rules. And so it can be very defeating. And so I think when you’re purposefully putting yourself in a hope punk kind of mindset, you’re like, you know what? This is a challenge and it’s going to be a challenge. And I choose to be in a growth mindset. I choose to look for kindness and look for positive change. It helps shift the conversation. It helps shift the way that you approach teams and approach solutions.

Scott Kinka:

And Hope Punk itself is largely centered around in a lot of ways around sci-fi content. Do I have that right?

Melanie Thomas:

It is, yes.

Scott Kinka:

Gotcha. So fighting for good as opposed. Yeah, I totally get it. I asked you earlier if any of your tattoos fell into the Hope punk story and you pointed one out. Is it off limits or am I allowed to ask about it?

Melanie Thomas:

No, absolutely yes. Of my many tattoos, this one on the inside here, this is from Hitchhiker’s Guide to the Galaxy, so it is the answer to life and everything. So it is the number 42 with the whale and a pot of patas. So right here on the inside, right in the strength. But yeah, I love it.

Scott Kinka:

That’s amazing. And then the other coincidental number that popped up on this one is that this is our 41st episode. You just left above 42. This is our 41st episode. And you like, I happen to be a Dave Matthews fan. So that’s a pretty good number if you’re a Dave Matthews fan.

Melanie Thomas:

Absolutely.

Scott Kinka:

That’s amazing.

Melanie Thomas:

The universal lining. Yeah.

 

The Evolution of Security in the Era of Hybrid Work

Scott Kinka:

Let’s jump over into the security concept a little bit. I think people think AT&T, they think different things. You’ve got a short one that says AT&T Cybersecurity told us about all the great things that you guys are doing to help businesses of all sizes, and I learned a little bit about that. I would’ve thought a little bit larger. But I also think that given everything that’s happened in the economy and in the way we work over the last couple years, that it’s a very natural progression. Not that this is a new area for AT&T, but it’s a very natural progression from network into security because our sense of place has really completely democratized. I mean the shiny building concept has become so much less important in the way that businesses think about their business networks and how they secure them. I mean is that, first off, is that a fair statement for me to make? Is this a natural place for AT&T to land?

Melanie Thomas:

Absolutely.

Scott Kinka:

Okay. How do you think security has changed in the light of hybrid work? I mean the jobs changed. How long have you been AT&T now?

Melanie Thomas:

Just over three years, I want to say maybe three and a half years.

Scott Kinka:

So you were catching the beginning of the turn, but now business is very different. I mean, how has security in general changed in the light of hybrid work in your mind?

Melanie Thomas:

Oh, it’s absolutely changed the conversation. So as soon as we saw Covid happen and everything shifted to home networks, we now had a whole workforce that needed to be aware of what do I do at home and how does that impact my enterprise? Does that even mean anything? So where before, every once in a while you might work from home. We had a smaller percentage of the workforce that did normally work from home or remotely. So VPN became very much part of the conversation, what is a VPN? Why do I care about it? Do I really have to stay connected? Mobile is now becoming very much a larger part of the conversation too. So still remaining free outside of the corporation, but everything’s tied to our mobile phones that still has ties into corporate resources and how can that be used to be leveraged in an attack to steal credentials, all of those fun things. We very much see that being used and leveraged in incidents as well. So we see companies needing to consolidate that. So they’re consolidating their workforce, they’re closing down buildings, but they still need all of that actual cloud infrastructure. They still need SSD wan, they still need VPN, they need endpoint protection to still be able to manage the still existing workforce just in a different way.

Scott Kinka:

Yeah, I mean in a lot of ways the security now has gone from sort of many to one meeting people into locations to many, many, I guess in a lot of ways the footprint, you can’t build the moat at the office anymore. Well, let me ask you this question. Is it fair for me to say that the base unit of measure in a security posture is no longer location, it’s person?

Melanie Thomas:

Oh, identity. Yes. I would say identity.

Scott Kinka:

Okay. And so tell me why you said identity versus person, you see that differently.

Melanie Thomas:

I see that a little bit differently. So identities, you can have multiple ways to think about identities, but you’re one person, so me as my one person can have multiple ways that my identity is tied into corporate resources. So let’s say mobile, taking mobile, if I have a corporate provisioned mobile phone, y’all can remotely wipe that. If I do something ridiculous, my corporation can say, Hey, no, wipe the phone. But if I have a personal device, they can maybe wipe the corporate, but they can’t wipe my personal information. And so my identities are kind of separated there and tied into different softwares and different applications and things. So I think the more complex our identities are becoming because of all that separation, the ability to manage that and keep an eye on where all those identities are tied into and how that’s controlled, I think it’s going to be really interesting in the next few years.

Scott Kink :

You mentioned, I think that’s a super interesting point. You mentioned that you do a lot on the customer side, particularly around implementation. And as I’ve met with customers, I’m out in the field all of the time and as we met with them, we always end up in this conversation where we all kind of got a free pass during COVID we had the moats built and then we tore the moats down, but we did it very poorly in COVID. We all ended up with three collaboration platforms and a bastardization of our remote work strategy because we had our VPN supported by 20% of our employees and now we have to support a hundred percent. You’re like all those things. How often when you’re onboarding now three-ish years, two and a half-ish years removed from the pandemic, are you still undoing the hell businesses hath rock, if you will, on themselves during the pandemic or are we sort of beyond the cleanup work and now end of the tightening work?

Melanie Thomas:

Oh, we are still very much in the cleanup work. Many companies are still very much in the cleanup and we’re still seeing that in even the incidents that we’ve been working through this year. So patch management is its own conversation that’s long running. That’s always been an issue, but allowing your users to have admin rights, for example, to their laptops. And so they’re downloading all kinds of freeware remote services, things like that, that are then being leveraged by malicious actors. And so giving ’em free passes and just easier ways into your systems. So we’re still seeing some of your more basic concepts that were loose during that time. Then of course users are going to complain. No users want to no longer have access to all the fun stuff on their laptops, and so it’s going to be a long running battle for IT teams. I think top-down support’s going to be needed, right? Corporate policies, acceptable use conversations are going to need to be had more and more in the coming years. But I think ideally the more you get into the need for cyber insurance, the need for policies like that to be enforced, I think it’ll be a little bit easier, but users aren’t going to like it.

Scott Kinka:

Where does VDI or DASS fit into that conversation on the endpoint?

Melanie Thomas:

So for companies who have the ability to maintain that, it’s a lot more streamlined. So if you have the ability to stand up and maintain those kinds of infrastructures, so if you do it through Horizon for example, or your Citrix a little bit easier, so you can have an endpoint solution monitor the physical laptop itself or your workstation itself and then a separate one to monitor the VDI and the work it’s doing inside of that.

Scott Kinka:

Gotcha, gotcha. That’s a whole conversation. We could probably spend a half hour there. I always felt like it was sort of the biggest technology that had promise and never had the impending event that poked it all the way through. I guess to your point, I guess we’re so in love with our admin level control and our local machines that it’s hard. No, but I get it. And I imagine so many BYOD policies are just better. I can’t get you a machine. Sure. Log in on your kids’ school laptop. So to get to the craziness we created for ourselves during COVID, it’s interesting to hear in your mind that we’re still largely still unraveling at the end of the day. Have businesses that you’re talking to, onboarding them, have they figured out hybrid work, what their strategy is yet? Or is it still like we’re just going to support every single thing out there, everybody at home, everybody in the office, all the above because we’re not willing to throw a stake in the ground? Or are they at least at a point now where they said, this is the policy that we have

Melanie Thomas:

More and more I’m seeing. So initially, absolutely. It was like just letting the people do whatever they want because we just need work to happen. More recently, I’d probably say within the last year, we’re seeing more customers asking for application control, which is absolutely yes, please, please look into application control. That is absolutely the conversation that you should be having and whatever tooling you can do, that’s the most appropriate to do that. Whether you do it through your firewall, you do it through application firewalls, whatever you can do that with, but make sure that if you’re doing it, it’s maintainable, you’re doing it with a tool that’s purpose built for that. Otherwise it’s going to be a little bit of a nightmare. But controlling that absolutely, I think is worth the effort because then you don’t have the freeware, the junk that’s getting put on there and you can start having a little bit more of a wall there.

 

AI in Security: A Double-Edged Sword that Demands Vigilance

Scott Kinka:

Gotcha. You mentioned the word purpose-built, which you didn’t even know the question I was going to go to next, but it was so thank you. I mean, security is probably as fragmented an industry as you can get, right? I mean, and there’s 20 odd different tools that you have to have in an overall policy. Everyone’s completely fragmented, and I look at it like many businesses, you could go buy an MDR and I could have inserted any technology acronym in there, but in a lot of ways kind of useless when it’s not sort of embedded in a policy from front to back with consistent logging and monitoring and exception management and all the things that go around it. With that in mind, why is security so hard for IT people at the end of the day in your mind? And the B part to that then is why then did they lean on the SOC services and the security management services of at AT&T?

Melanie Thomas:

Ah, that’s a great question. They’re very much tied, right? They’re very much connected. So I think part of the struggle with, because this industry is fragmented, I think because there are thousands of vendors out there that sell very niche pieces of security that you can only do it if you buy this very small module of this very large piece. That’s the only part you actually need and all these integrations and things because it does make it very complicated. So understanding your enterprise, your policies, your needs, all of that is part of that front conversation. But part of it that also gets hard is you do have user acceptance. What’s realistic, what can fit inside of our existing structures? Because if you don’t have the cloud presence, then you can’t even have those tools. And so that kind of cuts out a lot of that whole piece where it could be five years before you can adopt something like that as you migrate into let’s say the cloud, and by that time the tooling’s going to be completely different.

Melanie Thomas:

It changes so often, but layering as part of that migration is absolutely, I think crucial. So purpose, buying for this purpose, if you know you need a DLP, buy a DLP and provision it, don’t let it become and then work that into how you need to integrate it. So with that, you can’t protect what you can’t see. So if you at a minimum need logging, great, get something into logging so someone can see it and alarm off of it and start with that baseline and then add into your layers from there. Don’t buy one thing thinking it’s going to do 100 things and then be disappointed. So I think some people get into the bucket there where it’s like, oh, well I bought this thinking it was the end all be all. No one’s an end all be all right. And that’s why you need layers and that’s why you have purpose-built systems to do exactly what they do very well. So that hides very much in the management.

Scott Kinka:

Yeah, totally. Or said a different way. And I’m asking to say if this is a fair statement, security tools need to be integrated with something else to be effective. Fair statement?

Melanie Thomas:

As much as possible. Yeah, as much as possible. So you need at a minimum, the alarms from all these systems fed into one place that you’re watching. You can’t watch 10 different things 24/7, but you can watch one window 24/7 and then log into each of those things as you need to pay attention to them if that’s your situation.

Scott Kinka:

And AT&T will provide both the point solutions under your paper. You can go buy the various things as well as the correlation of the logging as well as the EyesOn glass to pay attention to it and manage it and react to it.

Melanie Thomas:

Absolutely. Then you have teams like us that we also do the initial response. So we are working on, unfortunately working on a breach this morning for one of our customers that it’s been a very fun morning, but some of those same cases where it’s, we only had one piece of the puzzle, we needed all the other pieces, but with the piece we had, we could still alarm, we can still respond, and then we have an IR team. So our fast response team that could then our consulting team jump in, do the deep forensics, take it a step further, we have then we can refer to our MSS teams, so our other managed security teams, let’s talk about maybe manage Zscaler or let’s talk about manage SD-WAN, let’s talk about managing your Forti gates, your Palo Altos, and working with those teams as well, bringing those services in a more coordinated way inside of AT&T. So it helps us work within those teams as well.

Scott Kinka:

Interesting that you just said that you’re working on a breach, and you don’t need to say it specifically about this customer, although I’m going to ask it that way. You don’t have to tell me who it is. Okay. Zero day or self-inflicted?

Melanie Thomas:

Very unfortunately, self-inflicted known exploit vulnerability, very common. It’s been very common for, we’ve had more than 50 breaches this year alone that are two positive, two positive breaches for our customer base, which is a lot unfortunately, but it’s unpatched systems and it’s a known exploit. If there’s CVEs, there’s publications about it. Y’all patch your systems, please, please, when it’s known, exploited vulnerabilities, please, please patch them.

Scott Kinka:

I’m going to give you the bridge into the fun conversation. Okay, so here it is. So we’ve been talking quite a bit about AI on the last five or six episodes. We started with, I’m not sure if you were still there at that point, but we had a chat at the summit with sort of four industry experts and we split, we turned that into episodes, split it up into two episodes, and it seems like every episode since then we’ve landed in AI somewhere. So I have to ask it now. Is AI already becoming another complex thing that needs to be added to the overall security posture of the business, or are we not there yet?

Melanie Thomas:

It depends on how you think about it. So I think that’s like the famous security answer, right? It depends. So you can use it for good, that is exactly why, but everything you use for good can be used for bad. The same data you use can be used in a million different ways, but we can use AI for moving faster. We can use AI for learning faster. We can use AI for analyzing things faster on a good guy side. So help me find where I can have misconfigurations, things like that as we continue to train it in a good way. But we are seeing that very likely bad guys are using it faster, right? They’re writing more malicious code faster, they’re executing faster, they’re leveraging showdown with it faster. So there’s things that are just becoming more challenging. And so I think we’re going to see the industry, obviously it’s already starting to react to that. It’s usually when they start talking about quantum and how we need TLS 1.3, things like that where it’s going to get just, everything’s going to be faster in the years coming, but it’s that hope punk coming out. It’s not a doomsday situation. I think it’s just a matter of, it just continues to change the conversation. But if anything, it continues to establish the need for visibility and for vigilance, basically.

Scott Kinka:

Fair statement. So you will fall, given that optimism, you will fall into the robots will be our friends and not take over the world camp is that

Melanie Thomas:

I’m very nice to my Alexa, she and I are best friends. Yeah, I love it.

 

From Cybersecurity to Pop Culture Predictions

Scott Kinka:

Let’s launch into some fun before I let you go, this has been an amazing conversation. Three quick questions. Okay, first one, maybe not as fun, but I have to ask it anyway. What’s the end table reading for you right now? Are you in the middle of something that you want to tell everybody about?

Melanie Thomas:

I just got a new book, so I haven’t started reading it yet. It’s called a Visit from the Goon Squad. So I haven’t started reading it yet, oh wait, it’s right behind me.

Scott Kinka:

A visit from the Goon Squad.

Melanie Thomas:

It’s right behind me too, so I just got this one. So it’s a dark former punk rocker and record executive. So that’s also punk rock. So I think it’s supposed to be super fun. I’ve only heard very good things about it.

Scott Kinka:

Alright, that’s great. I’m into that.

Melanie Thomas:

Destruction and redemption.

Scott Kinka:

Love it. There’s that optimism coming out again. Alright, so this is not an optimistic question, but maybe you can give it an optimistic answer. So let’s assume however that it does go to the negative side and the robots take over the world, or there is some dystopian event and only one application works on your phone going forward. What is it?

Melanie Thomas:

Okay, only one application works on my phone.

Scott Kinka:

This is your end of the world as we know it app

Melanie Thomas:

Uber Eats, which is the worst response. No way it would happen. Hey listen, that’s the person that comes to my mind and that New York Times games, I play New York Times connections and the crossword puzzles. I think that’s more realistic than UberEats.

Scott Kinka:

We get all kinds of crazy answers.

Melanie Thomas:

Oh really?

Scott Kinka:

Just make sure the flashlight works if the world is over. I think that’s a pretty smart one.

Melanie Thomas:

That’s the smartest way. That’s good.

Scott Kinka:

Mine was like if I’m just going to be in my personal reflection space by myself, give me something to listen to. So I just need the music app to continue to operate. But you never know A lot of people, I want to be able to text my kids or directions. Those are pretty good answers too. But hey, you never know. It really does depend. There’s your security answer. It does depend on what kind of end of the world event we’re talking about. Alright, so I’m going to ask you to put your prognosticators hat on. Just give me a shameless prediction of any kind. It can be in tech, but it can be in sports, it can be in movies, it doesn’t matter. A shameless prediction of some kind for the next 18 to 24 months.

Melanie Thomas:

Shameless prediction, shameless prediction. Taylor Swift and Travis Kelsey are going to break up before January.

Scott Kinka:

Wow. Before the Super Bowl?

Melanie Thomas:

I think before the Super Bowl

Scott Kinka:

And have his heart broken before he plays the game?

Melanie Thomas:

I think so. I think that’s going to make the story a little bit more kind of juicy for the fans, right? I think it’s going to be a little bit more of like a, yeah.

Scott Kinka:

Alright, well everybody listening knows I’m a crazy big Philadelphia Eagles fan, but it’s hard not to like Travis Kelsey because of the brotherly connection there.

Melanie Thomas:

That’s true.

Scott Kinka:

So all good. And yeah, we were hoping it would make it to the summer because Jason is a neighbor at our Jersey Shore Beach house. He’s like a block away and Travis comes a couple weeks out of the year and Taylor actually used to play in the coffee shops on the Jersey shore before she got big. So we’re like, she’s definitely coming down to the beach. We’re going to have a Taylor sighting on the beach, but if they break up before the summer, then that’s definitely not going to happen.

Melanie Thomas:

Oh, I hope I’m wrong. I hope I’m very wrong.

Scott Kinka:

Usually you, your tradition will in the be 12 months later, maybe at the very least of one summer.

Melanie Thomas:

Yeah, by 2025.

Scott Kinka:

There you go. Alright, perfect. There you go. Oh, I love that. I love that. That’s fantastic. And this has been a really entertaining 34 minutes, almost 35 right on time. I really appreciated the time. If anybody wants to connect with you, how would they do that?

Melanie Thomas:

LinkedIn. I think LinkedIn is probably the best one. I don’t watch the other socials and those are personal ones anyway. So LinkedIn is the one.

Scott Kinka:

Well, I love it. Hit up Melanie Thomas on LinkedIn. Obviously, if you’re interested in learning more about AT&T’s cybersecurity services, Bridgepoint and the AT&T team, Melanie, the whole group, we do a lot of work together. We’re pushing a lot of security together and we’d be happy to work with you on your security needs. But needless to say, here she was, Melanie Thomas, Superstar, we’re thrilled to have you on the show and look forward to talking to you again soon.

Melanie Thomas:

Absolutely. Thank you so much. It’s been so fun. I appreciate it.

Scott Kinka:

Awesome.