Tuesday, July 5, 2022

Researcher Spotlight: Around the security world and back again with Nick Biasini

By Jon Munshaw. 

Nick Biasini’s seen it all.  

Going on a nearly 20-year security career, he’s been a part of some of Cisco Talos’ largest undertakings in the company’s history. From an attack on the global Olympic Games, to a wireless router malware that affected hundreds of thousands of devices and some of the largest supply chain attacks in history, Nick’s been front and center talking to media outlets, users and customers during these major incidents. 

Biasini is Talos’ Head of Outreach, the public-facing team you’ll often see making TV appearances or talking to news sites about any cybersecurity topic you can think of. His team is also responsible for many of the research-heavy posts thousands of readers see on the Talos blog every year. 

Although the major incidents that Biasini has been a part of have led to many sleepless nights, long workdays and hours of time talking to everyone from newsrooms to the C-level of Fortune 500 companies, he says Talos’ overall mission reminds him why it’s all worth it.

“I've worked for a bunch of organizations over the past 20 years — I've been in the industry, and I can say without a doubt, Talos is top to bottom, the most technical organization I've ever been part of,” he said in a recent interview. “Being able to implement and help publish a blog that is used by tens of thousands of people to help defend their networks and help build the coverage that gets pushed out is very, very cool to be a part of." 

During these major events, it’s Nick and the Outreach team’s job to coordinate Talos’ public messaging while simultaneously helping craft detection as fast as possible for Cisco Secure products and writing public-facing blog posts to inform users about the dangers that lie ahead. But what Biasini’s most proud of isn’t the speed of the work he does, it’s that Talos’ research is continually accurate and helpful to readers and users. 

Nick speaking at Cisco Live 2022 in June. 


“I have a huge sense of pride for all the work we do because I was there — I watched and know all the work that went into everything that we did and I stand by everything that we said,” he said. “And the fact that years later, we stand here and everything we’ve published holds up, all while moving at high speeds repeating it each time — it’s just a great testament to who we are." 

When Nick isn’t putting out cybersecurity fires, his team is also often having meetings with customers to inform them about Talos’ latest intelligence and speaking at high-profile conferences. Most recently, he provided a broad overview of the threat landscape alongside Talos Incident Response’s Pierre Cadieux at the RSA Conference last month. 

When he speaks, Biasini often must take complicated security topics and distill them down into digestible information for C-level executives, public consumers, and the average Cisco user. This is something that’s become increasingly important over the past few years as threats like business email compromise has grown and can strike any company at any time, specifically with attackers looking to target users who may not have a high level of cybersecurity knowledge. 

“[BEC] is tough to talk about because it’s not sexy, right?” he said. “There's no malware associated with it. It's purely based off social engineering and people making mistakes, but it is more sophisticated than people realize.” 

It’s that non-sexy side of security that he cut his security teeth in. Biasini started out with the nuts and bolts of threat detection and research and was actually first introduced to Snort in his first college class. 

The intrusion prevention system, which Talos and Cisco manage and Biasini’s team helps write detection for, was his first introduction to security while in college. He enrolled as an information systems major but eventually added on a minor in cybersecurity, and his first class was on network intrusion detection using Snort.  

“I got to learn about PCAPs and network detection...how to attack systems, and that was kind of the beginning,” he said. 

After graduating college (he’d eventually go back again for a master’s degree in digital forensics), Biasini ended up working for the Federal Aviation Administration defending the national airspace. He quickly took on a jack-of-all-trades role working on vulnerability detection and patching, intrusion detection and even worked with the Sourcefire platform that would eventually become part of Cisco Talos. 

While Biasini’s career started very technically focused, he now must take that same information and figure out how to tell security stories in a way that makes security novices invested in the topic, so they take it seriously within their organization. 

“We need to tell these stories about how something like BEC is taking advantage of users, but success stories of how companies and organizations eventually defeated it, because those are the stories that really resonate,” he said. “People don’t tell their stories largely because they don’t have to or aren’t asked to. To me, that’s one of the biggest things that needs to change.” 

Outside of Talos, Nick likes to roast his own coffee beans and oversee every minute step of the coffee brewing process. Prior to the COVID-19 pandemic, he was known for setting up his own pour-over coffee system in one of Cisco’s offices that was vastly different from the Keurigs most office buildings are used to. 

If you want to hear more from Nick, he regularly appears on the Talos Takes podcast as a guest talking about complicated security topics in just a few minutes. He’s also liable to pop up on any Talos livestream the next time the security community has a major meltdown. 

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.