Who knew you could connect Moses to threat intelligence?
When the security community usually thinks about the origins of cybersecurity and threat intelligence, the conversation may quickly center around the codebreakers in World War II or the Creeper software developed in the 1970s.
Martin Lee likes to go all the way back to Biblical times and Moses.
“The Book of Numbers is the first account of threat intelligence,” Lee, Talos’ Strategic Communications EMEAR lead, said in a recent interview.
The Book of Numbers, one of the books of the Old Testament, tells the story of Moses sending scouts out to spy for potential dangers that await the group he’s leading. In this story, Moses is trying to collect as much information as possible to learn about what threats, and opportunities, his group will face along their travels.
Lee also likes to reference Julius Caesar, who wrote his personal correspondence in cipher. Even the most powerful man on Earth feared the interception of his messages by enemies. It's remarkable how little has changed in 2,000 years, he says. These are the types of stories and examples Lee likes to bring into his customer engagements in his role at Talos. As a strategic communications lead, he spends much of his time talking about Talos and the work our researchers do for Cisco customers, government agencies and other high-profile organizations. Often, this information must be distilled down in a way that makes sense for everyone from the security frontlines up to the C-Suite.
That’s why he likes leaning on the history of threat intelligence when talking about the current state of cybersecurity. He also writes about the lessons from thousands of years ago in a textbook he’s currently working on covering the history of threat intelligence through to current intelligence-gathering methods used in cyber security.
Lee is no stranger to writing, he often writes blog posts for Talos, too, like his recent overview of quantum computing and what it could mean for the future of cybersecurity. He can even dip into the recent past to influence his security opinions, having worked in security since 2003.
Prior to that, though, he was planning to spend his career in biomedicine research. Lee went to college to become a human viral geneticist, studying for a doctorate program in Paris, France and accepting a post-doctoral position at the University of Oxford in England. But before he could progress in that role, he decided to pivot to computer science.
“I discovered the early internet, and I thought, ‘This is going to be the biggest invention of my life, and either I’ll jump now, or I’ll regret it for the rest of my life,’” he said.
At first in the mid-1990s, he started writing websites as part of the dot com boom, eventually taking a job writing spam filters. It wasn’t too big of a change, Lee said, because when defending against spam, it’s all about looking for patterns, which is something he was familiar with studying genetics in college.
“To me, having a background in life science and biomedicine, cybersecurity to me looks like a public health problem,” he said. “Inside of security, we’re a lot like how medicine was in the 19th century. There’s a willingness to improve outcomes, but we’ve yet to find out how to cure the disease. There’s no lack of tools or large-scale data, but we need to better understand exactly what the problem is and how to fix it.”
While working on detection content, Lee noticed there was a disconnect between the malware research team and the sales team at his company. While the sales team understood the importance of the burgeoning cybersecurity industry at the time, there was little awareness of the work of the detection writers and why their work was important to the company’s clients.
“I started getting involved with briefing the sales team and explaining why our product was different and why it was better,” he said, the exact skillset he brings into each of his executive briefings.
Lee joined Cisco in 2013, eventually making his way to Talos. He mainly works remotely from his home in the U.K., but he enjoys traveling to conferences and talking in person and looks forward to restarting a regular travel schedule. With Talos, he can keep his schedule flexible, which allows him to travel to other countries and events.
It also gives him the flexibility to embrace some of his other loves: running and photography. Unlike the many hours Lee spends with computers every day, he prefers combining modern digital photography with hand-making prints using a traditional Victorian chemical process — he has a darkroom set up in his home to create his own photographic paper and has even showcased his work at various art shows.
Lee started taking running seriously about seven years ago when a former colleague invited him to a running club. He had always enjoyed running and jogging for exercise, but he soon started taking it in a more serious way, training for marathons and other long distances.
His biggest test came earlier this year when he ran the Chester Ultra 50, an extreme race in Northwestern England that can take even the most seasoned runners more than 10 hours to finish. Unfortunately, Lee had to drop out after 36.5 miles (that’s almost a marathon-and-a-half for those of you keeping score at home). He chronicled the journey over on his personal YouTube page, which you can watch below.
“I ran up until, basically, my legs fell off. I discovered how far I could run, which is great. I don’t view it as a failure whatsoever,” he said. “I dared, I tried. And I found my limits. Next time I’m going to train harder, and I’m going to run further.”
This is a mindset he and his Talos colleagues must bring to cybersecurity every day. There could be times when you fall short of your goal, or you go until you simply can’t anymore. But the importance is to have resiliency, to continue to learn and improve from every experience.
“There’s a gulf of understanding between the people who are full-on in the issues and the people who need to understand what the problem and solutions are,” he said. “A lot of my career has been trying to bridge that gap.”
If you’d like to hear from Martin or anyone else on our strategic communications team, please reach out to your Cisco sales representative and request an executive briefing. Or look for Martin on any future episodes of the EMEAR Talos Threat Update with Hazel Burton.