To help provide a flavor of the insights and experience that Tripwire makes available, we’re interviewing several Tripwire in-house experts. You’ll learn more about how they have been working with Belden industrial customers to help support their network security and optimize their uptime in today’s challenging environment.
In today’s interview, we feature Tripwire cybersecurity expert Zane Blomgren. Please feel free to ask Zane any additional questions or start a conversation by emailing him at email@example.com.
How long have you been with Tripwire and where were you before?
This fall will mark my fifteenth year with Tripwire. 15 years! A lot of people think of cybersecurity as a new industry, so it goes to show what a pioneer Tripwire is. I was actually the third consultant to be hired, and as a matter of fact, both #1 and #2 are also still with Tripwire a decade and a half later. With all the turnover in the tech industry, I think that that alone speaks volumes about the quality of this company.
I got a glimpse of that at my previous job, where I worked for a large high-speed data ISP (Internet Service Provider) company. We were a customer of Tripwire’s and I saw first-hand the power of their innovations. I was actually the guy there running them! My company did maybe 100 cool things with Tripwire but we could have done like 10,000. I saw the possibilities of the future, and it made me eager to take it further. Tripwire was leading-edge in security technologies like intrusion detection and file integrity monitoring then, and remains so to this day. As great as the Tripwire technology was though, I was even more impressed with their level of customer service. They were always lending support, and it was really unprecedented for a supplier. So when an opportunity came to join Tripwire, I jumped. And I’ve always been glad I did.
Has this experience been helpful in your current role?
Yes, absolutely. In all my previous roles at Tripwire and now in my current role as a pre-sales engineer, the experience of being on the other side of the table has been incredibly valuable. My job is to establish what a customer’s needs are and what solutions would be best for them. In addition to the technical knowledge, I can really understand a customer’s challenges and pressures and where they are coming from because I was in their shoes. When I sit down with a customer today we can get rolling very quickly. Our titles and roles here blur a little bit, so I also might be installing a solution and running it for proof of concept, and even provide some short-term tech support where needed. The same type of generous customer service I saw when I was a customer. We always do whatever we can when we can, that’s the culture.
“What’s most important is the ongoing relationship we have with the customer and their ultimate success.”
You were with Tripwire for many years before the acquisition by Belden. What things have changed?
As far as I’m concerned, the acquisition has been an absolute blessing all around. Belden is the undisputed industrial network technology leader, and I’ve already told you how I feel about Tripwire’s cybersecurity technology. For our customers, whether they were originally working with Belden or with Tripwire, the synergy is great, opening up new worlds of cybersecurity expertise to industrial companies that may have been kind of left out in the cold before. Now there is someone who speaks their language, who they can trust, and who bridges the gap between the factory floor and cybersecurity, which had previously long been thought of as an IT office function. It’s really unprecedented in the field, and it’s also opening up entirely new possibilities and synergies and accelerating technology innovation. For example, the opportunities for embedding proprietary Tripwire cybersecurity technology directly into Belden network switches is incredibly exciting and will be a real game changer. Stay tuned!
With your long-term experience in cybersecurity, what changes have you seen over the years?
A thousand things come to mind. But one thing that amazes me is that while the technology has gotten mind-bogglingly complex over the years, it has also, perhaps counter-intuitively, gotten much simpler in a way. While under the hood what’s going on is so amazingly sophisticated, the tools have all become much simpler and more intuitive to use. It used to be, even when capabilities were more limited, you would need highly trained people to work them; now that they can do so much more, really anyone can quickly learn to wield them to great advantage. It’s all drags and drops and clicks.
Another thing that comes to mind is that the demand for cybersecurity professionals in the OT space has risen dramatically, and there just is nowhere near enough skilled staff to meet demand. And that is causing a lot more than the obvious problems. Companies will tap IT people for OT roles, figuring that they’re both “T” so it’s ok. Often, that’s not the case, and IT people might not realize how vulnerable OT equipment can be to the kind of things that are fine in the office environment, and the manufacturing line can go down and it can cost millions in productivity.
Scanning is one such area – sensitive PLCs and other OT equipment just can’t stand up to many types of scanning the same way that office equipment can. Fortunately, there are many OT-appropriate scanning solutions, but if the “T” guy doesn’t know about it, he can inadvertently make things even less secure. And then companies get even more skittish about implementing the cybersecurity solutions they need, so it can be a real rabbit hole. Companies that have had bad experiences need to get over it, regroup, and figure out how to proceed the right way, with the right personnel or the right partners. The right expertise really is out there for everyone.
Webcast: Building on ICS Security Basics—What's Next?
So you've implemented a foundational cybersecurity program. What are your next steps?
Join Belden's Kristen Poulos and other industrial cybersecurity experts for this webcast November 12, presented by SANS. Learn more.
Zane Blomgren is a Senior Security Engineer at Tripwire. During his 14-year tenure at Tripwire, he has served a number of roles including Pre-sales Engineer and Post-sales Professional Services Consultant. With over 20 years’ cyber security experience, Zane has been called on to help build foundational security controls and assist after cyberattacks have started, at companies around the globe. Zane marries his passion for security and his interest in collaborating with and learning from a wide variety of customers to apply best practices in even the most challenging of situations to create more reliable, secure systems for organizations in sectors including Energy, Transportation, Manufacturing and many others.