Tony Anscombe is the Chief Security Evangelist for ESET.
With over 20 years of security industry experience, Anscombe is an established author, blogger and speaker on the current threat landscape, security technologies and products, data protection, privacy and trust and internet safety. His speaking portfolio includes industry conferences RSA, Black Hat, VB, CTIA, MEF, Gartner Risk and Security Summit and the Child Internet Safety Summit. He is regularly quoted in security, technology and business media, including BBC, the Guardian, the New York Times and USA Today, with broadcast appearances on Bloomberg, BBC, CTV, KRON and CBS.
Get to Know Tony Anscombe
How would you describe your experience as board member of the National Cybersecurity Alliance?
The National Cybersecurity Alliance is an organization driven by a unique gathering of individuals from member companies and a very talented team. This group is open to innovative and creative ways of delivering on the mission of the organization, to be safer and more secure online. The team is open to discuss any potential concept or idea with open and honest feedback, a refreshing attitude given the diversity of companies involved. As a cybersecurity professional, it’s both a privilege and an honor to be a very small part in a team that delivers exceptional results that are globally recognized.
How does ESET’s cybersecurity interests align with our mission to educate and empower our global digital society?
The National Cybersecurity Alliance and ESET share very similar objectives; to make the online digital space and technology safer and more secure for those participating in it. We, ESET, use the term ‘Enjoy Safer Technology’ and the National Cybersecurity Alliance website, ‘Stay Safe Online’ demonstrates just how aligned our mission is. As a cybersecurity vendor ESET recognizes that cybersecurity technology plays a significant role, equally important to the task of education and awareness.
What are your biggest concerns about the current threat landscape?
Legislators seem reluctant to address the underlying cause of cybercrime and are sometimes unwilling to take preventative measures rather than a reactive approach. Ransomware, for example, has transformed into a windfall monetization opportunity for cybercriminals and this could have been averted, at least in part, with clear legislation on cryptocurrencies, prohibiting or restricting payments and mandatory reporting, several years ago. Waiting until there is a crisis should not be the plan.
You played a huge role in our stalkerware campaign. What are some key takeaways from those resources that readers should know?
The mis-use of technology to track, monitor, and control another human being without their knowledge or consent is deplorable. Abuse of this type should be countered with the full force of the law. An important takeaway for me from the stalkerware campaign is that a victim should be cautious about removing stalkerware, whereas my first instinct would have been to remove it. The campaign added vital context about the real-world situation of the victim and that they need to seek expert help on both removing the application and on addressing the issue of the abuser to ensure no additional abuse happens due to the removal.
What do you look forward to every year leading up to Cybersecurity Awareness Month in October?
Cybersecurity is a hot topic that typically gets attention when there is an incident; a cyberattack or issue that causes disruption, outages, or data breaches. Cybersecurity Awareness Month has created a special time of the year when the cybersecurity industry gains a voice about the preventative measures companies, organizations, and consumers can take in order to improve their cyber hygiene to avoid possible incidents. In the run up to the month I participate in important discussions on delivering an engaging and positive message on staying safe online. It’s a positive education month globally. It does not require a disaster for someone to pay attention.
What are some highlights from your career in cybersecurity?
I have been fortunate enough to work for some interesting and innovative companies, ranging from startups to public companies. There are many standout moments, far too many to mention. When I look back I could mention opening bell ceremonies at the NYSE and NASDAQ or being an expert guest on the BBC News, but the biggest highlight has to be when an individual thanks you for the help and assistance that allowed them to avoid a cybersecurity incident.
What was your first job?
The first post-education position I held was with Chase Manhattan Bank, working in a small team of programmers creating applications written in dBase. This enabled the business to deliver financial products ahead of the competition and was a stop gap solution while other teams looked at the long-term requirement to create a host, mainframe, based solution. It was an exciting time as the personal computer was only just making its debut into organizations.
What do you like most about being a part of the cybersecurity community?
Regardless of competition, the cybersecurity industry is a community of people that, mostly, have the same goal of defeating cybercriminals. The sharing of information and knowledge, even between competitors, for the benefit of the entire ecosystem makes it unique and it’s a pleasure to serve my part in this ecosystem.