Joining us for our very first series of interviews with leading cyber figures, Zulfikar Ramzan, Chief Technology Officer (CTO) of RSA, originally from Queens, NY – home of amazing pizza and even more amazing bagels – sat down for a Q&A with Cybertech.
Who is your cyber all-star?
My cyber all-star is Ron Rivest, also known as the R in RSA. Ron together with Adi Shamir and Ben Adleman helped co-invent the RSA algorithm and helped create RSA the company.
Today the whole world uses technology that he has developed or co-developed. And what makes him a true all-star is not just that he has a brilliant technical mind and is able to solve important complex technical problems; he was able to see the vision behind solving those problems and help make those problems and their solutions into a commercial reality.
The weakest password or the funniest wifi nickname you've ever heard?
The weakest password is probably the word ‘password’ - fortunately, most places now check for people typing in such nonsensical passwords.
The funniest wifi name I've ever heard, I came with a wifi name a while back, that was basically ‘Thiswifihotspothasavirusonit’. Amazingly enough it was a great way to detract people from trying to connect to my hotspot.
Where video games a part of your childhood?
Video games were absolutely a part of my childhood. I used to have an Atari 2600 - that was one of the first computing devices I ever owned.
What really turned me onto computer science was when I bought a Commodore VIC-20. At the time that we got the VIC 20 we didn't buy any peripherals, any games, any addons whatsoever and that really forced me how to write code.
I think that as a result that create a lifelong love of computer science and that love still sits with me today.
Best cybersecurity tool?
I am biased. I think the best cybersecurity tool is basically anything made by RSA. Having said that, there is a better answer, which is that there is no single one best tool. To have a successful cybersecurity program you may need to leverage multiple capabilities in concert.
More importantly, it's not just about tools alone, there is an expression that 'a fool with a tool is still a fool.'
I think to be successful in our field you have to have the right tools certainly, but you also need to have the right people who know how to use those tools and more importantly the right processes in place so those people can do their jobs effectively.
The worst virus you've ever had?
The first virus I ever had, I remember that moment, it was a virus called 'Stoned.' What it literally did was it put this message up on your computer that said 'Your computer is now stoned' and wouldn't let you do anything else.
I remember getting it many, many years ago and having to figure out manually how to remove the virus and get my computer back to a working state…
Tell us a joke.
Why was a security team unable to catch a threat actor?
It's because he ran-some-ware.
In your opinion, the most disruptive hack to date?
There have been so many pretty disruptive attacks over the years. A few that come to mind, there was the Morris worm, which took down a sizeable chunk of the internet at that time.
If you go down to somewhat more recent times, I think the mass worms, like Slammer and Sasser and Code Red and Nimda, really opened up an era in computer security and brought security issues to the forefront, making the whole world realize how important it was to get security right.
Much more recently, you have Stuxnet, obviously the first military grade cyber weapon that was known publicly and took down pretty important facilities, but also opened our eyes to how sophisticated malware can be, when it is done by a well-funded, well-resourced threat actor.
Of course, more recently you have all the attacks that emanated from EternalBlue, with WannaCry being a major example.
Biggest threat to healthcare security?
When I talk to our customers certainly the threat that is top-of-line for them is ransomware. We see many hospitals get hit by it, and it certainly does cause a tremendous number of problems and can literally lead to some life or death type situations.
In the long run, one thing I worry about certainly is medical device security. The fact that we have all these devices out there, many of them are going to be internet enabled and as a result if something were to go wrong the implications on those devices and what they can mean for people is pretty catastrophic and devastating.
More recently the amount of data being created has led to some fundamental privacy issues, and healthcare organizations are really going to struggle with how to balance the needs of patient privacy and individual privacy against how they manage to take care and protect this massive trove of data.
Rank these three from top to bottom: Desktop, tablet and mobile
- Laptop
- Mobile
- Tablet
The most important skill to work in cyber?
Understanding the business.
Name your superpower.
The ability to combat jetlag easily and survive on limited amounts of sleep.
