Tell us about your background, Ariel?
I am a retired colonel from the Israel Defense Forces (IDF), where I served over 20 years in the 8200 Cyber Unit. I built a new unit within the IDF for special cyber operations, leading innovative technological efforts for the benefit of the State of Israel’s security, combatting cyber threats and terrorism around the world.
Tell us about your current role at Mitiga?
As the Chief Operating Officer at Mitiga, I’m responsible for delivering our cybersecurity Incident Response and Readiness (IR²) solution to our customers. This covers the whole lifecycle of our customers and – if (and when) a breach happens – responding to customers’ incidents from investigation to full recovery.
I also lead our Cyber Research program, which constantly generates new cloud attack scenarios, analyses them, and develops investigation modules to automate future response. This, and our work during active incidents, becomes part of our Incident Readiness and Response platform.
My co-founders and I believe that finding and retaining the right people and nurturing Mitiga’s unique culture are fundamental to building an impactful company. I lead this effort with the help of our talented HR team.
Finally, as a co-founder and board member, I am part of the team that defines and steers Mitiga’s strategy.
What has been your highlight in your current role?
Acting as an incident commander is an intense and rewarding role. Being there for customers during a crisis, helping them understand what happened and what their options are, guiding them to make the right decisions based on our investigation, and helping them recover quickly is really a highlight.
What is your point of difference as a business?
Mitiga combines decades of cloud security expertise and experience with a cloud-native platform that delivers the incident and breach readiness and response required for a quick return to business as normal. Our approach also increases resilience to future attacks by prioritising readiness rather than prevention and by collecting, structuring, storing and analysing critical forensic data from dozens of cloud sources. This helps us automate a comprehensive compromise assessment process we call Forensics as Code. It enables us to use a single incident to inform future investigations, checking each subscriber’s data dynamically to continuously investigate similar potential breaches. Another point of differentiation is that, because of our focus on readiness, IR² subscribers receive incident response at no additional cost.
What technology are you most looking forward to using more of?
We are always looking at innovative technologies and thinking about how to use them, vetting them carefully in our engineering team. We have a unique approach for automation in IR, and we use Jupyter notebooks with Spark engines for Big Data and machine learning. Spark supports batch and real-time processing, interactive querying, analytics to machine learning, and graph processing. Spark uses in-memory query execution to provide a fast and efficient big data processing solution. We use it all over the three main cloud vendors (AWS, GCP, and Azure).
We are also developing a unique internal Python package to support our Forensic as Code process. The Python package includes the logic of the Incident Response and is developed on top of Spark.
Another unique technology we have is the way we prepare and save the collected data of customers to allow future fast retrieval at low cost.
What is your leadership style?
I believe in focusing on communications – up, to the sides, and down. Strong communication is based on two principles:
- Being authentic: be genuine, frank, respectful but direct. Respect other people’s time – speak your mind.
- Listening: there is a huge difference between hearing and listening. Hearing is done through the ears while listening is through the mind and heart. I always strive to really understand the feelings, opinions, and perspectives of the other person.
Plans for the future?
We are a startup, so we have many plans. I’m excited about our growing team and increasing our automation capabilities to enable continuous, proactive breach investigation. We’re also building a new readiness dashboard for customers to easily understand where they stand and how they can improve.
- Leadership development remains critical to successLeadership & Strategy
- Businesses 'running blind' in the fight against cyber crimeDigital Strategy
- Five Minutes With: Björn Dufwenberg, MD at Strat7 AdvisoryLeadership & Strategy
- Building bridges between management and productivityLeadership & Strategy