Russ Blattner of BOSS: 5 Things You Need To Know To Optimize Your Company’s Approach to Data Privacy and Cybersecurity

Cell Level Security — There is zero need to share 100% of any file with any one person for the sake of Analytics or AI. With the level of technology available today, leaders can get very granular with who has access to what.

As a part of our series about “5 Things You Need To Know To Optimize Your Company’s Approach to Data Privacy and Cybersecurity”, I had the pleasure of interviewing Russ Blattner.

Russ Blattner, Co-Founder and Chief Executive Officer at BOSS, has been helping organizations achieve their corporate goals through technology transformation his entire career — beginning with Networks, moving to Cloud and Big Data and now AI. He is currently leading a great team committed to helping organizations capitalize on their data using Enterprise AI. With his experience running large operations, driving sales, and innovative product development, he’s leading the company through a time of tremendous growth.

The level of talent at BOSS is incredible: Data Scientists, AI, Machine Learning, Dynamic Learning, Deep Neural Networks, Big Data, Data Wranglers, Super Computing, and the best Enterprise facing team one could hire.

Thank you so much for joining us in this interview series! Before we dig in, our readers would like to get to know you. Can you tell us a bit about how you grew up?

I grew up in a small town, worked odd jobs in my preteen years (shoveling snow, mowing and raking yards, paper route) and started working full time in the summer when I was twelve. At home and work everything I did was very hands-on, always tinkering and building something. That grew into a love for machines, followed by electronics and then computers. That all led me into the world of computers and IT Services — helping others achieve their goals with technology.

Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.

My approach and ideas on Security are rooted in Data Protection, from deploying and supporting the earliest networked servers. Early on that protection was via isolation, most often physical isolation, corporate analytics drove data consolidation demands which has also led to some of the largest data breaches. The future of data is clearly going to be in using data closest to the source, increasing speed and getting back to some amount of isolation.

Can you share the most interesting story that happened to you since you began this fascinating career?

December 10th, 2013 — the day I was introduced to Dr. David Bauer. What David presented that day was his vision of the future uses of data and how it was being leveraged in the U.S. government. His vision of using the new technologies, advancements in computing, combined with my background in the commercial space opened my eyes to the future. That future is now as we iterate in the world of data-enabled Computer Aided Living. With increasing intensity, our business discussions evolved, and by 2017 we were having deep discussions about the future of AI and how we could make a difference in the world.

None of us are able to achieve success without some help along the way. Is there a particular person to whom you are grateful who helped get you to where you are? Can you share a story about that?

That person is my wife. She has supported my career for over 30 years. She is always there for me and my family, allowing me to do what was needed to get the job done. She has not complained once — not from the 2:00AM calls that sent me into work, not from the long hours, and not from all the traveling. This gave me the freedom to focus on work and to take chances.

Are you working on any exciting new projects now? How do you think that will help people?

Federated Machine Learning will transform the wide-scale use of machine learning, forming new partnerships and transforming the early adopters to distance themselves from their competition. The work will also completely transform Healthcare in ways that can only mean better quality of life for everyone.

Federated Machine Learning along with edge computing, forming edge AI and the ability to do analytics anywhere will take on a whole new gold rush of technology architectures and deployments. This will all come with the added benefits of containing risk and reducing/controlling the carbon footprint of AI. GreenAI will become real as we work to counter the trend of larger and more complex models such as GPT-3.

What advice would you give to your colleagues to help them to thrive and not “burn out”?

Healthy work relationships are critical. You need to love what you do, but you also need to love who you do it with. Find those individuals and, if possible, an organization that supports your views, ideas, and input with a realistic level of business impact. Be prepared to do the work at the pace needed to stay relevant.

Ok super. Thank you for all that. Let’s now shift to the main focus of our interview. The Cybersecurity industry, as it is today, is such an exciting arena. What are the 3 things that most excite you about the Cybersecurity industry? Can you explain?

1. Using Data at the Edge will help in a couple ways. First, by not having all the data in a central location, that will significantly reduce the impact of a breach. Second, by enabling target vector patterns to become more visible, this will enable real-time decision making and earlier detection of security threats.
2. Sharing of Data between new partnerships with Blockchain enable AI/ML Marketplace. This will support the expansion of AI while limiting the exposure of the Data. This will be key to identifying threats from more advanced attacks.
3. With Federated Machine Learning, we can now use Data globally to better identify source, root and evolution of attack approaches. This will also predict and, therefore, identify and ultimately prevent data breaches.

Looking ahead to the near future, are there critical threats on the horizon that you think companies need to start preparing for?

As Data becomes more and more a core source of value to companies, and as part of the AI and ML Operations, there will be a need to identify Fake Data and prevent data being injected into the process to alter outcomes. This will require AI and ML technology to be pushed to the very edge.

Do you have a story from your experience about a cybersecurity breach that you helped fix or stop? What were the main takeaways from that story?

While I can’t share many details, one of the most complex situations I faced was a period of weeks when there was repeated attacks from foreign countries. Cyber threats are a team effort and while no data was breached, we realized we needed better training, and ongoing reminders, to our employees about cyber threats. Unfortunately, many breaches or entry points occur when new (and advanced) phishing or spoofing attacks occur. We all want to believe it’s “somebody else” that clicks those links and opens those attachments but even the most vigilant can be thrown on a busy day when they miss very small details.

What are the main cybersecurity tools that you use on a frequent basis? For the benefit of our readers can you briefly explain what they do?

Federated Machine Learning — Federated ML allows Data to be distributed across thousands or more locations without the data ever leaving the primary location. Only weights and measures of the local training operations are sent, which is then aggregated in the central system and that new enhanced model can be redeployed. By eliminating the need for large Data leaks, we can significantly reduce the impact of any attack.

How does someone who doesn’t have a large team deal with this? How would you articulate when a company can suffice with “over the counter”software, and when they need to move to a contract with a cybersecurity agency, or hire their own Chief Information Security Officer?

It’s becoming increasingly hard for businesses to have every skillset on a staff. The tools are evolving and teams such as the team here at BOSS can assist companies to deploy the best possible AI Infrastructure. I believe it is a blend of inhouse knowledge and outsourced expertise. The risk most organizations have is to understand when the internal resources are resistant of real external help and when the external experts are not as knowledgeable as you would hope. In general, if everyone was honest, open and transparent, the outcomes would be better visibility and a stronger all-around team.

As you know, breaches or hacks can occur even for those who are best prepared, and no one will be aware of it for a while. Are there 3 or 4 signs that a lay person can see or look for that might indicate that something might be “amiss”?

We are no longer in the days where Nigerian Princes try to lure us to send them money, but spoofing attacks are still a very popular way for the bad guys to breach a network. What’s even more scary is that there are very easy and publicly accessible ways to spoof an email. Unfortunately we had an employee buy thousands of dollars in gift cards in one organization because someone pretended to be the owner of the company who needed a “gift for some clients.” There are a lot of lessons learned there about financial controls, but it all starts with educating yourself.

If you suspect something is not right, you can look in the email header (for example in Gmail click the 3 dots to the right of the email) and click “Show Original.” From there you can look at the domain name and IP address in the “Received” field and the validation results in the “Received-SPF” field. This will tell you if an email originated from a different domain than the one you are expecting someone to email from.

The next two steps are less technical and more logical. Stop and ask yourself if you expected this email (for example, did you usually get emails from the CEO asking you to go buy things RIGHT NOW). Another step that we seem to forget is to call the person making the request and confirm they indeed sent the message. We live in a busy world and seem to avoid the phone these days, but if you have suspicions, make the call.

After a company is made aware of a data or security breach, what are the most important things they should do to protect themselves further, as well as protect their customers?

First, being very transparent of the events is the most critical step. Hopefully everyone works together to share the findings. Looking at the total breach and rethinking the layers of security and data protection are necessary. Data Isolation can and will significantly reduce the scale of any breach and should be considered as a mitigation layer for future architectures.

How have recent privacy measures like The California Consumer Privacy Act (CCPA), CPRA GDPR and other related laws affected your business? How do you think they might affect business in general?

Federated Machine Learning in combination with common encryption techniques and Data Level Security allow for high levels of Compliance, meeting ICD503 Compliance, which is a superset for CCPA, GDPR, and HIPAA to name a few.

What are the most common data security and cybersecurity mistakes you have seen companies make?

Most systems lack the ability to give granular level access to data resulting in way too much exposure or completely stalling advancements in the use of data to transform a company.

Since the COVID19 Pandemic began and companies have become more dispersed, have you seen an uptick in cybersecurity or privacy errors? Can you explain?

There has been new and evolving thinking around the Edge, and the ability to do analytics anywhere. More fluid infrastructure and data laws are forcing security to go deeper in depth into storage, access and use.

Ok, thank you. Here is the main question of our interview. What are the “5 Things Every Company Needs To Know To Tighten Up Its Approach to Data Privacy and Cybersecurity” and why? (Please share a story or example for each.)

1. FML — Federated Machine Learning will transform how companies operate, but companies need to change how they operate to really use AI and data for maximum impact.
2. Collaboration can happen without putting data at risk.
3. Cell Level Security — There is zero need to share 100% of any file with any one person for the sake of Analytics or AI. With the level of technology available today, leaders can get very granular with who has access to what.
4. Cultural Changes — The job of securing the company’s assets in the form of data is something every employee needs to understand their role, and impact of their actions or inactions.
5. Operational Changes — Organizations need to rethink, even reimagine every task, every process, everything that is done, breaking things down to the true requirements.

You are a person of enormous influence. If you could inspire a movement that would bring the most amount of good to the most amount of people, what would that be? You never know what your idea can trigger. :-) (Think, simple, fast, effective and something everyone can do!)

The use of AI and ML can fundamentally change healthcare globally. Everyone on the planet can get the same care as the person with the most advanced team of doctors with the use of proper Data sharing. This can all be done at a reduced cost, greater speed, and less suffering.

These same concepts can be used today to address the Great Resignation. With the tools we have available to us today we can do a much better job of aligning people to companies, jobs, positions, and environments that best match skills to tasks and demand.

How can our readers further follow your work online?

Follow us at ASKBOSS.AI or on social media at @ASKTHEDATABOSS.

This was very inspiring and informative. Thank you so much for the time you spent with this interview!