Few security firms have hit the headlines as regularly as FireEye over the past year.
Having uncovered close to all of 2014's zero day vulnerabilities, FireEye kicked off 2015 by uncovering a number of suspected state-sponsored attacks targeting government departments and businesses involved in critical infrastructure.
However, the firm's successes have been a two-edged sword and drawn the ire of many of the world's most dangerous hackers.
Working as FireEye's global chief information officer (CIO), this has not been lost on Julie Cullivan.
Since taking the reins, Cullivan has been responsible for protecting the firm from revenge attacks while simultaneously developing the firm's IT infrastructure to deal with unprecedented growth that has seen its staff head count leap from 400 to around 2,500.
Eager to see how Cullivan has navigated this difficult path, V3 caught up with the FireEye CIO to discuss her current and future plans.
The hunter becomes the hunted
The dangers of hunting and reporting on hackers is well documented. Hacktivist groups, such as the Syrian Electronic Army, constantly target news outlets, businesses and individuals they feel have wronged them or a group they support.
This was shown by the wave of denial-of-services attacks hitting businesses and governments and the high-profile website defacements that have afflicted news outlets over the past year.
However, for Cullivan these incidents are white noise and a constant issue facing FireEye, which has put itself in the crosshairs of some of the most advanced hackers in the world since it started attempting to attribute targeted attacks to specific groups and governments.
"We are a target and certainly we've seen that spike more since we joined forces with Mandiant. Before, we were focused on what was going on. Now we're focused a lot more on who's behind it. This has raised the company's visibility," she explained to V3.
"There are people who want to hack us just so they can say ‘look what we can do', but we're also very conscious that because of what we do, there are some very serious actors looking at us, nation states and so on.
"We have seen times where after big announcements from FireEye, the activity level increases quite a bit. Even being mentioned on something like [US current affairs programme] 60 Minutes can have an impact and see millions of people connecting to our website."
Cullivan highlighted the 2014 Sony breach as proof of the danger facing security companies taking on state-sponsored threats.
"I think Sony was an example [of this], where an enterprise company is suddenly being targeted by a well-funded nation state. It was unique and interesting that our government [the US] chose to speak out on it too," she said.
"I thought of it as a horrible cyber attack, but really it went to some very serious key political principles. We didn't want people [hackers] seeing it and thinking they could do the same thing - targeting somebody because they said something they didn't like."
The breach occurred in December 2014 when #GOP hackers leaked vast amounts of Sony data, including partners' personal information and the terms of its deal with Netflix.
Though FireEye never confirmed it, reports suggest Mandiant was brought in to investigate the breach.
Cullivan said FireEye employs an adaptive threat defence strategy that dynamically scales depending on the firm's needs.
"We needed to be worried about creating specific reports about groups' and countries' activities they may not want out. This meant our security posture had to be robust and we needed an adaptive defence model," she said.
"We are lucky because we're tightly aligned with our intelligence teams so we work proactively so when there is going to be a report, news of a zero-day, anything big that's going to come out, we have several planning sessions.
"We make sure we have a plan so, should something bad happen, we have remediation controls in place and know what to do."
Scalable adaptive security models – a growing trend within the security community – are designed to let firms access threat data and analytical tools when they need them without paying ongoing contracts.
FireEye entered the market in 2014 when it unveiled its Advanced Threat Intelligence and Security as a Service solutions.
Scalability and the cloud
Cullivan said the move to adaptive security is part of a wider shift within FireEye to embrace mobility.
"We deal with all the same issues, cloud, mobile and have to make the same trade-off decisions any company does," she explained to V3.
"You know we need the productivity and mobility but also need to make sure we're doing the best we can to secure the infrastructure and have the right policies and controls in place."
She said cloud computing is a key part of this strategy.
"We use the cloud for things that I would consider not our core competency. It allows us to move more quickly, especially on traditional things like the sales side, on the marketing side, on the HR side.
"There are solutions out there that work and helped us scale to a 2,500-person company from 400. We wouldn't have been able to keep up with that growth if we'd tried to build some custom on-premise model, it had to be a hybrid, so we use Salesforce and Workday."
The human OS conundrum
Despite the benefits of the cloud, Cullivan said FireEye, like many firms, has struggled to find skilled individuals to recruit.
"The talent shortage is unbelievable and it's not just with security, it's also with infrastructure and network," she said.
"It's a shortage affecting the commercial arena and government, which makes it difficult for anyone to build out a complete programme."
She added the lack of skills is indicative of a general lack of security among the general public and most workforces.
"There's this human OS element you can't completely protect from. Having tech, like FireEye's, to detect and partition and block it is important but there's also the awareness issue," she said.
"I think when you look at some of the common entry points, spear phishing is still a real big problem.
"You'd think after this time more people would be aware, but everyone's busy and I think some people still click things without thinking."
Phishing is an ongoing problem affecting businesses of all sizes and has been used in several recently discovered advanced threat campaigns, including the recently uncovered CozyDuke attacks on the US White House.
The FireEye CIO said the firm has launched a wealth of initiatives to help deal with non-technical workers' lack of security awareness.
"At FireEye it's interesting we have such a vast skillset. We've got a set of employees who are so security aware, our consultants and engineers and so on," she said.
"But, then you have every other function in the organisation, who don't necessarily think every day about how what they're doing could affect FireEye.
"That's why it's important to look at all the possible entry points into the organisation and plug those awareness gaps as you find them."
Conquering the skills gap
Looking to the future, Cullivan said FireEye is investing heavily to try to overcome the cyber skills gap and increase the number of women entering engineering and technical roles.
"The security world is still male dominated, but at FireEye there are things we can do to get women into engineering.
"We've created a women in technology and security group at FireEye and we're committed to meeting monthly and offering mentorship for women who want to move around within the organisation.
"We also spend time at universities and some younger education institutions doing events, as the feeling is if you don't catch girls when they're relatively young it's hard to get them interested in the opportunities [in technology]."
She said the common misconception that you need a technical degree to enter the security industry is a big barrier.
"A lot of times people assume you need to have a very technical background to be able to jump into security roles. But really it's about having an analytical mind, being able to correlate information and spot patterns," she said.
Yeah, sorry about all that, simpers Zuckerberg
Vivaldi promotes DuckDuckGo search engine over Google over privacy concerns
Scientists say that strontium titanate could transform electronics
The wheels of justice grind surprisingly slowly