Starship Enterprise. PHOTO: Cybercrime Magazine.

What Star Trek Can Teach Us About Cybersecurity

Back to the future with Ron Gula

David Braue

Melbourne, Australia – Oct. 9, 2022

It may sound like a stretch, but Ron Gula is convinced there is a lot that the ’60s TV show Star Trek can teach us about cybersecurity.

The series, and its multiple movie and TV spinoffs, is loaded with intelligent computer systems and hacks — five of which Gula has outlined in one of his regular blogs — but Gula’s favorite is the scene in Star Trek: The Wrath of Khan where the crew remotely access the hijacked starship Reliant and enter its combination code to lower its shields.

“That’s such a good example of trust, and system settings, and even basic password management,” Gula — the co-founder and former CEO of Tenable Security, who now manages a $100 million investment fund through his company Gula Tech Adventures (GTA) — told Cybercrime Magazine.

“There’s a lot we can learn from these episodes.”

Ditto security controls like voiceprint verification and multi-factor authentication codes, as well as the broader classics like WarGames, which popularized the idea of a hacker at a time when most people didn’t even know how to turn on a personal computer.

“It was the first movie where an industrial control system was hacked to the national security level and could have caused nuclear war,” said Gula, who recently watched the movie with his 13-year-old son. “Being able to show him the geopolitics of that time, but also just how much computers and cyber have evolved in 30 years, was really cool as well.”

They may seem marginally relevant to the cybersecurity challenges faced today, but such popularizations of security concepts have actually persisted in the collective imagination — and shaped the worldviews of the founders of many of the companies in which Gula Tech Adventures now invests.

“We always look for companies with influencer ideas that came out of government, the defense industry, the intelligence community,” Gula said, flagging the innovative work of Conceal CEO Gordon Lawson and his team — in which GTA recently invested — as an example of the way that new thinking about cybersecurity is advancing the state-of-the-art as a whole.

“There’s a whole new revolution in trying to control what you can do as an enterprise to protect the browsers as you’re browsing on the Internet,” Gula explained. “It’s one of the major forces of attacking, and it’s one of the reasons we’re really excited to be involved with Conceal. And we really felt comfortable with the team.”

That team has been working to refine Conceal’s technology, which buffers users from cybersecurity risks by allowing them to interact with virtual machines isolated from their own workstations.

This security buffer provides a form of air gap between the enterprise and the Internet, ensuring that malware can’t jump from the Web onto a client system and, from there, onto the corporate network.

“We know that users are probably going to do unwise things in the course of their work, just because there are so many opportunities,” explained Conceal’s Lawson. “A lot of that is browser-based — and we need to give them some preventative insurance policies so that when those events happen, it is not catastrophic to that enterprise or their network.”

Rebuilding the Internet’s border fence, one brick at a time

Innovative cybersecurity technologies are proving invaluable for many companies as they seek to reconstitute their security protections in new operational environments marked by remote working, hybrid cloud infrastructure, zero-trust security architectures, and other transformational changes.

And while companies “know at the board level that there needs to be strong investments, and they understand the priorities that they need to do to make sure their posture is strong, Lawson said, “the threat actors are evolving their vectors very quickly — and it’s something you simply can’t get complacent about.”

Despite continual innovation in cybersecurity attack techniques, Gula said, “I’m happy with the progress that the nation is making” in improving its overall cybersecurity defenses.

Those improvements are reflected in the appointment of a national cyber director and the active involvement of the Department of Homeland Security, for example — yet their missions have become complicated recently by the ongoing surge in nation-state attacks that are, Gula said, “causing a lot of havoc.”

Building and maintaining strong defenses against this havoc will mean not only implementing new tools, however, but expanding the ranks of the cybersecurity workforce — a task that has proven difficult and elusive given the sheer scope of the threat.

“We’re in a period right now where it’s important for the United States, and its Five Eyes and NATO allies, to continue to staff up and let young people in,” Lawson explained.

“We need to let them know that this is an amazing career path to not just get them theory, but to really get them hands-on training as well — and to really help create that next generation of red and blue teamers that can help us defend against these threats.”

Even as companies work to fill out the cybersecurity workforce, Gula added, promoting and ensuring protection at the individual level remains challenging and elusive — which is where assistive security technology remains so important.

“Most people don’t really understand their role in cybersecurity,” Gula explained, “which is why I like to talk about it in terms of data care. Make it a lot more personal, and not some sort of technology that’s somebody else’s problem.”

“Until we get that all out there, I think we’re going to be playing this catch-up game for the next decade or so.”

David Braue is an award-winning technology writer based in Melbourne, Australia.

Go here to read all of David’s Cybercrime Magazine articles.

About Conceal

Conceal provides a capability that protects people and critical assets against the most advanced threat actors in the world. We are fundamentally changing the approach to cybersecurity by creating a platform where security practitioners can see the latest threat vectors and implement enterprise-wide solutions that comprehensively protect their organization.

With our Conceal platform, we take those core capabilities and evolve them into a commercially available product that incorporates intelligence-grade, Zero Trust technology to protect global companies — of all sizes — from malware and ransomware.

Conceal is leading the fight to protect enterprises from cyber threats — if there is malware, we detect, defend and isolate it from users and the network.