For the last decade, I’ve been engaged in helping customers and vendors mitigate the risks of a cyberattack. If there is one thing I’ve learned, it’s that the adversary is dynamic, fast moving, ever changing and that their targets are usually unprepared.

How do you prepare for a threat and adversary so dynamic and innovative? What can we learn from the adversary? How can we intersect with where the adversary is headed? Most notably, how we can use the strategies that are employed by the adversary to change our posture from one of viewing the threat in the rear view mirror to a more balanced, proactive stance. This is the crux of Threat Forecasting.

I have spent the last 30 + years engaged with IT executives in various leadership roles in the computing, networking and information security industry. I had the benefit of cutting my teeth in the IT industry as a young manager during the early days of networking working at 3Com Corporation for, among others, Robert Metcalfe, one of the principal inventors of Ethernet. That experience served as a launching pad for my departure from 3Com. I engaged in leadership roles in an early stage database analytic company founded and lead by the likes of Brad Silverberg and Adam Bosworth. Brad was the Microsoft executive responsible for the Windows platform. Adam Bosworth is a recognized innovator with a career arc that includes his principle role as the creator of XMS while at Microsoft, a senior executive at Google as the VP of Product Management, and now the EVP at Salesforce.com responsible for the development of their next generation platform for IoT and Cloud.

During the first decade of my career, I matured professionally inside the tornado of the emergence of the personal computer. My time at 3Com introduced me to the power of the network and Metcalfe’s Law.

Metcalfe's law states that the value of a telecommunications network is proportional to the square of the number of connected users of the system (n²).

The fundamental premise of Metcalfe’s law is the value of the network grows geometrically as the number of users grows. The authors of Threat Forecasting apply this same principle to the value of intelligent threat exchange. The authors explore how your organization can benefit from intelligent analysis of real-time threat information. Just as Metcalfe’s law describes the benefit of the computer network, so too do the authors educate us about the benefit of leveraging external and internal sources of Indicators of Interest (IOI), Indicators of Attack (IOA) and Indicators of Compromise (IOC).

As I rode the wave of the emergence of the personal computer and networking, I was exposed to the inherent tension between the economic advantages of client-server, Web 1.0 and Web 2.0 architectures and the inherent challenges of maintaining security and control of the network and its sensitive data.

For the last decade, I have been deeply engaged in IT security. Having helped countless organizations implement next generation computing products and architectures. During this journey I have been continuously confronted with the inherent challenges associated with securing customer networks. That journey led me to a leadership role as the President of TippingPoint technologies, an early leader in network Intrusion Prevention Systems (IPS). TippingPoint was later acquired by 3Com, which was then acquired by Hewlett Packard Corporation. HP acquired ArcSight, the leading SIEM provider, and Fortify, the leading application security product at the time. While at HP I briefly led the product organization for the newly created Enterprise Security Products organization and ultimately was responsible for our global enterprise security product go-to-market.

My time at HP gave me a comprehensive view of what it means to provide defense-in-depth from the network, to the application, to the end system and data. After 18 months at HP I left to join Vormetric Data Security as its current President and CEO. As I write this forward, Vormetric is in the process of being acquired by Thales S.A., a leader in global defense and electronic systems. Their e-Security group is a leader in payment processing and general-purpose encryption hardware security modules (HSMs). The vast majority of payment transactions our touched by Thales systems each and every day. I will serve as the CEO of its global data security business unit, Thales e-Security.

I was drawn to Threat Forecasting based on my many years of experience of being engaged with the authors. I have had the pleasure of working directly with the authors at TippingPoint, HP and beyond. Their experience in working with the intelligence community as subject matter experts used to dissecting high-profile breaches and as designers and developers of products uniquely qualifies them to speak to the benefit of Threat Forecasting.

John Pirc, David DeSanto, Iain Davison and Will Gragido bring decades of combined experience with a unique mix of security product development, strategy, engineering, testing, incident response and much more. This combined expertise and the coaching they have received from industry leaders throughout their careers, has provided them with the insight and drive to push the security industry to the next level.

The authors are uniquely qualified to appreciate the impact of and challenges involved in protecting us against cyber-attacks and why this remains one of the greatest challenges of our increasingly connected world.

Alan Kessler, President and CEO, Vormetric Data Security