Meet the CyOC: Anthony Grenga
Cybersecurity is largely a technical field with battles every day being waged on a field of networks and algorithms. But humans are the real heroes here at IronNet. We wanted to shine the spotlight on one group in particular: the expert analysts and hunters in our Cyber Operations Center (CyOC). These are the men and women who work on the front lines investigating cyber anomalies, advising IronNet customers every day, and driving many of the innovations behind IronNet’s technologies.
Meet Anthony Grenga, Director of IronNet’s Cyber Operations Center:
When did you realize you wanted to work in cybersecurity? What motivated you?
When I was in high school and basically glued to a computer playing video games, my guidance counselor informed me that adults can be paid to play on computers. So I majored in computer science and was quickly exposed to the security aspect. I loved the struggle between attacker and defender.
What’s your biggest challenge?
As a defender, I would say proving value. Especially in the realm of cybersecurity, it is very difficult to justify increased budget, better tooling, and bringing on more people when the worst has yet to happen. During my time on the offensive side, it was very binary: either you accomplished your mission or you didn’t. On the defense side, by contrast, every day is another test, and trying to quantify the value of a positive detection or lack of detection to decision makers is challenging at times. Unfortunately, sometimes it takes a successful cyber attack before the value of a defender is realized, and at that point it's too late. We are trying to fill that value gap so no one has to learn the lesson and value of defense investments the hard way.
What’s your background and education?
I have a Bachelor of Science from the University of Mount Union in computer science, and I attended the Air Force Institute of Technology on a civilian scholarship, earning my Masters in Cyber Operations. I spent a few years as a research assistant at the Air Force Institute of Technology before I joined the National Security Agency (NSA). I spent four years at the NSA in the offensive cyber security field before joining IronNet in 2017.
Which skills help you most in your current role?
In this field, I would have to say communications and adaptability. Communication has been key when interacting with a diverse group of technical analysts with unique backgrounds, personalities, and skills. Especially in network traffic analysis where it is not as black and white as triaging endpoint alerting. A network anomaly that is interesting to one person may be irrelevant to another at first glance. This is why it is important to accurately convey why you came to that conclusion and, if need be, defend your interpretation in a persuasive, constructive way — while also being willing to hear other interpretations. In cybersecurity and in technology, in general, if you don’t adapt as innovation arrives you quickly become irrelevant.
What is the composition of the CyOC team?
I would say we are more of a CyOC family. Our family has a pretty diverse background. We have combined experience as prior military, prior government, and prior contractors. We also have cyber experts straight out of college at the cutting edge. Beyond work experiences, we have team members who are at different stages of life, different personal backgrounds, and lots of different beliefs. All of that locked up in a single room trying to solve the same problem, and, yes, we have our disagreements just like any family, but more often than not it is those differences that are used to help each other out when giving advice, providing support, or maybe just listening.
What’s your job like? Is there a typical day or is each day different? Can you give us a basic idea of what you do and the kind of projects you work on?
I wouldn’t say there’s a typical day because the world of cyber is always evolving. But, I have a responsibility for some main
things that can look different every minute of the day. As an advanced user and service provider for our network behavior analysis product, I work with detection and prioritization to improve the product and act as a technical liaison with our customer success team. At the end of the day, I am helping to coordinate the protection of our company and our brand. One project that I started that I really enjoy is a weekly read-out of cybersecurity news. I call it MCCN, Morning Coffee and Commute News. My colleagues and I provide commentary on the news, and we have a lot of fun with it too. We have about 100 people from the company who tune in every week.
What do you enjoy doing in your spare time?
I like to snowboard, wakeboard, read, and spend time with my family. I love to play video games and am especially interested in the future of cloud-based video games.