Dan Desko, Founder, CEO & Managing Partner at Echelon Risk + Cyber was interviewed by Adam Torres of Mission Matters Innovation Podcast.
Apply to be a guest on our podcast here
For Dan Desko, cybersecurity is personal. He believes data security and privacy are basic human rights; that’s why he built Echelon Risk + Cyber.
“I grew up in Pittsburgh, a blue-collar town, and my family was a blue-collar one,” Dan Desko says. “From an early age, I was doing things like shoveling snow in the wintertime for everybody on the block, or in the summertime visiting my grandfather in New York, picking up pop cans on the side of the road to turn in for five cents.” As he grew older, odd jobs sustained him up to and through his MBA program, during which he launched a successful T-shirt company. In other words, he’s had an entrepreneurial spark since childhood. Today, he’s the CEO and managing partner of Echelon Risk + Cyber, protecting as many business owners and their teams as he can.
Watch Full Interview:
What’s going on in the cybersecurity industry today?
“The landscape in cyber has really shifted for a couple of reasons,” Desko says. “One is the technology that we use every day, either as consumers or businesses, evolves rapidly. I think it’s hard for businesses and for consumers to keep up with it all, let alone… stay on top of how we secure all these new things like cloud and containers and microservices, and so on.”
“In the past, financial institutions, healthcare companies, and a few other industries were the ones that cared about cyber, because they had the data that hackers wanted to steal, right?” he continues. “Now, the whole game has changed. Those hackers are still out there, (and) they still want to steal that data, but all of a sudden the entire threat landscape changes with something like ransomware, and all of a sudden, everybody else now has to worry about cybersecurity too.”
What’s the story behind Echelon?
The Echelon formation is a centuries-old type of military formation in which units are arranged in a diagonal fashion, Desko explains. Echelon’s logo, he says, mimics the formation and reinforces the meaning of what the organization is trying to do.
“I really wanted that opportunity to build something with a purpose from the ground up,” he says. “The landscape of [cyber] service providers talks a lot about what they do, but no one really talks about why they do it. We felt like if we focused on that mission, we’d be very successful at recruiting the right types of people that we want in our organization. If we recruit those right types of individuals within our organization, those are going to be exactly the types of people that our clients want to work with. That has been exciting and invigorating for me, and as I knew that model was going to be very successful, it worked.”
What should businesses do with regard to cybersecurity?
Many times, smaller or medium-sized businesses don’t have internal teams and cyber strategies in place to protect them, which makes them targets for opportunistic attacks. “Hackers often send mass attacks to see who falls for it and then dig into what might be a juicy target,” Desko says. “So with that, I would say, start to focus on the basics that make you less of an opportunistic attack. Check your passwords and ensure they’re not the same passwords you used in MySpace, back in 2008. As MySpace was hacked, if you use that same password today for your company, there’s this thing called password reuse, where hackers have that database of billions of previously exposed passwords. They have tools that are automatically trying those passwords all over the place. So don’t reuse your passwords. Start with your personal life, keep everything in check and secure, and follow the same in your work life as well.”
For larger companies and those involved in critical services, like financial, higher education or healthcare institutions, he explains, a brand’s digital footprint can carry additional risk. To manage cybersecurity successfully at a larger scale, businesses need people who think of it as a strategic enabler for the business; something deserving of a voice within the organization. Cybersecurity needs to be thought of in business strategy and business operations, which requires constant care, organization, and feeding.
How does Echelon Cyber help?
“We take the time to understand our client’s needs,” Desko says. “Every company’s internal capability levels of IT teams and cyber teams are different, so there are no cookie-cutter offerings that can solve problems. Echelon offers four pillars: vCISO and cyber strategy, audits, assessments and compliance, offensive security, and defensive security.”
“In the audit, assessment, and compliance side of the house,” he continues, “We help our clients make sense of all the different regulatory frameworks that they’re in, such as unique industry requirements or unique governmental requirements that they have to deal with. We help give them an idea of where they stand against those compliance regulations, those frameworks.”
“On the defensive security side of the house, that’s where we help companies put their layers of controls in place, like a defense in depth model. There should be multiple layers in place, multiple failsafes and controls. Last but not least, is the overall cybersecurity strategy area. Here, we offer long-term support to clients. We help them turn cybersecurity from a business checklist item to a strategic enabler for their business.”
The Road Ahead for Echelon
Desko says Echelon is adding more people to an already-talented team, and looking ahead to an explosive growth period while making sure to continue satisfying the needs of all current clients.
“We’re going to continue to look for people in our cyber communities who might be a little bored with their day job, (who) might not be getting the chance to grow professionally.” he offers. “We want to be that space for professionals in the marketplace, where they look at Echelon as an organization that makes a difference within our communities and (for) our clients.”
To learn more about Echelon Risk +Cyber, visit Echeloncyber.com or follow Dan Desko on LinkedIn to keep up with cybersecurity industry updates.