Renowned cybersecurity director joins OnDefend (Courtesy of the Jacksonville Business Journal) — A national cybersecurity specialist who has advised multinational corporations, federal governments, the Department of Defense, the National Security Agency and the Treasury Department is now a new team leader of a Jacksonville-based cybersecurity firm.
Cybersecurity veteran and globally-recognized cybersecurity engineer, strategist and leader Wayne Loveless (pictured above) joined the OnDefend team in July.
A Titusville native, Loveless returns to Florida after time spent in 17 different states and 13 countries across his childhood, time in the Marine Corps, the U.S. Army and the DoD as a cybersecurity analyst in the Defense Information Systems Agency’s field security office.
Loveless developed a relationship with OnDefend co-founder’s Chris Freedman, Billy Steeghs and Ben Finke over the last 13 years, which he spent primarily consulting clients in the Middle East. One of those clients happened to be OnDefend.
“It just happened to be a timely intersection between the two of us,” Loveless told the Business Journal. “I was helping them with Middle East growth, and I decided it was time to leave that region of the world after being out there forever and come back in this direction.”
Loveless will serve OnDefend as managing director of strategic services and as the associate program director of the Independent Security Inspector program for TikTok U.S. Data Security.
This means that Loveless will serve two critical roles for OnDefend: to broaden the company’s footprint in delivering digital security solutions and supporting ISI’s mission of protecting U.S. citizen data.
“They have an objective to grow the company in new markets and different areas of concern, and they also have the need for additional leadership on the ISI program, particularly as it starts to expand and grow. So, it was an opportunity to do both,” Loveless said.
In June, TikTok USDS appointed OnDefend and Chicago-based HaystackID as independent security inspectors to help secure U.S. user data and to protect against cybersecurity threats.
This new partnership supports TikTok U.S. Data Security’s continued partnership with Oracle and the ongoing Project Texas Plan to store and protect user data from falling into foreign hands. Operating from Oracle’s Austin headquarters, Project Texas is TikTok’s $1.5 billion effort to separate U.S. operations and user data from its Chinese parent company, ByteDance.
With OnDefend, Loveless’ work will range from defending “super high-level potential cyber threats” (essentially nation states attempting to steal data) states to staving off the “constant and persistent” hackers that seek to access and exploit individual data.
“Then you have the insider threat, the back end of where the data has been going and how it’s been used, which is what spurred this project with TikTok,” Loveless said.
The challenge for Loveless is that the systems protecting data for the over 150 million U.S. citizens that use TikTok need to stay ahead of bi-weekly updates.
“You get that app refresh, every time that comes out, that’s more code to test. We’re going to have to have teams of people that are going to need to keep pace with their release schedule,” Loveless said.
Fortunately, being at the forefront of cybersecurity is an attractive option.
“When you have a very compelling project, it’s easy to find quality people to scale and grow a team because people are seeking out those kinds of opportunities,” Loveless said. “A project of this significance, the opportunity to legitimately hack, people are beating down your door. It’s what I call “sexy cyber” — the stuff that people always want to work on.”
This ISI mission could also aid Loveless’ second OnDefend role of driving revenue and expanding business. TikTok is not the only foreign provider that wants to bring products and services to the U.S. market.
“Dubai has become a fintech powerhouse, they have really done a lot of investment into drive in new companies to make it a fintech hub,” Loveless said. “All these financial services entities are building code and software that we want to come into a highly-regulated environment in the United States. There’s going to have to be some sort of review, so that’s another area where we think we might want to grow.”
While the U.S. government is doing what it can now to regulate digital exports and hyper-evolution in the tech sector, the last three decades have seen Silicon Valley growth with little to no regulation. The myriad inherent vulnerabilities built into that explosion in digital connections are at the heart of OnDefend’s services offered.
Take BlindSPOT, for example.
Instead of a simple penetration test hack into a company’s systems, BlindSPOT runs an entire state malware campaign step-by-step.
“And then what it does is it identifies where there was a gap where some action should have been taken, where somebody missed this step,” Loveless said. “This shows you graphically the chain of attack as it moves through the network, and identifies specific remedies to help fix that.”
OnDefend will run these scenarios over and over again to “harden” systems, a sort of curing of the cracks in a foundation.
“That’s at the core of our plans to expand,” Loveless said.
The man’s extensive contacts in the federal government, with partner companies, with Big Tech, in Europe, the Middle East and Africa through Southeast Asia and Australia, are expected open a multitude of doors for OnDefend.
Photo courtesy of OnDefend