Professional Documents
Culture Documents
Industry Analysis
Industry Analysis
Industry Analysis
CST 300
January 2021
Introduction – The history of cyber security began with a project in the 1970s, on what
was known as the ARPANET (The Advanced Research Projects Agency Network), which was
an early version of what has since evolved into the internet. A researcher named Bob Thomas
wrote a program to move through ARPANET’s network, leaving a small trail wherever it went.
He named the program ‘Creeper’, because of the printed message that was left behind on each
computer that read: ‘I’M THE CREEPER: CATCH ME IF YOU CAN’. Later, a man named Ray
Tomlinson, wrote a program that made ‘Creeper’ self-replicating, thus creating the first ever
computer worm, which is a self-replicating computer program that usually causes harm. He also
wrote another program called ‘Reaper’ which traced ‘Creeper’ and deleted it, this was effectively
the first ever antivirus software. Due to the increased reliance on computers, smartphones,
networking, throughout the world, cyber security has become one of the fastest growing sectors
of the IT industry. FireEye is one of the top providers in the cyber security field.
headquartered in Silicon Valley in Santa Clara County. They are located more specifically in the
town of Milpitas, California. The company has been involved in the detection and prevention of
several major cyberattacks. They provide hardware, software, and other services to investigate
cyber security attacks. They also protect against malicious software and analyze IT security risks
Notable Events - FireEye was founded by Ashar Aziz in 2004 and has been instrumental
in many discoveries of major cyber security threats. They have since grown to become one of the
2
biggest cyber security providers for Fortune 500 companies around the world. Some of the
companies include Perdue and Airgas, both of which have over a billion dollars in annual
revenue. In fact, over 40% of the companies they provide service to have over a billion dollars in
annual revenue. In 2009, they were the lead of a team of cyber security specialists whose sole
mission was to take down a Mega-D botnet more commonly known as Ozdok. In 2013, they
discovered a long-term espionage campaign against the United States by a state sponsored
Chinese hacking group named APT1. In 2017, they discovered malicious Microsoft Office RTF
files that leveraged a vulnerability that was previously undiscovered by Microsoft. In 2018, they
were hired by Facebook to detect fake accounts. At this time, FireEye is now considered a
household name in cyber security. In 2020, FireEye acknowledged that their own systems were
hacked by a nation with great offensive capabilities, thought to be part of a much larger
cyberattack from Russia against the United States. FireEye’s Red Team proprietary tools were
stolen, and the same day they released tools to provide protections from those stolen tools. These
tools could penetrate networks in ways not yet known to many hackers, so it was important that
they took this step to provides protections against these stolen tools. Not taking action or trying
to keep the breach a secret could have had serious legal implications, so the company didn’t have
much choice.
Major “players” - Ashar Aziz served as FireEye's Chief Executive Officer from 2004 to
2012. Aziz worked as an engineer at Sun Microsystems for twelve years, specializing in network
security, networking and system design. Aziz also worked as the chief technology officer of the
N1 program at Sun Microsystems. In 1999, Aziz founded his first startup company named
Terraspring Inc., which developed data center automation and virtualization. Terraspring was
bought by Sun Microsystems in 2002, after the stock market crashed in 2001 which deflated the
3
value of Terraspring significantly. Aziz now remains its Chief Strategy Officer, Chief
Technology Officer and Board Vice Chairman. CEO Kevin Madia has served as FireEye Chief
Executive Officer since June 2016 and was appointed to the company’s Board of Directors in
February 2016. He was previously President of FireEye from February 2015 until June 2016.
Kevin joined FireEye serving as Senior Vice President and Chief Operating Officer in December
2013, when FireEye acquired Mandiant, a company Kevin founded in 2004. Before Mandiant,
Kevin was the Director of Computer Forensics at Foundstone, a company since acquired by
McAfee Corporation, from 2000 to 2003, and the Director of Information Security for Sytex, a
company later acquired by Lockheed Martin, from 1998 to 2000. Kevin also served in the United
States Air Force, where he was a computer security officer in the Seventh Communications
Group at the Pentagon, and a special agent in the Air Force Office of Special Investigations or
AFOSI.
Products and Services - FireEye primarily sells many technology products which include
threat intelligence products, network, email, platforms for managing security operations centers
known as Helix, endpoint security, as well as consulting services based on incident response.
FireEye’s top product is computer software, serving 24% of their customers, with information
technology services coming in second provided to 9% of their customers. Software is the most
Reputation - FireEye is known as one of the most dominant companies in the cyber
security industry. FireEye’s reputation may have been damaged recently, as the recent state level
attack from Russia had infiltrated many companies that were using FireEye for their cyber
security needs. Admitting that their own servers were infiltrated was embarrassing for the
company but does not appear to have yet caused significant long-term damage to the company’s
4
reputation. Investigations may still be underway, but they believe they have identified the actors
Trends – FireEye’s shares were down 13% after reporting the breach of its system on
December 8, 2020. FireEye has built a reputation as being the place to call for companies
suffering from a cyber-attack, so this was devastating news for company. However, additional
news about another organization’s involvement has come to light regarding the attack. It was
revealed that SolarWinds, another cyber security company, was the main entry point for the
attack, which helped to shift blame from FireEye. FireEye’s shares have risen 70% from their
initial sell off and are now beating out other top cyber security names such as CrowdStrike, and
analysts believe FireEye will remain a primary vehicle going forward. Many start-ups are
entering the cyber security field with new and innovative ways of providing cyber security to
their clients. If FireEye wants to stay competitive long into the future, they will have to realize
these trends and adapt their own product offerings based on where the technology is heading. It
would take a breakthrough in cyber security for a new company to become competitive with
FireEye anytime soon. For this reason, FireEye has purchased several start-up companies in
Myself - I am interested in a few positions in the field including Cyber Security Engineer,
Security Analyst, and Principal Incident Response Consultant. My approach includes learning
skills that will help me enter the cyber security field prior to finishing my CS Degree. Some
courses I will take include CST 311 Intro to Computer Networks (CSUMB) – To learn the basics
of networking, this course will be essential as networking is a required base skill for the cyber
security industry. The course includes Survey of Telecomm and Data Comm Technology
Fundamentals, Local Area Network, Wide Area Network, Internet and internetworking protocols
5
including TCP/IP, network security and performance, emerging industry trends such as voice
over the network and high-speed networking. CS 70 - Network Architecture (Santa Monica
College) – For a more solid networking foundation. This course includes network topologies,
media and signaling, protocols, addressing, and distributed networks. The main thing I want to
learn is the varied ways to connect computers and the resulting architectures. CS 73A -
Fundamentals of Computer Security (Santa Monica College) - Learn how to defend and protect
critical computer assets from various security threats including computer worms and viruses. CS
73B - Computer Forensics Fundamentals (Santa Monica College) – To learn the principles and
techniques of network forensics investigation and learn to use available forensics tools in the list
73C - Cybersecurity and Ethical Hacking (Santa Monica College) – To learn ethical hacking
methodologies with the hands-on application of security tools to secure computer and other
digital systems. Learn about TCP/IP concepts and practice foot printing, scanning, enumeration,
exploitation, and social engineering. This may be the most important course as far as hands-on
Preparation – To prepare for a career in this field, I will conduct online research to find
information about the current trends of the cyber security field and to stay up to date on the new
methods and technology. This an important step as the field is demanding and new threats will
always emerge. It is important to stay up to date on the latest Malware and cyber threats. I will
also attend networking and career events presented by the industry and attending online
discussions held by FireEye. Many of the live discussions can be attended by the public free of
charge which can be a valuable resource. Practicing ethical hacking with available tools such as
6
Kali Linux and VMWare to setup virtual network configurations. I have acquired these tools and
will practice learning with them frequently to start my pathway into cyber security.
within this field is currently not considered to be difficult. With the rapid pace at which use of
digital devices is expanding throughout the world, demand to keep the devices and networks safe
is at an all-time high. However, staying up on the latest trends in the field is necessary to be
competitive in the field. With careful planning, and some hard work, I am confident that I can
References
Antonin, P. (2013, September 21). FireEye's debut signals red hot interest in cybersecurity.
signals-red-hot-interest-in-cybersecurity
Doyle, K. (2013, August 07). FireEye opens local office. Retrieved January 10, 2021, from
https://www.itweb.co.za/content/okYbe9MX51jqAWpG
Freeze, D. (2020, November 14). 10 Hot Penetration Testing Companies to Watch In 2020.
testing-companies-to-watch-in-2020/
Hackett, R. (2016, June 25). China's Cyber Spying on the U.S. Has Drastically Changed.
hackers/
catastrophe/
8
Sanger, D. (2013, February 19). Chinese Army Unit Is Seen as Tied to Hacking Against U.S.
https://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-
hacking-against-us.html
Murphey, D. (2019, June 27). A history of information security. Retrieved January 10, 2021,
from https://www.ifsecglobal.com/cyber-security/a-history-of-information-security