1

CST 300
January 2021

Cyber Security’s Top Enforcers

Introduction – The history of cyber security began with a project in the 1970s, on what

was known as the ARPANET (The Advanced Research Projects Agency Network), which was

an early version of what has since evolved into the internet. A researcher named Bob Thomas

wrote a program to move through ARPANET’s network, leaving a small trail wherever it went.

He named the program ‘Creeper’, because of the printed message that was left behind on each

computer that read: ‘I’M THE CREEPER: CATCH ME IF YOU CAN’. Later, a man named Ray

Tomlinson, wrote a program that made ‘Creeper’ self-replicating, thus creating the first ever

computer worm, which is a self-replicating computer program that usually causes harm. He also

wrote another program called ‘Reaper’ which traced ‘Creeper’ and deleted it, this was effectively

the first ever antivirus software. Due to the increased reliance on computers, smartphones,

networking, throughout the world, cyber security has become one of the fastest growing sectors

of the IT industry. FireEye is one of the top providers in the cyber security field.

General Information - FireEye is a large, publicly traded cyber security company

headquartered in Silicon Valley in Santa Clara County. They are located more specifically in the

town of Milpitas, California. The company has been involved in the detection and prevention of

several major cyberattacks. They provide hardware, software, and other services to investigate

cyber security attacks. They also protect against malicious software and analyze IT security risks

for several large private companies, as well as government entities.

Notable Events - FireEye was founded by Ashar Aziz in 2004 and has been instrumental

in many discoveries of major cyber security threats. They have since grown to become one of the
 2

biggest cyber security providers for Fortune 500 companies around the world. Some of the

companies include Perdue and Airgas, both of which have over a billion dollars in annual

revenue. In fact, over 40% of the companies they provide service to have over a billion dollars in

annual revenue. In 2009, they were the lead of a team of cyber security specialists whose sole

mission was to take down a Mega-D botnet more commonly known as Ozdok. In 2013, they

discovered a long-term espionage campaign against the United States by a state sponsored

Chinese hacking group named APT1. In 2017, they discovered malicious Microsoft Office RTF

files that leveraged a vulnerability that was previously undiscovered by Microsoft. In 2018, they

were hired by Facebook to detect fake accounts. At this time, FireEye is now considered a

household name in cyber security. In 2020, FireEye acknowledged that their own systems were

hacked by a nation with great offensive capabilities, thought to be part of a much larger

cyberattack from Russia against the United States. FireEye’s Red Team proprietary tools were

stolen, and the same day they released tools to provide protections from those stolen tools. These

tools could penetrate networks in ways not yet known to many hackers, so it was important that

they took this step to provides protections against these stolen tools. Not taking action or trying

to keep the breach a secret could have had serious legal implications, so the company didn’t have

much choice.

Major “players” - Ashar Aziz served as FireEye's Chief Executive Officer from 2004 to

2012. Aziz worked as an engineer at Sun Microsystems for twelve years, specializing in network

security, networking and system design. Aziz also worked as the chief technology officer of the

N1 program at Sun Microsystems. In 1999, Aziz founded his first startup company named

Terraspring Inc., which developed data center automation and virtualization. Terraspring was

bought by Sun Microsystems in 2002, after the stock market crashed in 2001 which deflated the
 3

value of Terraspring significantly. Aziz now remains its Chief Strategy Officer, Chief

Technology Officer and Board Vice Chairman. CEO Kevin Madia has served as FireEye Chief

Executive Officer since June 2016 and was appointed to the company’s Board of Directors in

February 2016. He was previously President of FireEye from February 2015 until June 2016.

Kevin joined FireEye serving as Senior Vice President and Chief Operating Officer in December

2013, when FireEye acquired Mandiant, a company Kevin founded in 2004. Before Mandiant,

Kevin was the Director of Computer Forensics at Foundstone, a company since acquired by

McAfee Corporation, from 2000 to 2003, and the Director of Information Security for Sytex, a

company later acquired by Lockheed Martin, from 1998 to 2000. Kevin also served in the United

States Air Force, where he was a computer security officer in the Seventh Communications

Group at the Pentagon, and a special agent in the Air Force Office of Special Investigations or

AFOSI.

Products and Services - FireEye primarily sells many technology products which include

threat intelligence products, network, email, platforms for managing security operations centers

known as Helix, endpoint security, as well as consulting services based on incident response.

FireEye’s top product is computer software, serving 24% of their customers, with information

technology services coming in second provided to 9% of their customers. Software is the most

profitable division as it has the highest sales and highest margins.

Reputation - FireEye is known as one of the most dominant companies in the cyber

security industry. FireEye’s reputation may have been damaged recently, as the recent state level

attack from Russia had infiltrated many companies that were using FireEye for their cyber

security needs. Admitting that their own servers were infiltrated was embarrassing for the

company but does not appear to have yet caused significant long-term damage to the company’s
 4

reputation. Investigations may still be underway, but they believe they have identified the actors

and extent of the breach.

Trends – FireEye’s shares were down 13% after reporting the breach of its system on

December 8, 2020. FireEye has built a reputation as being the place to call for companies

suffering from a cyber-attack, so this was devastating news for company. However, additional

news about another organization’s involvement has come to light regarding the attack. It was

revealed that SolarWinds, another cyber security company, was the main entry point for the

attack, which helped to shift blame from FireEye. FireEye’s shares have risen 70% from their

initial sell off and are now beating out other top cyber security names such as CrowdStrike, and

analysts believe FireEye will remain a primary vehicle going forward. Many start-ups are

entering the cyber security field with new and innovative ways of providing cyber security to

their clients. If FireEye wants to stay competitive long into the future, they will have to realize

these trends and adapt their own product offerings based on where the technology is heading. It

would take a breakthrough in cyber security for a new company to become competitive with

FireEye anytime soon. For this reason, FireEye has purchased several start-up companies in

recent years to protect against this threat.

Myself - I am interested in a few positions in the field including Cyber Security Engineer,

Security Analyst, and Principal Incident Response Consultant. My approach includes learning

skills that will help me enter the cyber security field prior to finishing my CS Degree. Some

courses I will take include CST 311 Intro to Computer Networks (CSUMB) – To learn the basics

of networking, this course will be essential as networking is a required base skill for the cyber

security industry. The course includes Survey of Telecomm and Data Comm Technology

Fundamentals, Local Area Network, Wide Area Network, Internet and internetworking protocols
 5

including TCP/IP, network security and performance, emerging industry trends such as voice

over the network and high-speed networking. CS 70 - Network Architecture (Santa Monica

College) – For a more solid networking foundation. This course includes network topologies,

media and signaling, protocols, addressing, and distributed networks. The main thing I want to

learn is the varied ways to connect computers and the resulting architectures. CS 73A -

Fundamentals of Computer Security (Santa Monica College) - Learn how to defend and protect

critical computer assets from various security threats including computer worms and viruses. CS

73B - Computer Forensics Fundamentals (Santa Monica College) – To learn the principles and

techniques of network forensics investigation and learn to use available forensics tools in the list

of the International Association of Computer Investigative Specialists (IACIS) certification. CS

73C - Cybersecurity and Ethical Hacking (Santa Monica College) – To learn ethical hacking

methodologies with the hands-on application of security tools to secure computer and other

digital systems. Learn about TCP/IP concepts and practice foot printing, scanning, enumeration,

exploitation, and social engineering. This may be the most important course as far as hands-on

learning of the field.

Preparation – To prepare for a career in this field, I will conduct online research to find

information about the current trends of the cyber security field and to stay up to date on the new

methods and technology. This an important step as the field is demanding and new threats will

always emerge. It is important to stay up to date on the latest Malware and cyber threats. I will

also attend networking and career events presented by the industry and attending online

discussions held by FireEye. Many of the live discussions can be attended by the public free of

charge which can be a valuable resource. Practicing ethical hacking with available tools such as
 6

Kali Linux and VMWare to setup virtual network configurations. I have acquired these tools and

will practice learning with them frequently to start my pathway into cyber security.

Conclusion – The field of cyber security is constantly changing. Finding employment

within this field is currently not considered to be difficult. With the rapid pace at which use of

digital devices is expanding throughout the world, demand to keep the devices and networks safe

is at an all-time high. However, staying up on the latest trends in the field is necessary to be

competitive in the field. With careful planning, and some hard work, I am confident that I can

secure employment at FireEye upon graduation from CSUMB.

 7

References

Antonin, P. (2013, September 21). FireEye's debut signals red hot interest in cybersecurity.

Retrieved January 10, 2021, from https://nation.com.pk/22-Sep-2013/fireeye-s-debut-

signals-red-hot-interest-in-cybersecurity

Doyle, K. (2013, August 07). FireEye opens local office. Retrieved January 10, 2021, from

https://www.itweb.co.za/content/okYbe9MX51jqAWpG

Freeze, D. (2020, November 14). 10 Hot Penetration Testing Companies to Watch In 2020.

Retrieved January 10, 2021, from https://cybersecurityventures.com/10-hot-penetration-

testing-companies-to-watch-in-2020/

Hackett, R. (2016, June 25). China's Cyber Spying on the U.S. Has Drastically Changed.

Retrieved January 10, 2021, from https://fortune.com/2016/06/25/fireeye-mandia-china-

hackers/

Newman, L. (n.d.). Russia's FireEye Hack Is a Statement-but Not a Catastrophe. Retrieved

January 10, 2021, from https://www.wired.com/story/russia-fireeye-hack-statement-not-

catastrophe/
 8

Sanger, D. (2013, February 19). Chinese Army Unit Is Seen as Tied to Hacking Against U.S.

Retrieved January 10, 2021, from

https://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-

hacking-against-us.html

Murphey, D. (2019, June 27). A history of information security. Retrieved January 10, 2021,

from https://www.ifsecglobal.com/cyber-security/a-history-of-information-security