Voices

Interview: Avast’s Greg Mosher talks cybersecurity in the modern age

Reading time:  3 Minutes

Securing your business in today’s world involves continuously blocking new online threats and viruses. We spoke to Greg Mosher, Vice President of Product and Engineering for small and medium businesses (SMBs) at cybersecurity company Avast Software about how companies can address the challenge.

How did you end up working for Avast?

My father worked for IBM and bought one of the first PCs in 1982 through the employee purchase programme – I started learning about them straight away. Despite dreaming of other things, I always knew how to work with computers. At some point I decided these little boxes might be important in the future, so I tailored my path accordingly.

I worked a number of jobs before co-founding my own security startup in 2003 called Exploit Prevention Labs. We were bought by AVG Technologies at the end of 2007 and I’ve been mostly in the same role ever since. During this time I saw AVG go public; I’ve visited the New York Stock Exchange twice and was around when Avast Software acquired AVG and took us private at the end of last year.

What’s the biggest challenge you’ve faced professionally?

For me personally, it was building my own company. I had to know the business aspect of the job straight off the bat, and that was a challenge. Becoming accustomed to the fact that somebody else might have the answers, and then having to go along with them, was even tougher. But I think I succeeded because I managed to surround myself with the right people: professionals who really understood the business development and marketing side of the industry.

What’s the biggest challenge cybersecurity is facing right now?

The proliferation of state-created exploitation methods, or hacks. The prime example of this is what I call the Eternal suite, like EternalBlue, which came from the NSA. We’ve always known that the NSA can see almost anything, and different government agencies all have the capacity to reach beyond what we see in the public sector. Some of those programmes leaking into the mainstream is my main concern.

What do most businesses misunderstand about cybersecurity?

The risk level. I think most SMBs saw the likes of Sony being targeted a few years ago and still think that nobody would want any information from their small business. However, that’s all changed. Obviously there’s not some guy who thinks, "Right, I’m going to get Bob’s Deli." Instead, they’re producing malware that spreads. If this programme gets onto Bob’s machine, it could see that he has QuickBooks files, for example, automatically encrypt all of them, and make him pay to get them back. Small businesses are being targeted through automated methods.

Office spaces aren’t as static as they once were. Is this affecting cybersecurity?

At one time the office was just a space you rented where you ran your internet connection for everybody to use on site. So you’d just put a device in place to try and shelter your office. These methods don’t do the job any more since, three quarters of the time, half of the office is somewhere else.

There are people on mobile devices sending pretty sensitive data to and from the cloud, across unsecured networks. This means you’re definitely more exposed. However, it’s a challenge we have to solve, because I don’t see us going back. The productivity gains of the mobile office are too great.

Do you have any advice for busy entrepreneurs trying to protect their business?

If you’re a really small business, or you work solo, the main thing is just to understand what technology you’re using. Also make sure you use a password manager: use it religiously and don’t re-use your passwords.

For a slightly bigger business, I’d say don’t be scared to get help. We find that small businesses are much less vulnerable whenever they have a technology partner, even one they just bring in when needed. And there are plenty of service providers to choose from.

Greg Mosher is VP of Product and Engineering, SMB at Avast Software.

Greg’s three tips for success

1. Like my college professor always said: "Don’t lock your knees." It’s a sporting reference that means don’t get stuck doing what you know, since things can change and you need to be flexible.

2. I often hear people say "trust your instincts" but really you just need to pay attention to them. Your instincts are based on your experiences. This isn’t Star Wars; it’s not the force, it’s your subconscious processing these experiences and giving you a certain feeling. It’s something you should pay attention to, be conscious of and learn from.

3. Find and use mentors. It doesn’t have to be anything formal, but you need to find people who have the knowledge and experience that you don’t. The modern world is too complex for anyone to go about it completely alone.