Speed Data: The Impact of AI on Attack Vectors With Justin Michael

Corbin Capital Partners CTO Justin Michael discusses the hot topic of ChatGPT. Justin leads guarding sensitive data for the leading asset management firm.
Megan Garza
2 min read
Last updated March 25, 2024

Welcome to our video interview series, Speed Data: Quick Conversations With Cybersecurity Leaders. Like speed dating, our goal is to capture the hearts of CISOs with intriguing, unique insight in a rapid format for security leaders pressed for time.

This week, Content Editor Megan Garza sat down with Corbin Capital Partners CTO and daredevil extraordinaire, Justin Michael. A risk-taker outside the office, Justin is responsible for guarding sensitive data for the leading asset management firm. In this episode, he talked about his road from homeroom to HTML and what he learned during his days spent skydiving.

 

 

Destined for data security

From a young age, Justin Michael knew exactly what he wanted to do with his life. While other kids were at the arcade sinking quarters into Pac-Man, at just 15, Justin was learning programming basics and computer repair skills. He credits his two mentors by name for investing in his future at such a key point in his adolescence.

“Mr. Patton and Mr. Burkhardt — both of those guys made an effort, and I really appreciate what they did for me,” Justin said. “Between the two of them, they helped me start my career so that when I went to the university, I was ready to start computer science right from the get-go.”

Although Justin’s passion for computing came naturally to him throughout his profession, it’s the skills required outside of the tech world that can often pose a challenge.

“The hardest thing about being CTO is effecting change,” he said. “Very smart people tend to work very fast, and sometimes they just need to slow down and take a breath and not rush into things.” Justin also admits the adage, “You don’t know what you don’t know,” rings true in his day-to-day dealings.

“I’m sure there are things in the environment — the little nuances, the details — there might be something that I don’t know,” he said. “We’re just always trying to be learning and understanding all that can be done.”

How AI is impacting threat vectors

Justin went on to discuss the topic on everyone’s mind these days — ChatGPT. “Everyone right now is worried about what AI is able to do and how attack vectors might change as malicious actors take advantage of the resources available through AI tools,” he said. “They’re quite powerful, and I’m impressed with what they can do, but that means that we have to be even more on our guard about what might be available in our environment and what we can do to close those issues down.”

The thrill that comes with stopping an attack in its tracks or shutting down a malicious user’s session pales in comparison to Justin’s 15,000-foot hobby.

“While I was still in college, I started skydiving,” he said. “I spent probably 10 years traveling around the country skydiving. There was a point in my life where I’d get up in the morning, go to work, get out of work, drive to the airport, jump out of airplanes until sunset, go home and start the next day the exact same way.”

You may wonder how an aviation-oriented gentleman wound up in cybersecurity, but Justin pointed out that the two worlds are more similar than you’d think.

“We were so well-trained, and we practiced in very specific manners,” he said. “Practiced looking up at the parachute and identifying if there’s a problem or the line is broken — all these things that we had to think about to make sure it was flyable and landable.

“In the same way, your incident response plan is very similar to that. You want to practice it a few times so that when the event occurs, you know exactly what you’re looking for and exactly what your next steps are.”

Varonis has your back.

With Varonis, our incident response team is your team. We offer the brightest minds in offensive and defensive security, watching your data for threats. We investigate suspicious behavior so you don’t have to.

Curious to learn more about our Proactive IR team? Request a free trial or get started with our world-famous Data Risk Assessment.

Watch the full episode with Justin above or on our YouTube channel

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

speed-data:-ciso-leadership-tips-with-pat-benoit
Speed Data: CISO Leadership Tips With Pat Benoit
Pat shared the four leadership rules he follows, what it takes to succeed in cybersecurity, and why he just might be “The Most Interesting Man in the World.”
speed-data: why-cybersecurity-is-an-unceasing-progression-with-siwar-el-assad
Speed Data: Why Cybersecurity is an Unceasing Progression With Siwar El Assad
Siwar El Assad chats about the impact of cybersecurity on modern society, the reality of breaches, and how a chance encounter led Siwar to the industry.
how-the-moveit-vulnerability-impacts-federal-government-agencies
How the MOVEit Vulnerability Impacts Federal Government Agencies
Our latest State of Cybercrime episode examines the MOVEit vulnerability and its impact on victims, including federal government agencies.
speed-data:-aws,-gen-ai,-and-secdataops-with-jonathan-rau
Speed Data: AWS, Gen AI, and SecDataOps With Jonathan Rau
The VP and Distinguished Engineer at Query explains what most organizations get wrong about cloud security.