He spends half his time researching enhanced defense solutions; the other half is spent attacking our systems searching for vulnerabilities – I spoke with Panos, Head of Red Team at iProov, whose role involves identifying and closing potential opportunities for cyberattacks. Read on to find out what happens when iProov encounters a deepfake, find out how the cybersecurity landscape has evolved, and get a piece of advice for cybersecurity wannabes!
Hi Panos! To kick us off, can you share what sparked your interest in cybersecurity?
I enjoyed coding from day one when I was taught programming in high school. I joined academia as a developer and over the years I learnt to focus on working fast. Rapid prototyping is crucial in research where failing is likely, so you need to fail fast and retry until it works, and then evaluate its performance.
This made me fall in love with cybersecurity and I knew it was what I wanted to do for the rest of my life. I took two security courses at the university – the first was Introduction to Cryptography and the second was Cybersecurity Attack and Defense Strategies. Cybersecurity for me was, and still is, the continuous battle of good versus evil in cyberspace. It will always provide new adventures and challenges as new technologies emerge.
How has the cybersecurity world changed since you joined iProov?
The recent advances in AI have significantly increased the capabilities of attackers. The growing sophistication of deepfakes and the wider availability of the technology needed to create them pose serious implications for security procedures. As a consequence, day by day, we see even more elaborate attacks. This constitutes a reassuringly hard challenge for me to be kept intrigued by my work.
In addition, as the company grows and more customers trust iProov’s face verification solution, attackers are even more motivated to land a successful attack against us. We see that the funds and the time attackers invest in trying to attack us grow alongside the growth of the company.
As you mentioned, deepfakes represent a huge threat that organizations face. Can you tell us a bit about what happens when iProov encounters a deepfake?
We have rigorous systems and processes in place, firstly to detect deepfakes automatically and then secondly to deal with the detected incidents. This is essential considering the huge amounts of traffic that we process and the frequent attempts at malicious transactions that we encounter.
What piece of advice would you give to someone who is looking to get into cybersecurity?
Let yourself enjoy breaking things! Ensure you get rid of any possible engineering mindset you may have. Don’t look for the proper ways and the best practices to do things, but think outside the box.
Remember that the attacker is not developing. Try and put yourself in their shoes – they are hacking and breaking stuff in a fast, probably sloppy, and elusive way.
What do you enjoy about your role?
I enjoy that I am able to play different roles. I can be the red guy, which involves trying to find the vulnerabilities of a system, and I can also be the blue guy, which is when I am trying to make protocol and algorithms more robust. I really enjoy this variety – no two days are the same!
Finally, can you share what excited you about joining iProov – and hopefully persuade others to join?
I liked the fact that iProov is dealing with new and very challenging problems. Covid-19 led to an inevitable surge in the use of digital technologies due to the social distancing norms and nationwide lockdowns.
As expected, the richer the capabilities provided by online services, the higher the stakes accumulated on those services, which can be incredibly attractive for more attackers and fraud attempts.
We’re also using cutting-edge technologies to provide solutions to these services with the sole mission of eliminating fraud. iProov has daily encounters with very sophisticated forms of attacks.
For me, it means that by working here, I will have to deal with new, exciting, and challenging problems and learn something new every day.
Let this blog be a warning to anyone thinking of attacking iProov! You’ll have to get through Panos and his team first!
And meet more of the iProov team below!
