CISO Platform names Richard Rushing a Top 100 security influencer
Richard Rushing’s day job is, to say the least, a handful. As Chief Information Security Officer (CISO) for Motorola, Rushing is ultimately responsible for keeping the Lenovo and Motorola networks safe from attackers around the world who would do it various forms of harm.
Yet Rushing does much, much more. In the first month of 2019, he’s already spoken on the tools hackers use to do their work at the Level Up conference online.
This level of nationally recognized expertise is why CISO Platform named Rushing one of the “Top 100 Security Influencers,” a true Who’s Who of thought leaders in the information security field. (To see his entry, click on 60-80 link, Rushing is fourth from top. You also can follow him on Twitter here.)
“This is just the latest example of the recognition Richard has received,” said Jason Ruger, Lenovo’s Chief Information Security Officer. “This won’t be the last list to recognize Richard for his intellect and insights. We are very lucky to have him.”
Rushing joined Motorola in 2008 when they bought AirDefense Inc., the wireless security start-up he co-founded in 2002 and where he served as chief security officer. It’s one of many start-ups Rushing helped found—Verisign and SecureIT being others—and where he further honed his skills forged working at top firms such as General Electric and Siemens.
But like many top IT leaders, Rushing’s training started at an early age when he fell in love with computers, got his hands on some equipment and dug in. He credits his father with introducing him to computing and encouraging him to learn as much as he could even when he was still in elementary school. It helped that his father worked for Honeywell as a service engineer on mainframe computers. For Rushing, that meant that before there were personal computers—much less the Internet of today—he had a modem and a load teletype machine at home.
“When my dad brought home a terminal, seeing everything on the screen changed my perception, made it all real,” Rushing said. “My dad really encouraged me, got me a PC and lots of books so that all through elementary, middle and high school I’d been doing a bunch of stuff.”
Deeply curious, Rushing dove into the workings of all the technology he could. And before he even applied to college, he was already a fixture on bulletin boards, the pre-Internet hotbed of information sharing among tech-savvy computer geeks and hackers.
“It wasn’t dark, dark web stuff, but it was rather dim,” Rushing said of those days. And it was then that he first became interested in being on the side that blocked the hackers, what became a career in IT security. Why? Because it was harder.
“I’m one of these crazy folks who likes a challenge,” he said. “Yes, breaking is easy. You can break lots of things. Protecting those systems actually much harder. It’s like a math equation, trying to understand and balance both things. If you could exploit, next question is how do I fix that.”
When he went to Arizona State for college, thanks to a bulletin board contact he immediately got work testing the security and functionality of early modems for a Phoenix bank. His computer skills were so strong that he didn’t even bother majoring it at college, choosing finance instead. That led to him a brief stint as a financial analyst that lasted long enough to confirm that he should be in IT security instead.
His experience on the edges of the hacker world have taught him a lot. He still studies them, understanding important concepts such as how hackers acquire and move data, what they are looking for and what larger organizations they fit into, be they criminal organizations or nation states. He believes you have to know who is working against you, and that knowledge provides the topics for his many conference presentations, written pieces and other speaking engagements.
When he looks at the changing technology landscape, one of the things that has him most excited is Artificial Intelligence, or AI, as a potential tool for CISOs like himself.
“AI is super interesting to me for potential to be adapted to the security space,” he said. “Things happen so fast now, the speed of the internet is not something a human can react to fast enough. We’re going to have to have machines react for us. The question is can machines react fast enough and yet still be accurate enough to avoid causing more harm. As this develops, we all need to remember that humans make mistakes, and machines will make mistakes, and that needs to be accepted as making mistakes is a crucial part of the learning process.”
So, what’s the one piece of advice he would give everyone regarding network security? It just takes one.
“You just click on one thing and it happens so fast,” he said of employees clicking on a seemingly benign attachment or email that suddenly activates an executable file. “People always ask ‘why me’ and the answer is that the people attacking just need access somewhere. You may be step two in a 10-step process to get where they want to go.”
Looking to his 2019, Rushing is giving an online talk about the tools in hackers’ toolboxes, a panel discussion on top issues for 2019, and a talk in Shanghai about integrating security in development/operations environments.