BlackBerry has transitioned from a mobile device giant to a software cyber security company.
Some have argued the transition was forced on the organisation, while Charles Eagan, CTO at BlackBerry, argues that it was a natural progression.
Wanting to find out more about the realities of leading BlackBerry’s software-based technology stack in the cyber security space, Information Age caught up with Eagan at this year’s CES.
The role of BlackBerry’s CTO
Eagan’s role focuses on the broad spectrum of technologies within the company, while helping facilitate the next generation of technology.
“I try to create the strategic technical steer for the company,” he told Information Age.
“Historically, BlackBerry was very focused on each one of its domains, without looking across the portfolio to see how we could work better together. So, my role now is to try and prevent duplication, because in large engineering organisations, it’s easy to fall victim to this.
“Now we’re being much more efficient by generating a lot more features with the same number of engineers.”
BlackBerry’s tech focus
Eagan explained that BlackBerry is focused on university research and some advanced technology concepts, but that the company also has a labs team that drives technology acceleration.
“We’ve spent a lot of time working with the Cylance*, bringing its technology into other parts of BlackBerry, like automotive or enterprise,” he added. “Although, the labs team has autonomy to work on whatever strategic direction we feel is right for the business.”
*BlackBerry’s $1.4 billion acquisition of Cylance in 2019 caused a significant stir in the cyber security market. At the time, Brian Partridge — research vice president at 451 Research — said: “In this deal BlackBerry obtains advanced security technology that it can deploy within its existing platforms while also providing a complementary fit in terms of market vision and customer focus.”
Focused on the product and technology
There are a variety of CTO types, some are more focused on the business strategy, while others are focused on the technical and products. Eagan falls into the latter category. His team is technology-driven, rather than marketing-driven.
“I look at the future roadmap and technology incubation, although I sometime get involved in the business side — making sure that we’re doing things that customers will buy,” he explained. “There’s lots of other people, like product management and product marketing that set that direction.”
A CTO guide: The main challenges facing the cyber security industry
Meeting the evolving needs of the security market: the IoT
From a CTO perspective, you’re trying to game the market.
Technology leaders need to make sure they have the right strategy in place that meets the needs of an evolving marketplace. Security, especially, is an area that’s constantly shifting, because of new trends entering the market.
“For example,” continued Eagan, “there’s so much IoT technology entering the market that’s not secure.”
“We say it’s hard to retrofit security, but we need to get in front of it and make IoT more secure”
How can organisations get ahead of this?
Eagan suggested improving security standards, because “at the moment, there is not good security practice when it comes to building connected technology”.
From a tech leadership perspective this can be improved by prioritising appropriately.
“I’ve got a teams that focus on technology acceleration and the idea is they’ll work on it until they’re in demonstrate that it’s either a good technology for us to pursue, or it’s not. It’s the team is designed to be agile.”
The front line: Microsoft UK CTO on tackling cyber security
Analytics, ML, 5G and quantum crypto
When asked about what technologies he predicted would come into play for the cyber security market, Eagan suggested a multitude.
“At the moment, the role of machine learning in security is just the smallest tip of the iceberg that we’re seeing right now,” he said.
“The ability to do safety and security with large data analytics is something that’s going to continue and as 5G, and connectivity, come to the fore it’s like moving from a drinks straw to a massive conduit [or attack surface area].
“That’s going to fundamentally change how the attackers operate and defence mechanisms, as well,” he said.
He also noted that BlackBerry is looking at quantum crypto technologies, but that the “big” future focus is zero trust architecture.
BlackBerry’s transition to a cyber security company, its 2020 goals and the importance of trust
Zero trust
“If you assume you can’t trust anything, be it a user, a device or network, you need to build mechanisms to create that trust,” explained Eagan.
“We want to provide the tools and technologies that enable this zero trust — that’s our model and philosophy, because you never know where a compromise might come from.
Combining Cylance and BlackBerry
When BlackBerry acquired Cylance, the company’s co-founder, Ryan Permeh, moved onto Eagan’s team and became the new chief security architect.
In this role, he took his industry and security experience, and applied it to BlackBerry, helping it create a next generation platform with a zero trust architecture.
“It’s great fun for Cylance and BlackBerry engineering to share each other’s technology to create the new capabilities we’re developing [BlackBerry’s security technology and Cylance’s leading AI/ML that has the ability to detect malware without needing a patient zero].”