Get to Know the HYAS CEO: David Ratner

In a world where anyone can be breached and no one is safe, and as costs escalate and the potential for serious damage compounds with every new threat, merely reacting to cyberattacks isn’t enough. Instead, organizations need true business resilience solutions that can reliably detect the telltale signs of intrusions quickly, efficiently, and easily early enough in the kill chain to stop malicious actors and their attacks before damage occurs.

Vancouver-based cybersecurity company HYAS is leading the charge in the war against attacks of all kinds, including ransomware, supply-chain attacks, phishing, trojans and the nasty stuff that hasn’t even been named yet.

HYAS products turn metadata into actionable threat intelligence, providing key insights for threat and fraud analysts, visibility into adversary infrastructure before it’s part of an active attack, and protective DNS that renders malware inoperable — all while integrating seamlessly into an existing security tech stack. The key is identifying the infrastructure behind cyberattacks.

HYAS CEO, David Ratner, joined the company in 2019 after leading mobile database company Realm to its sale to MongoDB. Following the sale, when he took the reins at HYAS, David stated that he wanted to explore “the intersecting Venn diagrams of (A) what solutions were most needed today and (B) what spaces were interesting to me.” Not surprisingly, cybersecurity was squarely at that intersection.

Read on for highlights of an interview between David and TAG InfoSphere’s founder and CEO, Ed Amoroso. (certain content updated since the original interview was conducted).

Top Takeaways:

Over the last 18 months, expanding attack surfaces and evolving work models have led to a dramatic increase in cybercrime.

Cybersecurity platform HYAS provides protective DNS that works by proactively identifying the infrastructure behind cyberattacks.

HYAS CEO David Ratner predicts that high-profile cyberattacks like the SolarWinds and Colonial Pipeline incidents will increase, but believes that identifying and investigating adversary infrastructure is the key to true business resiliency.

See what all the hype is about: Learn more about
BlackMamba AI-Synthesized Polymorphic Malware

SaaS x (DNS + Threat Hunting) = Solutions

Ed: Why don’t you tell us about what you guys do at HYAS, and then we can get into your career, some tech and a little bit about the platform.

David:HYAS is a small but rapidly growing company. And to be honest, we already punch way above our weight class. Two of the Fortune 5 use HYAS (which now has increased to three!), [as well as] multiple Fortune 100 [companies], one of the largest credit card processors, and one of the social networks you use every day.

We have so many marquee customers … because HYAS gives them the confidence to move forward in this ever-changing environment. Over the last 18 months, the rate of change has dramatically accelerated with evolving work models, expanding attack surfaces and net new attacks.

HYAS gives our customers and our partners both the visibility into real-time information and the speed and effectiveness to not just detect attacks before they have to inform their board, their customers and the press — but [to] get proactive in blocking the attacks. We do this by changing the paradigm … by being the expert in adversary infrastructure.

Think about what happens before that malware attack, that supply chain attack, that ransomware attack: The bad actor has to set up the infrastructure they utilize. It’s called “command and control.” They have to do this before they ever even launch the attack.

Even [in the case of] a phishing attack, the malicious actor has to create a domain and build the whole website before they can launch their first phish. By moving upstream and looking at the infrastructure that’s used to drive these attacks, HYAS can not only have a fundamental advantage in providing visibility and detection in real time, but it can drive true business resiliency by stopping the attack early in the kill chain, before damage occurs.

We do this largely through multiple SaaS solutions: One for threat and fraud intelligence, investigation and hunting, which we call HYAS Insight, and a set of related Protective DNS solutions for the corporate (or IT) and production (or OT) environments called HYAS Protect and HYAS Confront.

Engineering x Ph.D. (Martial Arts)⁷ ∝ Cybersecurity Startup

Ed: I can see you’ve slid into this CEO role pretty well. Tell people about yourself, because you are a technologist [first], and you have quite an impressive background.

David: I am a Ph.D. computer science guy. I did my dissertation in computer science and distributed systems and went to work [in my] first job out of college, slinging code.

I wrote code in some of the largest systems around the world … building very large scale, high-capacity, asynchronous messaging systems for the telcos and ISPs and others around the world. Eventually, I decided … I liked working with people more than staring at a computer screen. That brought me out into the field, to work with customers, partners and the overall ecosystem of where technology was going.

[As for] some of my personal passions, I’ve practiced six or seven different martial arts. I have a black belt in freestyle karate. I did a lot of Brazilian jiu-jitsu. I’m a fighter … It’s a pretty interesting way to approach where the future is going and what you need to do to build it [and] protect yourself.

Ed: When did you first start thinking about cybersecurity?

David: After [I finished] my Ph.D. [in 1998], when we were building highly scalable email systems, we were already starting to see viruses and starting to see various types of attacks that used email as the primary entry vector.

Just a couple of years later, I spent time at Openwave Systems, which bridged the gap between mobile and landline. I was already talking to mobile operators about mobile threats, viruses and malware. At the time, they were telling me that it was not something to be worried about. I think everyone would now say they were wrong.

But this was very early in my career, looking at various ways of exploiting systems and using them for nefarious purposes. I’ll admit that even in my own past, I dabbled in faking email; logging into email systems and figuring out what you can do if you work around the system in some way, shape or form.

Ed: Well, you can’t fix an engine unless you break a couple of engines, right?

David: That’s very true.

Ed: As long as the intent is not something malicious, we all need to do that.

(Technology x Speed) x Versatility = Confidence

Ed: When you guys [at HYAS] are working with a client, is it usually the case that they are trying to prevent [cyberattacks] — or that they’ve had a problem? Because you provide a solution that could be used in either set of circumstances, I’m curious about what brings people to your platform.

David: It’s a combination of things. Sometimes there is a hard question they are struggling to answer, and they need additional solutions, additional data or different approaches to answer it. Some of our clients… spent two or three months trying to answer a particular question about mapping out adversary infrastructure or who had attacked them … and HYAS could do in three days what they couldn’t do in three months.

In other cases, clients are looking for the confidence to move forward … I had a CISO [tell] me just the other day: “You don’t have brakes on a car to go slowly. You have brakes on a car so you have the confidence to go fast and slow down when you need to.”

That’s what cybersecurity is for me. It’s that confidence to move forward at the speed of business, yet to still have the visibility to understand what’s going on and immediately alert and stop incidents when needed. [Many] of our customers [realize] that they don’t have the visibility of what’s going on to apply those brakes and understand what’s needed at the time.

Infrastructure = Critical

Ed: I’m going to ask you to take your crystal ball out a little bit here. You’ve been staring at these trends for a while now. When you look at the adversaries and you look at the kinds of things they’re doing and you graph it, are we getting worse or is it stabilizing?

David: I consider myself some weird combination of … practical [and] optimistic. I really do believe that solutions like HYAS can completely change the game. But I read an article recently that shows cyber risks inevitably increasing in the next 12 months, not decreasing.

I think we’ve just scratched the surface on some of these things like supply chain attacks [and] on what’s really going on with ransomware. And certainly, ransomware five years ago was a little bit of a nuisance. Now it’s being combined with data exfiltration.

We’re starting to see a lot more recognition that we have critical infrastructure around the country and around the world that’s probably not as protected as it should be. We’re starting to see that there are real gaps. And I think that we’re going to see a significant continuation of things like SolarWinds, Colonial Pipeline and other kinds of attack vectors.

That’s part of the reason why I wanted to change the game — to look at the problem space in a different way.

HYAS was named a ‘hot company” by Cyber Defense Magazine in no fewer than eight categories: Protective DNS, DNS Security, Threat Intelligence, Security Investigation Platform, Threat Actor Infrastructure Mapping, Cloud Workload Protection, OT Security and Critical Infrastructure Protection and was awarded the CyberTech 100 Award in both 2022 and 2023.

Want to learn more about how HYAS changes the game?