Grayson Milbourne is Security Intelligence Director at OpenText Cybersecurity, and has been in the cybersecurity industry for two decades. He began his journey in 2004 with Webroot, which later became part of OpenText, and has been instrumental in Webroot’s growth and innovation in threat intelligence. In this interview, he shares insights from his career, the importance of AMTSO for OpenText, and the challenges and future of cybersecurity for both businesses and consumers.
• Grayson, you have 20 years of experience in the cybersecurity industry. How did you start your career and get to where you are today? What is your role today?
Wow 20 years! I wanted to be a pilot since I was a little kid and was in school to do so when 9/11 occurred which drastically changed professional aviation. So I pivoted to computer science and happen to know a girl whose brother was the founder of Webroot. I started there back in 2004 and into threat research in 2006.
I’ve been very fortunate to learn so much on the job and eventually became the director of threat research. Currently I have many roles but primarily focus on product efficacy and being a bridge between the research teams and product engineering.
I’m also passionate about education and advocate for cybersecurity awareness.
• How long have you been involved with AMTSO?
Webroot joined AMTSO in 2012 shortly after I took leadership of our threat research operations.
3rd party testing has long been plagued with poor tests and it has been a very rewarding experience helping AMTSO achieve testing standards.
• Why is AMTSO relevant for OpenText/Webroot?
Having a voice is very important for how testing should function, especially with XDR and the increasing trend of multiple security solutions working in tandem.
It is also a great organization for connecting with other practitioners in the AV space.
• What evolution of cybersecurity testing have you observed in the past 10-20 years?
There have been several but one I’m glad to see is the retirement of zoo-based tests.
Good tests provide more value in understanding the end-to-end ability of a product. Not just testing for upfront blocking, but understanding where prevention was provided. Was it the URL that was blocked, on write, during execution or how long thereafter.
• What do you see as the most difficult challenges in today’s threat landscape for businesses and for consumers?
There are many but one challenge is the explosion of insecure software. Vulnerabilities undermine security and continue to be a big problem, particularly in the software supply chain.
• Which threats do you anticipate businesses and consumers will need to watch out for the next ten years?
Ten years feels like forever away. Think back to 2014 and what we were doing back then.
Ransomware will still be a problem, but I think we’ll be most concerned with how far AI has invaded all elements of life.
• How is Webroot getting ready to address these threats?
It’s our business to stay close to what threat actors are doing but now, as part of Opentext and their very broad portfolio of cybersecurity products, it’s all about integrating.
We are building the next generation of products designed to correlate threat intelligence from all sources and automating how different layers ingest these real-time feeds.
Thank you for sharing these valuable insights, Grayson.