Interview With Josh Long – Intego

Interview With Josh Long – Intego
Aviva Zacks
Posted: April 30, 2019

Intego’s Chief Security Analyst Josh Long did Safety Detective the honor of an interview where we found out why and how Intego protects Mac users from cyber attacks.

Safety Detective: Tell me how you got started in the cybersecurity industry.

Josh Long: My first exposure to computer and network security vulnerabilities was in the mid-1990s, when fellow students were trading software (via floppy disk or IRC—Internet relay chat) that could supposedly do things like disconnect other people from their dialup modem connections to the Internet. Around that time, a relative showed me a book about polymorphic viruses—malware that could modify its own code to evade detection—and I was fascinated with the idea.

In the early 2000s, when peer-to-peer file sharing was common and Windows security was virtually nonexistent, friends and associates began to ask me (a Mac user) for help when their PCs suddenly began to run slowly. Trojans, spyware, and adware had become more prevalent than traditional viruses. (These threats eventually became a significant problem for Macs, too.)

When I decided to pursue a master’s degree in IT, Internet Security was the obvious choice for my specialization.

Cybersecurity was always a principal aspect of my past IT management positions, from endpoint security and forensics to network and data defense. I’ve also been writing about information security topics for the past decade; I started blogging about my security discoveries for fun, catharsis, and to help and inspire others, and eventually it became part of my career.

SD: What does your company do to help protect the end-user?

JL: A lot! Ever since the company was founded in 1997, Intego has always been focused on protecting Mac users from threats to their security and privacy.

Our flagship product is VirusBarrier X9, which we’re proud to say is the world’s best antivirus software for Mac.  VirusBarrier detects Mac malware better than any other product, and Intego’s malware analysis team works hard to find, analyze, and defend our customers against all the latest threats.

We protect Mac users from local and Wi-Fi network threats with our two-way firewall, NetBarrier X9. It’s important to know when your apps are trying to communicate with the Internet unexpectedly, because sometimes apps you thought you could trust may violate your privacy; NetBarrier helps you know if something fishy is going on.

Safeguarding data from hard drive crashes and other disasters is critical, and Intego Personal Backup is a powerful replacement for (or supplement to) Apple’s Time Machine feature. Among its unique features, Personal Backup lets you create bootable backups, back up your data to another Mac, and schedule your backups at times that won’t interrupt your workflow.

ContentBarrier X9 helps parents keep their children safe online and set appropriate limits on screen time, with customizable controls for each family member.

With Washing Machine X9, we also help users avoid the frustrating situation of their hard drive filling up to capacity, which can cause system instability and also prevent security updates from being downloaded and installed.

We also seek to empower Apple users with knowledge about how to stay protected from threats, through Intego’s blog, podcast, and YouTube videos, and we provide these educational resources free of charge.

SD: How is your company unique in an industry that is filled with cybersecurity products?

JL: What truly sets Intego apart is our dedication to the Mac platform. No other company that has been around as long as ours is solely focused on protecting Apple users. Intego’s dedication to the Mac should inspire confidence in our users that macOS will never be an afterthought for us. Sadly, the vast majority of companies tend to focus on Windows first, and Mac second—but we feel strongly that Apple users deserve better than that. In fact, our dedication to protecting Apple users is one of our core values that drives everything we do.

SD: Why has your company chosen to focus on Mac products?

JL: Intego employees use and love Apple products, and we want to help Mac users everywhere to have a safe experience online.

Long gone are the days when Mac users didn’t have to worry about malware and other threats to their digital security and privacy—but a surprising number of Apple customers are blissfully unaware of this until it’s too late and their Mac has gotten infected. We at Intego are raising awareness through efforts like The Mac Security Blog, the Intego Mac Podcast, and our social media channels, to help users of Apple products to know they can’t let their guard down, and that they need to take action to protect their devices, data, and digital identities.

SD: Does Intego secure other Apple products?

JL: Yes; VirusBarrier X9 has the capability to scan for and detect malicious files on iOS devices (iPhone, iPad, and iPod touch) when you connect those devices to your Mac.

SD: What is the worst cyberthreat to end-users today?

JL: The average end user has very little awareness of how to stay safe in today’s cyberthreat landscape. I’ll share a couple of examples.

Far too many users have the same password for every service they use, which means that a single data breach that lets loose their e-mail address and password could allow an attacker to compromise any of their other accounts. End users (i.e. everyday people who happen to use the Internet because it’s a part of life) should at least understand the need to protect their accounts by doing these two things:

  1. using unique, strong passwords for each site, stored in a reputable password manager (because it’s tough to remember so many strong, unique passwords)
  2. enabling multifactor authentication (also called two-factor authentication or 2FA, or two-step verification) whenever possible

Moreover, many users are apathetic about their account security and don’t consider the ramifications of their indifference. “Who would want to read my e-mail?” someone might ask. “I’m not that special, and if they want to get in that badly, I don’t really care if they see my e-mails from Aunt Nancy.” What they don’t realize is that e-mail is one of their most important accounts. Think about the typical workflow if you forget your password for a site; they’ll usually e-mail you a password reset link (as if having access to your e-mail proves that you are who you say you are). If someone else can get into your e-mail, they can lock you out of all your other accounts, perhaps even your financial accounts, and cause a lot of destruction. They can also impersonate you, and leverage your e-mail account (and your personal reputation) to deceive your family, friends, and colleagues, for example by making them think you’re stranded overseas without any money and desperately need them to wire you some money. Imagine how you might feel if your lax security posture led to your loved ones getting scammed or losing trust in you.

While it’s unreasonable to expect every single Internet user to become an expert about online security, it’s evident that one of the greatest threats to end users today is a lack of awareness about the need for basic defenses like unique passwords for every account and 2FA.

SD: How do you see cybersecurity developing in the next 5 years?

JL: Cybersecurity has always been and always will be a cat-and-mouse game; with each new technology comes a way to abuse it, and with each new threat comes a new defense against it.

As threats become increasingly advanced and more complicated to understand and defend against (like speculative execution attacks, for example), it will become increasingly important for companies to employ robust cybersecurity teams who understand the ever-evolving threat landscape and can build systems that are inherently more secure. Security can never be an afterthought—it must always be tightly integrated into every stage of a product or service’s lifecycle. It will also become increasingly important for companies to train their employees to recognize and respond appropriately to potential threats.

But cybersecurity is not exclusively a problem for adults. Schools need to begin teaching children basic cybersecurity concepts at much younger ages, starting from the moment that an Internet-connected device is placed in their hands. By training the younger generations in basic cyberdefense concepts, we can better prepare them for a more successful future, regardless of their career path.

About the Author

Aviva Zacks
Aviva Zacks

Aviva Zacks is a content manager, writer, editor, and really good baker. When she's not working, she enjoys reading on her porch swing with a cup of decaf.