Ed Sealing ’12 is celebrating a milestone: his company, Sealing Technologies, Inc. will mark its four-year anniversary this month. The Columbia-based contracting firm specializes in enterprise-level cybersecurity, with particular attention to combining data from host level security and perimeter defense security.
In an interview for the Capitol Connector, he spoke about how the company got started, what’s on the horizon, and the attributes and skills needed to parlay a cybersecurity education into a successful career.
“Some of it has come out of luck,” Sealing said of his firm’s success. “One of my backgrounds is in host-based security -- that’s dealing with things like host intrusion prevention, SELinux and other things that reside on an asset. We found ourselves working on a contract because we were good at testing and evaluation, and that contract was specifically for perimeter defense. We ended up doing that piece of it, on the basis of our being good at performance evaluation and test evaluation of a network.”
“In the process, we saw that there are people who do host-based security and there are people who do network-based security, but there aren’t too many out there that combine the two of these together. So that’s where we decided to carve out our niche.” he said.
Changing threats require new approach
It’s a combination of capabilities that he believes will prove increasingly critical as organizations grapple with the challenges posed by apps, cloud-based services and the Internet of Things. In this evolving ecosystem, long-standing security procedures are becoming rapidly obsolete. Companies and individuals alike increasingly entrust their digital assets to platforms over which they have limited control; businesses have little power to control the apps installed on company computers; and many app developers do little to make sure security best practices are being followed.
“How do you control an ecosystem in which just about anyone can write some code and get it out there, and in which companies can’t stop their employees from installing apps? These are issues that are making the cybersecurity arena completely different from the way it was, say, ten years ago, and the IT security field is really struggling with them. And that’s why being able to do both host-based and perimeter defense becomes really important,” Sealing said.
“You want to be able to see the data that traverses outside of the device as well as what goes on inside the device, and look at these things together. Then you can ask the question: is the device secure, and is the app sending information that it’s not supposed to be sending?”
Army experience, Capitol education
Sealing’s background makes him optimally poised to tap the synergy that comes from merging different areas within the cyber field – he’s been combining different skill areas since the age of 17. That was when he enlisted in the army and became a satellite technician, gaining “a good understanding of how data works at the ones and zeroes level, and how that data moves from one place to another.”
In the meantime, he continued an ongoing hobby of repairing and building computers, which helped him build expertise on the server side.
Sealing’s choice for a college, after completing his military service, was Capitol, and he says it was “completely worth it.”
“Every class that I took was very technical in nature and really helped set me up for success,” he explains, pointing to operating systems theory and hands-on networking courses as especially useful.
His firm, which has hired several Capitol graduates, seeks out employees who – like the founder – are eager to develop multiple facets. In fact, Sealing believes such versatility is fast becoming a requirement for a fruitful career.
“We have a bunch of people we call ‘hybrid admins,’ -- they’re not just systems admins, they’re not just network admins. They know both sides of that and having that good base of knowledge is the best start to a career in security. Without knowing both the network and the systems side it’s hard to move into security and really succeed,” he said.
Though IT and cybersecurity are deeply rewarding careers, they’re not for those who lack commitment and the willingness to push beyond comfort zones, he said. “You really have to be passionate about it. It’s not like a 9 to 5 situation where you just forget about it at the end of the day. You’ve got to be willing to develop your knowledge during your spare time as well, and always push yourself to learn more.”
The cybersecurity profession is about “finding problems you can solve for other people,” Sealing said. “You can find a big problem to solve for a few people or a small problem for a lot of people. Either way, if you’re able to identify problems and solve them, you’ll be successful.”