While reviewing final drafts of our newly re-developed (and quite good) Security Fundamentals 101 coursework and reading my buddy, Dr. Chase Cunningham’s really great new book titled, “How Not To Lead” (Wiley, pub 1/24/2024), I am reminded of one particular patent we developed back in 2015 for a Remote Access MFA Authentication Method Using Adaptive ML. Mary Landesman was the co-developer.

It was a fairly simple access method designed to authenticate remote users attempting to access local system files, applications, databases, and network resources via adaptive multiple-factor authentication techniques using machine learning, behavioral analytics, and mobile phones, wearables, and other mobile devices that may serve as authentication tokens for systems of the future.

Ha.

Chase has a chapter on Mary and Norse in his book. A security industry veteran, Mary was a widely admired threat researcher and usually the first to discover new malware and security events since the Michelangelo virus appeared in Feb 1991. A multiple recipient of the Microsoft MVP award, she was named as one of the top ten women in Cybersecurity.

I was lucky enough to meet and work with Mary after she left Norse. She was sucked into Norse like all the other engineers – 10,000 honeypots and sensors all over the world, inside collectors within Iran, a brilliant display and UI on their vaunted Live Attack Map – and when she had a chance to look closely, said, “I realized that, oh crap, I think this is a scam. They’re trying to draw this out and tap into whatever the buzzwords du jour are, and have a product that’s going to dazzle and suck in new investors.”

After great investigative reporting by Brian Krebs and honest assessments of reality by Robert Lee, of Dragos fame, Norse turned out to be nothing short of a beautiful, dazzling fraud, filing false and inflated financial statements in support of its Series B round for which VCs were standing in line to get a piece, and having blown through $50 million in A round financing on expensive sports cars, lavish parties and first-class travel. Norse was shut down suddenly in 2016 without explanation.

We know first-hand because we were a cash-paying customer who plopped the gorgeous Live Attack Map on an 80” flat screen in our lobby and every day, I would come through that lobby and find folks from other businesses on our floor, spread out on our reception furniture, mesmerized by what they saw, staring at the fireworks all day long.

Takeaways?

Mary has retired and represents a huge loss to our community and the industry. Norse is a classic example of what goes wrong when uninformed money chases really pretty shiny objects. Norse’s insult to trust is immense and must not be ignored. Chase has written a great book on leadership – go buy it. 9 years later, we still haven’t solved the access problem.