Take a Product Tour Request a Demo Cybersecurity Assessment Contact Us

Blogs

The latest cybersecurity trends, best practices, security vulnerabilities, and more
Patrick Flynn

Meet Patrick Flynn

Head of Advanced Programs Group at Trellix Threat Labs

At Trellix, we celebrate and champion our people. This week, I sat down with Pat Flynn, Head of Advanced Programs Group for Trellix Threat Labs. His job is a critical one and how he goes about it is fascinating.

MICHAEL:  Pat, thanks for joining me today. What you do is so crucial for Trellix and our customers, let’s just jump in right there. Tell us about your role here.

PAT:  Sure, Michael. I run the Advanced Programs Group, or APG as we call it here at our Trellix Threat Labs. It was set up a few years ago to support a large intelligence agency.

MICHAEL:  Got it. We’ll leave the entity unnamed (laughing). So how did you get pulled in?

PAT:  As the program expanded, I was recruited to increase our global reach and outlook.

MICHAEL:  That sounds pretty broad…like you’d have to be in a lot of places at the same time.

PAT:  (Laughing). The first year, I basically had the task of buzzing around the globe, explaining our capabilities to experts in countries such as Australia, Japan, Singapore, Vietnam, and Germany.

MICHAEL:  Are you focused, then, primarily on state actors?

PAT:  We’re broader than that. We got our start supporting public sector and governmental agencies, but we’ve grown so we can support anybody, at any time, with advanced intelligence reporting. We learn about our customers’ intelligence requirements and then focus on collection and reporting in various forms they can best use.

MICHAEL:  How is APG different than the other Trellix Threat Lab groups?

PAT:  We collaborate very closely with them. They’re focused more on incident response as an embedded component of our general services, whereas we’re the for-profit team and charge for ours. We have several dozen customers at this point. Essentially, we push information to them so they can make decision, prevent breaches and mitigate consequences. We also collect and curate global threat intelligence for organizations with closed or air-gapped systems that are physically isolated from unsecured networks.

MICHAEL:  Right. You’re referring to the fact that most of our products talk to the cloud automatically, but that doesn’t work for entities like intelligence agencies or some critical infrastructure facilities with high-risk assets, right?

PAT:  Correct. For those types of outfits, we build them a private bare-metal installation behind their wall.

MICHAEL:  Let’s talk about you for a few minutes. How did you make your way to such an exciting position?

PAT:  (Laughing). Well, I grew up in Wyoming and joined the Navy when I was younger. I spent about 10 years of active-duty service on the intelligence side and retired as a Chief Petty Officer. I became a federal agent for U.S. Customs and Border Protection for another 10 years, working out of Nogales, AZ and rising to the rank of Assistant Chief at headquarters here in D.C. Then, in 2008, the Navy called me back with an all-expenses-paid visit to Afghanistan for year.

MICHAEL:  Is that right? That sounds pretty intense.

PAT:  Well, it was. I was embedded in one of the forward operating bases in Khost Province, on the extreme east side of Afghanistan, right along the Pakistani border. Over the year, I participated in 210 missions outside the wire.

MICHAEL:  That’s incredible. Thank you for your service, Pat. That’s amazing.

PAT:  It was tough but fulfilling work. Sometimes (laughing again). I served as an intelligence officer in HUMINT, as we refer to it in the military. When I got home, I retired. I was working for a defense contractor at the time, and they loaned me out to the Navy. At that point, I was supporting an intelligence agency and the 82nd Airborne Division. So that’s my career in a nutshell. I was lucky not to get injured. Sort of.

MICHAEL:  “Sort of?”. That sounds like you did.

PAT:  You're going to laugh. I was on a mission, walking up a trail. I'd found a piece of direction-finding electronics I was investigating. I had to be kind of sly because I didn't want the villagers to notice anything extraordinary. I had some infantry guys up on overwatch, watching my back.
I was in full “battle rattle”, you know – helmet, rifle – real heavy. And I walked off the edge of a 6-foot drop. I hurt my shoulder and some other stuff, just banged up. I was more embarrassed about it, but I was hurt. Had to climb back up and those infantry guys were laughing at me. Anyway, I've been shot at, you get rockets, you get IEDs, all that stuff. But that was where I almost got seriously hurt and it was just through my own stupidity, not paying attention.

MICHAEL:  Tell me about your family situation.

“You're going to laugh… I was on a mission, walking up a trail… I had some infantry guys up on overwatch, watching my back. I was in full “battle rattle”, you know – helmet, rifle – real heavy. And I walked off the edge of a 6-foot drop. Had to climb back up and those infantry guys were laughing at me.”

PAT:  Sure. My wife Tina and I live in Chantilly, Virginia. We have three kids. My oldest is a software engineer here in Arlington. And my daughter is a former volleyball player attending William and Mary. And then my youngest is a sophomore in high school, an aspiring pilot.

MICHAEL:  Do you travel much these days?

PAT:  I do. When I travel for work, I often take Tina with me. She's been to Tokyo with me, Australia, and we just went to Hawaii. We love the Caribbean, love going down to Mexico, you know, baking in the sun. Just experiencing life.

MICHAEL:  How do you unwind? What do you do to get away from all the noise?

PAT:  Three things. I'm a mindfulness guy: I meditate. Two, I'm a big cycler, I like to exercise. I both bike outside and use a Peloton bike. So, I'm pretty fit. And third, I like to play golf.

MICHAEL:  Tell us about books. What are you reading now? What are your favorite books over your career?

PAT:  I'm a history buff, so I read a lot about history, including historical fiction. I like Master and Commander by Patrick O'Brian. I think he wrote like 20 books in that series, I've read about 15 of them. I like them because they’re realistic and they deal with actual events in history. I'm a big Ulysses S. Grant fan, I've read his memoir four times. Thomas Jefferson too. Jon Meacham's book, The Art of Power, that one’s great. What else? I'm a Civil War guy, so I know a lot about Robert E Lee, Ulysses S. Grant, Joshua Chamberlain, and that sort of thing. I like wandering around the battlefields, mapping them out.

MICHAEL:  So, what keeps you up at night, Pat?

PAT:  Making sure that we keep track of the right information for each customer. Each of our accounts has different needs and priorities. For example, we have two Australian customers and they're really extremely focused on an APAC country. So, we gotta really be tracking APT40 and stuff like that, while understanding that our Japanese customers are focused on other types of threats

MICHAEL:  What is it like for you to work at Trellix?

PAT:  The people. My team. The APG, I gotta give it to the guys here. We’re a close-knit crew alright, and we've gotten really close with our advanced threat research arm of Trellix Labs in Europe. These guys are like brothers and sisters to me. We work together. Party together. Go see ball games together. When we interview people, we do it in a group setting. They need to be technically superior, but also comfortable with our culture. Like we ask them a few off-the-wall questions – just to see how they relate interpersonally and are confident in expressing themselves as individuals. One time (laughing), we asked this guy to basically stand up and scream an expletive. And he did! We loved it. Everyone laughed. He got the job. And he’s still with us.

MICHAEL:  (Laughing) I love that story. That’s different. I think I’d have a lot of fun working with you guys.

PAT:  (Also laughing). Come on over anytime, Michael. We’ll make a frontline cybersecurity warfighter out of you overnight

Get the latest

Stay up to date with the latest cybersecurity trends, best practices, security vulnerabilities, and so much more.
Please enter a valid email address.

Zero spam. Unsubscribe at any time.