Dr. Trevor Lewis - Discovering the Unknown Problems, Designing the Future for Cyber

11.18.2024 | rmacedonia3

Embark on a deep dive with Dr. Trevor Lewis, a critical part of GTRI’s CIPHER lab. As witty as he is wise, Dr. Lewis has become an emblem of both expertise and enthusiasm, making him an absolute favorite amongst students. Infusing Steve Jobs' ethos, "You have to have a wrong that you want to right," Dr. Lewis tirelessly delves into discovering the unknown problems of the cyber realm, crafting designs for a more secure digital landscape. Channeling the spirit of Steve Rogers (a.k.a. Captain America), he believes, "The world is in our hands... and we have to do something with it." Join us for an illuminating journey with a man who not only charts the unseen challenges of today's digital landscapes but also ensures every lesson is laced with humor and insight.

Could you give us an overview of your specific area of expertise and research? 

My expertise and research primarily focus on both offensive and defensive cybersecurity. This encompasses areas like penetration testing, red teaming, cyber threat emulation, attack chain development, and exploit development. Additionally, I delve into Offensive Cyber Operations (OCO), Defensive Cyber Operations (DCO), threat hunting, network and endpoint attack detection, and security tool analysis and reverse engineering. At GTRI, our team frequently collaborates with government and commercial organizations to simulate cyber-attacker techniques, identify system vulnerabilities, and design strategies to bolster defenses against real threats.

What initially sparked your interest in this field? How did your career path lead you to join GTRI?

My fascination with "hacking" began during my high school years and led me to study Information Technology and Information Security in college. I started my professional journey in Information Technology (IT), specifically in roles related to server/infrastructure and network engineering. Later, as I transitioned to defensive cybersecurity roles, I realized I needed to know how to attack systems if I really wanted to defend them. I dedicated a lot of personal hours earning the Offensive Security Certified Professional (OSCP) certification, which requires students to prove their “hacking” skills in a 24-hour exam. This certification set the stage for my journey to GTRI, and I have been here ever since. 

Tell us about some of your most meaningful or impactful research projects at GTRI. 

Selecting a single project as the most impactful is challenging, given that each has held its own significance. Our team's role at GTRI, emulating cyber attackers to uncover system vulnerabilities, has provided us with a vast range of experiences across diverse industries and systems. Personally, the greatest fulfillment comes from realizing my contributions to enhancing the security of power grids, critical infrastructure, and national defense systems against genuine cyber threats.

How has your research directly contributed to advancements in the defense industry? Are there any examples you can share of your work being implemented in real-world applications?

Collaborating with government and commercial sponsors at GTRI, our research has tangible impacts on critical missions, enhancing the security of both our state and nation.

As a researcher, you deal with highly complex subject matter. How do you make your findings understandable and accessible when teaching non-technical students?

Throughout my career, I have recognized that cybersecurity knowledge is sequential and graduated. It begins with foundational concepts, with each topic building upon the previous. Understanding this progression allows me to present complex subjects to audiences with varying levels of expertise. As students deepen their understanding, I adapt my teaching methods, unlocking new levels of comprehension for the students.

How do you leverage your own expertise and research when designing and teaching courses at GTRI? 

Our extensive experience in assessing very diverse systems across industries grants us a unique perspective on the real problems within our industry. We encounter countless vulnerabilities of all classes, errors, and misconceptions regarding defensive capabilities in the systems we evaluate. These unique insights are the driving force behind creating professional education curriculum that is unparalleled in the cybersecurity domain. We strive to not only perform the research that has real-world impacts, but also create and teach curriculum based on this research to change the industry one student at a time.

What key skills and knowledge do you aim to impart to students who take your courses? 

To effectively safeguard systems against current and future threats, students must understand the nuances of how systems are attacked. It is critical to gain a foundational understanding of how different types of vulnerabilities in a system can be exploited in a chain to achieve a larger goal. Once this understanding is achieved, students will be able to see all of the permutations of possibilities available to attackers, how inadequate current defenses are, and be able to design defenses that counter future threats. Just as in a battlefield, understanding the nature of attacks and recognizing the strengths and vulnerabilities of defenses will allow your forces to be able to adapt, fight, and win. My courses, spanning both offensive and defensive cyber topics, emphasize these aspects of the battlespace, often through immersive hands-on labs.

Looking towards the future landscape of cybersecurity, what emerging issues demand the greatest attention from researchers in your area of expertise?

Cybersecurity, both as a discipline and science, is poised to be this century's focal point. While current buzzwords include Artificial Intelligence (AI) and Machine Learning (ML), a persistent challenge is the evolving complexity of attacker techniques and the flawed assumption that defensive technologies alone will stop future attacks. The cybersecurity technology industry is growing exponentially with new capabilities introduced each year, but safety against attacks is not guaranteed. Deep technical understanding of how vulnerabilities are exploited and how defensive technologies function are vital for pinpointing vulnerabilities and weaknesses in defensive technologies. If defensive technologies are not analyzed for weaknesses in detecting attacks, attack complexity will continue to increase and defenses will always be behind the curve.

What makes the GTRI educational experience unique for students interested in defense technology compared to other institutions? 

GTRI's distinctiveness stems from the unique projects and challenges our researchers tackle, offering a depth of experience unparalleled by other institutions. We shape our curriculum, a blend of theory and hands-on practice, based on this real-world experience.  From radar, to electromagnetic warfare, to the most complex cyber topics that I teach, we strive to give students the tools and the methodologies needed to immediately make an impact in their own careers.

Is there any last advice you would give to those considering a career in your field of research?

To excel in cybersecurity, one must master the art of thinking like an adversary. Regardless of your chosen cybersecurity specialization, you must constantly challenge assumptions by asking, “How can X be broken?” This mindset uncovers hidden flaws before malicious actors can exploit them. Never stop learning. Expose yourself to as many areas of computer science, information technology, and cybersecurity as you can. Cybersecurity professionals are a rare breed. This fight is real and it is our responsibility to defend our digital world.

More Podcast Episodes

This episode features Chris Olinde, co-lead for the Sparking Technology Innovation and Growth (STING) professional development program.