Sandi Moore

Sandi Moore

Sr. Solutions Engineer
Fortra
 

Sandi has been working with Fortra customers for over 20 years supporting systems monitoring and security software. With experience on IBM i, AIX, and Linux, she has been involved in product demonstrations, implementation, support, training, research, and product testing. Sandi is also a Certified Professional Forensics Analyst (CPFA) and a Certified Data Privacy Practitioner (CDPP).

In her time at Fortra, Sandi has helped customers understand how to effectively address the threats they face. Her goal is to help people achieve the best solution to their IT problems, no matter how many servers are in their environment or where in the world they’re located.

Organizations throughout the public and private sectors have relied on Sandi’s expertise, whether they’re seeking to proactively protect their systems or improve security controls after a malware attack. Sandi has shared her knowledge at multiple user group conferences, including COMMON.

 

External Resources from Sandi Moore: 

 

Q & A with Sandi:

What’s the most interesting or impactful project that you’ve had the chance to work on, whether its with a customer or internally developing products?

Probably the implementation of the anti ransomware functionality in Powertech Antivirus. It's a game changer for customers because it effectively solves the issue of ransomware damaging their core servers. In terms of my involvement in the development of this functionality, I took the lead in asking for it. Working with customers and seeing firsthand how they have been impacted by these ransomware attacks, I felt very strongly that this is something that we needed to be offering.

 

What would you say is the biggest barrier holding customers back from strengthening their security?

Specifically, for IBM i it's the misperception that it's already a secure platform. This reliance on security by obscurity is the biggest thing preventing customers from being proactive in their security efforts. Many go under the assumption that, because their users don’t know how to use the system outside of their small interface and because the IBM i is not a well-known platform, there’s little threat of any internal or external bad actors. However, just like any other platform, there are threat actors with knowledge of the IBM i and there preferred method involves taking advantage of compromised user credentials.  

 

What changes do you foresee in the world of cybersecurity in the coming years?

I think it's going to be taken more seriously. I think that the attacks are going to continue. The ransomware attacks are going to continue and it is going to drive companies to finally take action.
I also think AI is going to potentially play a part in increasing the severity and volume of attacks. So I don't think it's going to get better, unfortunately. I think that the attacks are going to intensify and I think they're going to become more sophisticated and it's going to be more difficult to anticipate what's going to come next.

 

Have you ever worked with a customer that was in the midst of, or recovering from, a ransomware attack?

Yes, just last week. I find it sad because these individuals who are tasked with the cleanup have probably been saying over the years, “Hey, we should probably address security on the system” and they’ve been told that it’s not a problem or that they have nothing to worry about. And now, they're the ones dealing with the fallout. The customer I'm currently just wrapped up working with had 185,000 files encrypted on their server and they have been down for two weeks and they are still recovering.

They are limping along now you can just hear the exhaustion in their voices as they try to do everything they can to get back online and running. It's absolutely devastating for everyone involved.
Sometimes customers don't share that they are recovering from an attack, but they say that they had “an incident” and you can hear in their voice that it was severe – and that they’ve dedicated endless hours and weekends to working to try to bring everything back online.

Contributions From Sandi Moore