CIO Influence Interview with Brett Walkenhorst, CTO of Bastille

Brett Walkenhorst, CTO of Bastille in this quick chat talks about software-defined radio and machine learning in threat detection, RF system security, and threat intelligence.

———–

Hi Brett, tell us about yourself and your journey at Bastille.

For most of my career, I’ve worked in wireless technology. I spent some time at Lucent Bell Labs as an RF engineer, designing base stations. I then got my Ph.D. at Georgia Tech and worked for several years at the Georgia Tech Research Institute on various wireless, RF, and signal processing R&D projects. I’ve also spent time working in antenna measurements, radar technology, electronic warfare, signals intelligence, and other related areas.

I joined Bastille about three years ago as the Chief Technology Officer, where I lead the R&D and threat research efforts of the company. I also support the company’s sales and marketing efforts as well as company strategy.

As a CTO, what unique expertise are you applying in RF systems to lead Bastille’s R&D efforts?

A major focus right now is building out and maintaining our threat library. This will be an ongoing effort for the foreseeable future as threat actors continue to develop new capabilities that Bastille needs to be able to detect.

Bastille uses software-defined radio and machine learning to detect threats. How do these technologies work together to provide robust security solutions for enterprises?

Bastille leverages software-defined radio (SDR) to deliver unparalleled enterprise security by addressing threats in the often-overlooked radio frequency (RF) spectrum. SDR allows the system to flexibly monitor a wide range of frequencies and protocols without needing specialized hardware for each. It collects raw RF signals from various devices, including IoT and mobile devices, enabling comprehensive monitoring of the wireless environment. Bastille also analyzes these signals (using logic, heuristics, and machine learning) in real-time to detect anomalies, unauthorized transmissions, or potential threats. Bastille provides enterprises with a proactive security layer. It identifies vulnerabilities and stops attacks in the RF spectrum—an area increasingly exploited by attackers—before they can affect critical systems or data.

The global IoT market is expected to reach USD 650.5 billion by 2026. What challenges do these devices pose, and how is Bastille’s technology evolving to address these new threat vectors?

As IoT devices proliferate across industries, they increase the attack surface for bad actors, particularly in the RF spectrum. Many IoT devices operate on diverse and often unmonitored RF protocols, making them potential entry points for cyberattacks, eavesdropping, or data exfiltration.

Bastille Networks addresses these evolving threats by continuously monitoring and analyzing RF signals to detect unauthorized devices, anomalous behaviors, and emerging threats in real time.

As IoT adoption accelerates, Bastille is evolving its capabilities to handle the growing diversity of IoT protocols, improve response times, and enhance predictive threat detection. By empowering enterprises with actionable insights into their RF environments, Bastille ensures they can secure their networks and data against the ever-expanding landscape of IoT vulnerabilities.

What approaches do you take to cultivate an environment of innovation within Bastille, and how do you encourage collaborative efforts with other tech leaders? Diversity drives innovation. Can you discuss Bastille’s initiatives to promote diversity within your teams and in the broader technology landscape?

At Bastille, cultivating innovation is at the heart of our mission to redefine security in the radio frequency spectrum. To foster an environment of creativity and ingenuity, we encourage our team members to think outside the box and challenge conventional security paradigms, invest in professional development programs, workshops, and access to the latest tools and technologies, and actively collaborate with other tech leaders, government agencies, and key industry groups. These partnerships allow us to share insights, co-develop solutions, and remain agile in addressing emerging challenges.

Diversity is a cornerstone of our innovation strategy. We recognize that diverse teams bring unique perspectives, fostering richer problem-solving and more creative solutions. To promote diversity, we actively recruit talent from varied backgrounds and support diversity-focused tech initiatives that advocate for greater inclusion in the broader technology landscape.

At Bastille, we believe that innovation and diversity are inextricably linked. By fostering an inclusive and collaborative culture, we’re not only advancing RF security but also contributing to a more equitable and innovative technology industry.

Can you briefly discuss the SECDEF memo implications and how Bastille is helping government agencies comply with the recently mandated security requirements?

Bastille offers a comprehensive and effective wireless detection and localization solution that uses passive (zero transmissions) radio frequency (RF) sensors to provide comprehensive monitoring of secure facilities. Unlike traditional lobby-based detection systems, which are prone to false alarms and often miss critical threats, Bastille’s system provides comprehensive and continuous detection and localization with decoders for multiple protocols, leading to high detection confidence. When Bastille decodes a packet, there is no doubt that a wireless device sent it. This allows for accurate identification of unauthorized devices, whitelisting of approved devices, and zero false alarms for device detection. Bastille’s technology is certified by NIAP / Common Criteria to protect against cellular and other wireless threats in classified areas.

Looking forward, which emerging technologies do you believe will significantly influence RF system security and threat intelligence?

At Bastille, we closely monitor developments to stay ahead of emerging threats. While I don’t see new technologies playing a big role in threat development, I do see trends that contribute to new threats including gradual capability enhancements, form factor reductions, and ease of access to hardware and software, making threats more available to a wider community. The interconnectedness among adversaries and threat groups poses additional challenges. Those exchanges can lead to clever attacks using different combinations of existing technologies as adversaries learn from one another.

An example of how these trends play out can be seen in recent Wi-Fi attacks. In 2018, four GRU agents were apprehended in the Netherlands while conducting Wi-Fi attacks against a non-governmental organization. Proximity-based attacks were the way we did wireless hacking at the time, but that put attackers like those GRU agents at risk, so attackers got smarter. In 2022, a drone-based Wi-Fi attack was discovered after it had successfully penetrated its target network. A drone delivery mechanism to the rooftop of a target organization was a clever way of removing the attackers’ need for physical proximity, using the cellular network to command and control the attackers’ hardware on the drones. Also in 2022, a Russian APT hacked a target organization by first attacking organizations nearby, then pivoted to wireless and attacked their primary target’s Wi-Fi network. This attack was done while the attackers were on the other side of the world from their target. No new technologies were used in these attacks, but clever combinations and repurposing of existing technology led to new attack chains that were incredibly successful. I expect we’ll see more attacks along those lines with an increasing reliance on wireless as part of the attack chain.

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]