Consortium of Leading Cyber Technology and Insurance Providers Announce the Launch of SafeHouseInitiative.org
January 17, 2023
No Comments
In today’s rapidly evolving cyber threat landscape, defending national infrastructure requires an innovative and collaborative approach. The fusion of public and private sector expertise is no longer optional—it’s essential. Luke Tenery, Partner at StoneTurn and a seasoned cybersecurity leader with a background at Kroll, offers profound insights into this dynamic interplay. Drawing from his vast experience in digital forensics, incident response, and partnerships with federal agencies, Luke paints a vivid picture of how federal cyber enterprises are transforming threat pursuit and defense strategies.
Listen to the original podcast here: https://safehouseinitiative.org/navigating-the-future-federal-enterprise-prototypes-in-threat-pursuit-part-1/
Luke’s journey began at a small university in Nashville, where a persistent drive led him to an internship at System X, a modest company that eventually became part of Kroll, a well-known investigations and risk management firm. This early experience was foundational, exposing him to the emerging field of digital forensics, then called “high-tech investigations.”
“I was brought into Kroll’s national consulting practice around the time Enron was going bankrupt,” Luke recalls. “Kroll’s turnaround restructuring group needed IT resources for data management and litigation support. But they also saw the writing on the wall with security, which was a huge turning point.”
This period marked the beginning of Luke’s deep dive into cybersecurity, as Kroll invested heavily in digital forensics and high-tech investigations. He honed his skills, self-studying for certifications like the CISSP while traveling extensively and witnessed the cybersecurity field mature alongside the rise of data breach laws around 2008.
As nation-state cyber activities increased, enterprises struggled to detect and mitigate advanced persistent threats. Luke had the opportunity to work under leaders from federal law enforcement who taught him how to identify indicators of compromise and respond effectively.
“That was a huge turning point for the industry,” he says. “We had all these new technologies to solve problems, but we also needed the right mindset and expertise.”
Luke’s career took an entrepreneurial turn when he co-founded the cybersecurity practice at Ankura before moving to StoneTurn, where he embraced an even more innovative approach. It was here that he met Daron Hartvigsen, a former Air Force threat hunter with the Office of Special Investigations (OSI), whose public sector experience complemented Luke’s private sector background perfectly.
Luke highlights the importance of continuously refreshing the team with diverse subject matter experts. He credits mentors like Tim Ryan, former FBI leader of the largest cyber and computer forensics crime lab in the country, for emphasizing this approach.
“We really needed to update our fleet constantly bringing in new subject matter expertise to stay relevant and on the edge.”
Through introductions facilitated by advisors such as Admiral Paul Becker, Luke connected with Daron, whose threat pursuit work in the Air Force brought invaluable frontline insight. Their partnership became a “match made in heaven,” blending mission-driven culture with technical prowess.
What sets apart successful cybersecurity teams, Luke explains, is not just technical skill but a shared commitment to mission and values. When interviewing Darren, the cultural fit was as important as his knowledge.
“He was all about building something that served a missional set of values. That inspired me to go beyond just delivering strategic value to clients, but to serve right by our clients and our country.”
This mission-first mindset has shaped StoneTurn’s approach, influencing how they build teams and engage with clients in both the private sector and government.
Since integrating Daron’s expertise, StoneTurn has continued to bring in talent from law enforcement and national security agencies, creating a diversified strategy that strengthens their threat pursuit capabilities.
One example Luke shares is their work with firms subject to oversight by the Committee on Foreign Investment in the United States (CFIUS), which evaluates foreign investments for national security risks. This regulatory environment has grown increasingly complex, especially with concerns about foreign entities like China acquiring influence in U.S. companies.
“The government has formed active entities that do inquiries and oversight for firms taking investment from foreign entities,” Luke explains. “That’s been going on for decades but has taken on new urgency with national security concerns.”
StoneTurn’s team also works with clients navigating new regulations from agencies like CISA, which has started transactional oversight related to U.S. citizens’ data handled by foreign-owned companies. The Department of Justice’s recent moves on bulk data processing regulations further emphasize the national security implications of cybersecurity.
Luke stresses that commercial entities must increasingly integrate public sector expertise to navigate this complex landscape.
“Our national security and businesses are so interrelated that you almost have to have this marriage of public and private sectors within commercial entities.”
He notes that many organizations underestimate how sensitive their data and infrastructure are from a national security standpoint. The openness of the U.S. internet and the reliance on private enterprise for critical infrastructure make public-private collaboration essential for effective defense.
Luke offers a sobering perspective on the geopolitical and economic forces shaping cybersecurity.
“We’re in a pretty critical time globally. Cyber impacts are playing out in real time with hybrid warfare, economic tensions, and technological battles.”
He points out that anti-globalization trends and shifting attitudes toward cross-border data flows are creating new challenges for organizations. For instance, executive protection and the security of information crossing borders have become paramount concerns, with nation-states treating these data flows with increasing scrutiny.
When asked what one thing organizations can do today to improve their cybersecurity posture, Luke offers two clear steps:
He emphasizes the importance of moving beyond traditional point-in-time assessments toward a more dynamic, “team of teams” approach that fosters agility and continuous adaptation.
“Organizations that can adapt with just-in-time, adaptive cybersecurity strategies will have stronger infrastructure as the landscape becomes more pliable.”
Luke’s insights underscore a broader vision of a federal cyber enterprise that is proactive, agile, and deeply integrated between public and private sectors. This vision reflects a necessary evolution in how we safeguard national security and critical infrastructure in an era defined by sophisticated threats and complex regulatory environments.
As cyber threats continue to evolve, the demand for professionals who understand both the technical and mission-driven aspects of cybersecurity will only grow. Luke’s journey—from a small university internship to leading cutting-edge cyber practices—illustrates the power of diverse experiences, continuous learning, and the unwavering commitment to mission that drives effective threat pursuit.
Defending our nation’s cyber infrastructure requires more than just technology—it demands a fusion of expertise, culture, and mission-driven leadership that bridges public and private sectors. Luke Tenery’s experiences and reflections provide a roadmap for organizations seeking to navigate this complex terrain.
By continuously refreshing teams with diverse talent, embracing a mission-first culture, and adapting to the ever-changing geopolitical and technological landscape, organizations can build resilient cyber defenses that protect both their business interests and national security.
As we look to the future, the collaboration between government agencies, private companies, and cybersecurity professionals will be the cornerstone of a safer, more secure digital world.
For more information about the SafeHouse Initiative and how you can protect your organization, visit safehouseinitiative.org.
