Top 3 Leadership Pitfalls in a Security Operations Center

Posted by Jeff Schroeder on Mar 9, 2015 8:51:00 PM

 Security Operations Centers (SOC) provide businesses with the ability to see what’s going on in order to respond accordingly. SOC teams rely on the ability to learn skills and processes on-the-fly to meet expectations from stakeholders across the business and combat an ever evolving persistent cyber threat. One of the critical contributors to any SOC’s success is skill availability. While technical experts and vendors have done great work building cybersecurity solutions, a SOC is nothing without the right people.

Read More

Topics: Security, Security Leadership, Security Operations Center, SOC

The Security Perception Versus Reality

Posted by Kris Kimmerle on Jan 18, 2015 8:25:00 PM


In today's hyper connected digital world, information technology reigns absolute. A long standing and critical strategy for businesses is to safeguard their intellectual property, financial information, and reputation. Yet in just about every vertical market, large scale cybersecurity breaches continue to mount, security spending is down, and data trends point to an alarming increase and acceleration in enterprise breaches over the next few years. Simply put, businesses are struggling to find the right cybersecurity approach in today’s hyper connected digital world.

Read More

Topics: Security Leadership

Security Means Managing What You Already Own First

Posted by Eric Noonan on Dec 11, 2014 8:35:00 PM


A trend that I have picked up on in conversations with CIO’s, CISO’s and other leaders responsible for securing the enterprise is the huge gap between what they need and what many vendors are marketing. Security leaders in the trenches need solutions to optimize and integrate existing tool investments, manage security capabilities in a coordinated way, and a means for engaging in business conversations about the security they deliver. Vendors seem focused on marketing the future and selling more capability into already resource-strapped security teams that can’t even effectively use the tools they already own due to an under investment in people and process.

Read More

Topics: Security Leadership, Security Program Development

The Sony Breach and The U.S. Government's Responsibility to Act

Posted by Eric Noonan on Dec 2, 2014 8:39:00 PM


The last week or so marks what I would describe as an unprecedented shift in the impact of cyber attacks with the Sony breach. I run from the constant fear, uncertainty and doubt (FUD) that gets circulated and recirculated by vendors and media outlets but I see this attack and more specifically the impact as different for several reasons. The Sony attack is also a call to action for the government of the United States to get their act together on cyber security and DO something to help American businesses large and small better defend themselves.

Read More

Topics: Security, Security Leadership

You Can't Do It Alone

Posted by Eric Noonan on Nov 26, 2014 8:39:00 PM


When I was a CISO for a global defense company, I realized that a company of any significant size or complexity could never “do” security for themselves. Why can’t big companies go it alone? Partly because of specific resources and expertise that is not resident in-house and partly because of all the things that compete with delivering security, namely projects, politics, personalities, egos and all the other fun stuff that comes with being in a big company. Political correctness and all of the other impediments of a big company naturally get in the way of delivering actual security. Executives have pet projects that compete with core mission requirements and day to day security falls behind.

Read More

Topics: Security, Security Leadership

5 Things You Should Do Right Now To Reduce Risk

Posted by Eric Noonan on Mar 1, 2013 8:16:00 PM

 

Read More

Topics: Roadshows, CyberArk, Business, eGRC, Security Leadership, RSA ARcher, Security Assessment, Information Sharing

How CyberSheath Adds Value...

Posted by Eric Noonan on Feb 28, 2013 8:20:00 PM

 

Read More

Topics: Roadshows, CyberArk, Business, eGRC, Automation, Security Leadership, RSA ARcher, Security Program Development, Security Assessment

Can you see the bigger picture?

Posted by Eric Noonan on Feb 26, 2013 8:27:00 PM

 

Read More

Topics: Roadshows, Business, Security, eGRC, Security Leadership, RSA ARcher

Big Data & The Dentist

Posted by Eric Noonan on Feb 26, 2013 8:23:00 PM

 

Read More

Topics: Roadshows, Business, eGRC, Security Leadership, Privileged Accounts, RSA ARcher, Security Program Development, Security Assessment

RSA 2013

Posted by Eric Noonan on Feb 25, 2013 8:31:00 PM

All checked in @RSA 2013 here in San Francisco!

Read More

Topics: Roadshows, Business, Security, eGRC, Security Leadership, RSA ARcher