Nothing, just every time I sit around to think about ADHD I inevitably see all the abuse I've been through in front of my eyes again.

Now I just want to go cry in a corner.

The truth is that... I don't have any superpowers. I'm a 2x dropout. I cannot remember years of my life and the memories i have are extremely fragmented and difficult to put together. If I didn't have ADHD I wouldn't have been abused causing trauma that will never go away. I barely graduated high school - it took me 7 years instead of 5, I was too depressed to get out of bed at a certain point -and for some reason I thought I could do physics. And I can understand very difficult concepts, they don't fly over my head. But my country universities are completely unstructured. I got told "do these things in a three months time", so I couldn't keep up (and I also had chronic pain). I just cannot. I need a degree to keep going with my career but at this point I 100% believe it's over my possibilities, so I don't think I will ever reach the role of a SOC manager or a CISO.

I struggle daily to daily because all my energy goes to my job and when I'm done I'm exhausted. I have to make my boyfriend that does a physical heavy job (he is a factory worker) do 70% of the stuff because I just cannot. I do want to, but everything goes out of the window because I spent my whole day trying to focus. And he needs to double check because I forget. I forget to do laundry, I forget to take out the laundry and it then smells bad and I need to rewash it, then I forget it again. I don't miss my cats stuff because they are annoying.

While I'm actively monitoring I sometimes forget what I'm doing. And with sometimes I mean twice a day. Then I remembered and I have 10 alerts to analyse and then I get distracted again. It doesn't compromise the quality of my analysis for a miracle. Because I triple check everything, but I'm slower than my coworkers.

I called a customer yesterday because I contained his asset from the network (which is a very invasive operation) and I couldn't remember for the sake of my life if he disabled the email only or the whole o365 account. I still don't know. And it's a problem because I need to report to my coworkers and I will definitely look like an idiot if I gave them the wrong information. (They know about my ADHD and are very understanding)

I say"I need to reply to that email" and it's four months and now it's unacceptable to do this.

I recently failed a job interview because I forgot crucial information at the wrong time. I rely a lot on my notes and mindmaps which are great if you do intelligence analysis, but not that great when people expect you to remember everything.

I forgot to pay my water bill for 6 months because it got lost. I misplaced it, everyone thought it was being paid and it wasn't. (Idk how I didn't get my water shut off. Learned my lesson and now it get out directly from my bank account).

I forget to call my family for weeks because to me time makes no sense. Which is the reason why I struggle so much with my very necessary self study things. I need to get them done. I don't have the brain parts required to do that.

It's so awful, I get help but it cannot change the biology of my brain. I hope I will get some sort of "cure", although I rationally know it's impossible.

I'm scared to have kids because no way I'm condemning someone else to the amount of daily struggle I have. Especially my own child!

This is what living with ADHD actually looks like. Failing over and over again, and if you have good people around they will not mind that much, but I admit I wouldn't give me half of the slack my loved ones do to me. It's not the secret of any success, it doesn't make me "creative" or anything. In fact, I would have written how much stuff if I could finish what I start! How many things could I have done! I'd be a physics professor now. I'd have a PhD or something. I wouldn't have lost a decade of my life (1/3 of my life) to depression and anxiety.

Not that I have a bad job, I love my job, I earn more than I would have if I actually stayed in physics. even if things turned good for me that doesn't mean I don't miss what I could have been.

March was a lean time, but that’s how it goes when we’re all waking up from winter. A few new Phantom offerings, regardless!

The Masque of Crimson Shadow by R. L. Davennor is the sequel to the earlier The Hells of Notre Dame, and like that book seems to be mashing the Phantom story up with another classic horror tale (in this case, Poe’s Masque of the Red Death, which of course we know our boy Erik is a fan of, has been added on top of The Hunchback of Notre Dame!).

Phantom by Kyshian N. Mertens goes a bit wide, featuring a main character who is a fashion model rather than an actress, but the setup of her loving (and connected in the industry) boyfriend and her big debut coming up being interrupted by a mysterious phantom figure who demands she think about how she got here is very familiar...

Found a Phantom is a new podcast by Kevin Vonesper, featuring discussion of the many versions of the Phantom story as well as interviews with related figures; there are eighteen episodes up as I write this and you can hear interviews with film directors and Broadway production members, as well as an ongoing “book club” feature to read the novel together.

Finally, The Phantom CISO by Mishaal Khan and Hisham Zahid has nothing to do with the Phantom story - it’s a book encouraging Chief Information Security Officers to get more involved in the organizations they work for. But I included it because the use of the mask is clearly a shout-out to the Phantom based solely on the name, as is the mirror-cracked font meant to evoke the Lloyd Webber show, and I always find that stuff hilarious. Please buy our book about internet security, we put your favorite singing goblin on it!

And that’s it for March! Come on, new springtime Phantoms!

Nabil Hannan, Field CISO at NetSPI – Interview Series

New Post has been published on https://thedigitalinsider.com/nabil-hannan-field-ciso-at-netspi-interview-series/

Nabil Hannan, Field CISO at NetSPI – Interview Series

Nabil Hannan is the Field CISO (Chief Information Security Officer) at NetSPI. He leads the company’s advisory consulting practice, focusing on helping clients solve their cyber security assessment and threat andvulnerability management needs. His background is in building and improving effective software security initiatives, with deep expertise in the financial services sector.

NetSPI is a proactive security solution designed to discover, prioritize, and remediate the most critical security vulnerabilities. It helps organizations protect what matters most to their business by enabling a proactive approach to cybersecurity with greater clarity, speed, and scale than ever before.

Can you share a bit about your journey in cybersecurity and what led you to join NetSPI?

I’ve been programming since I was seven years old. Technology has always excited me because I wanted to know how things worked, which consequently led me to take a lot of things apart and learn how to put them back together at a young age.

While studying computer science in college, I began my career at Blackberry, where I worked as a product manager for the Blackberry Messenger Platform and became interested in hardware design. From there, I was recruited to join a small company in the application security domain – I was so passionate about it that I was willing to move to a new country to get the job.

When I consider my journey in cybersecurity, it started from the bottom up. I began as an associate consultant doing penetration testing, code review, threat modeling, hardware testing, and whatever else my bosses threw my way. Eventually, I worked my way up to building a penetration testing service for Cigital, which later got acquired by Synopsys. All of this led me to NetSPI to help support its growth trajectory in the proactive security space.

How has your experience in the financial services sector shaped your approach to cybersecurity?

While working at Synopsys, I helped build the strategy for selling security services and products to the financial services industry. So, while I wasn’t directly working in financial services, I was responsible for building strategies for that sector, which required diving deep into that vertical to understand its drivers and pain points.

Growing up in the technology space, I spent quite a bit of time working with large financial services organizations across the globe. Having that background, I focused my time and skills on developing a strategy for targeting and building services tailored to the financial services industry as a whole.

The biggest thing I’ve learned from exposure to the financial services sector is that hackers go where the money is. Hackers are not in this just for fun; it’s their source of income. They go where there’s the most financial impact – whether it be actually stealing money in some form or causing financial harm to an organization. That mindset has helped shape my understanding of cybersecurity and led me to be successful in my current role as a Field CISO.

With cyber threats evolving rapidly, what do you see as the biggest cybersecurity challenges organizations face today?

The biggest challenge today is the speed at which every organization needs to operate to combat evolving threats and keep pace with emerging technology, like AI. Historically, there was a waterfall methodology for building software, which wasn’t necessarily a fast process compared to how quickly software is deployed today. Now, we have a much more agile methodology, where organizations are trying to build software and release it to production as fast as possible and do more bite-sized implementations.

The last 10 years have shown rapid change and acceleration in the security ecosystem. This is causing many issues for large organizations, like shadow IT, making it harder to gain insight into their attack surface and assets. You can’t protect what you can’t see.

Cloud adoption adds to this fire – the more people adapt, adopt, and migrate to the cloud, the more elastic the software systems and assets become. The ability to scale software and hardware up and down in an elastic way makes change even more difficult to manage. As systems are built with elastic potential, you cause challenges where assets change ownership more frequently and create opportunities for bad actors to find ways into an organization.

How do you think the cybersecurity landscape will change over the next five years?

The need for greater visibility into both external and internal assets will continue to be important over the next five years and change how customers work with vendors. It’s already an area we’re heavily focused on at NetSPI. In June, we acquired a cyber asset attack surface management (CAASM) and cybersecurity posture management solution called Hubble Technology. Adding CAASM to our established external attack surface management (EASM) capabilities enables our customers to continuously identify new assets and risks, remediate security control blind spots, and gain a holistic view of their security posture by providing an accurate inventory of cyber assets, both external and internal – something that was missing in the industry up until this point.

Merging our EASM and CAASM capabilities into The NetSPI Platform allows us to provide customers with the tools they need to address ongoing visibility challenges. This also enhances the ability to accurately prioritize risks associated with assets and vulnerabilities. Additionally, it helps security leaders assess the exposure of their most important assets in relation to these risks.

How does NetSPI’s approach to vulnerability management differ from other companies in the industry?

Recently, we unveiled a new unified proactive security platform, which marries our Penetration Testing as a Service (PTaaS), External Attack Surface Management (EASM), Cyber Asset Attack Surface Management (CAASM), and Breach and Attack Simulation (BAS) technologies together in a single solution. With The NetSPI Platform, customers can take a proactive approach to cybersecurity with more clarity, speed, and scale than ever before. This new proactive approach mirrors trends we’re seeing in the industry, and the shift away from disparate point solutions, and toward the rapid adoption of more holistic, end-to-end platform services.

How is AI being used to enhance cybersecurity measures at NetSPI?

Like any cybersecurity leader will tell you, AI has the potential to catalyze business success, but it also has the potential to feed adversarial attacks. At NetSPI, we’re trying to help our customers stay ahead of the curve by implementing AI/ML penetration testing models, which ensures security is considered from ideation to implementation by identifying, analyzing, and mitigating the risks associated with adversarial attacks on ML systems, with an emphasis on LLMs. In cybersecurity, AI capabilities have enhanced and adopted our ability to monitor and remediate threats in real time.

What are the potential risks associated with AI in cybersecurity, and how can they be mitigated?

Based on conversations I’m having with other cybersecurity leaders, the biggest AI risk is organizations’ lack of basic data and cybersecurity hygiene. As we know, AI solutions are only as effective as the data the models are trained on. If organizations don’t have a firm grasp on data inventory and classification, then there’s a risk that their models will suffer and be prone to security gaps.

When people see the word “intelligence” in AI, they mistake it for being “inherently intelligent” or even having some type of sentience. But that is not the case. Security practitioners still need to program AI models to make them understand what assets are personal, private, public, and so on. Without those mechanisms, AI can descend into chaos. That, in my opinion, is the biggest concern among CISOs right now.

Can you elaborate on how NetSPI’s Penetration Testing as a Service (PTaaS) helps organizations maintain robust security?

Penetration testing is critical to an organization’s overall cybersecurity posture because it gives teams greater context into vulnerabilities specific to their business.

Penetration testing is also a great litmus test to see how effective other security controls, like code review, threat modeling, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), and others that you may have implemented previously, are.

Regular penetration testing fosters real-time collaboration with security experts which can bring another perspective that adds more depth to data. At the end of a successful pentest, organizations will have better insight into which parts of their IT environment are more susceptible to breaches. When a pentest detects vulnerabilities, they will often highlight gaps in controls earlier in the lifecycle or controls that are missing altogether. They’ll also understand how to achieve compliance, where to focus remediation efforts, and how IT and security teams can work together to stay on top of potential business implications.

By working with vendors that specialize in PTaaS to supplement a robust security posture, organizations can be more prepared to proactively prevent security incidents.

How do you integrate both technology and human expertise to provide comprehensive security solutions?

NetSPI believes you need both technology and humans to provide a sound strategy to stay ahead of known and unknown threats. Humans must be in the loop to validate, prioritize, and contextualize the outputs that tools generate. We’re not in the business of giving people false positives or generating noise, leading them to spend more time figuring out what really matters. In other words, you can have great technology, but you need someone to actually use it and interrupt it to be successful.

There are a lot of mundane tasks that AI can do faster and more accurately than humans. If technology can be built in a trustworthy manner, then that will allow us to automate certain tasks and free up time for security teams to turn their attention to more creative thinking and critical problem-solving that AI simply can’t replace.

What strategic advice do you typically offer clients to strengthen their cybersecurity posture?

A common trap people fall into is investing in things they understand. For example, a company may bring in a leader with a cloud security background. Naturally, they then focus on building out a cloud security team, instead of, say, compliance, network security, application security, and so on, where the organization might actually need the support.

It’s better to have a more well-rounded program that focuses on everything holistically. Then, you start building defense in depth and have controls that mitigate other failures you might have in different parts of the organization. Building a well-rounded program is better than investing more time, effort, and tooling into one particular sector.

Thank you for the great interview, readers who wish to learn more should visit NetSPI. 

Navigating Marketing Success: Insights from Holly Fisk, Senior Field Marketing Manager at Akamai Technologies

Holly Fisk, UKI Field Marketing Leader at Akamai Technologies, shares her marketing journey, and insights on planning effective field programs, fostering collaboration within integrated revenue organizations, and leveraging AI tools for success in today’s dynamic landscape.

Holly, we’re excited to have you on this interview series. What initially sparked your interest in marketing?

Likewise, thank you for inviting me to participate. When I was studying for my undergraduate degree in business studies, I had the option to specialise in either law, accounting, or marketing. Marketing had always been of interest to me as I had a passion for understanding what made consumers tick when making purchasing decisions. The consumer psychology module on my degree course cemented that marketing was an interest area for me. I wanted to learn more about how to meet consumer needs and requirements rather than just promoting on mass to an audience.

Get full insights@ https://itechseries.com/interviews/navigating-marketing-success-insights-holly-fisk-akamai/

When planning field marketing programs in the UKI’s ever-evolving cybersecurity and cloud computing space, what considerations do you prioritize?

Initially, I start with our target accounts for the region and, then overlay intent on top of that to determine which accounts are seeking cybersecurity or cloud solutions and within that, which areas of cybersecurity they are interested in. Next, I prioritise the immediate needs and concerns of the target audience, e.g., which sectors are most worried about ransomware attacks, which are more likely to be targeted by bots, what types of organisations are likely to want to reduce or optimise their cloud costs, and why. From this point, I consider who my target persona is i.e. is it the CISO or an Information Security Manager, and why. Who are the decision-makers, influencers, and evaluators within the organisation and where are they likely to be? I then consider the channel, i.e., should we go through our partner organisations to target these accounts or individuals? Which partners have relationships with these accounts? If not, utilising partner organisations, I consider which medium to utilise in my strategy, e.g., tradeshows or events—which types of these would be best. Do particular individuals and accounts respond better to digital programs, or is another initiative more appropriate or likely to be more effective? Budget remains at the forefront of my mind throughout, as does the ability to prove a strong ROI.

In an integrated revenue organization, how do you foster collaboration and alignment between marketing, sales, customer success, and RevOps teams?

Prove the success and communicate ‘what’s in it for them or ‘why should they be interested’. I bring sales and other teams into the loop early, make them feel involved, seek out their feedback, and take a hand-in-hand relationship approach with sales and other teams and stakeholders. I always provide opportunities for feedback, whether it be post-event, post-campaign, or post-program. This debriefing is vital to strengthening trust and fostering a continuous improvement approach. Furthermore, I always ensure that there are ample opportunities for feedback, whether it’s post-event, post-campaign, or during post-program debriefings. By consistently engaging with and listening to all stakeholders, we can better align our efforts, drive better results, and maintain strong, trusting relationships across the board.

Akamai recently participated as a lead sponsor at CYBERUK 2024.  From a go-to-market perspective, what key takeaways did you gain from this event as the UKI field marketing leader?

Exposure to the very best decision-makers in the industry and the chance to drive significant awareness of what Akamai has to offer were invaluable. CYBERUK 2024 was, without a doubt, the best event we’ve ever sponsored in the UK, providing a unique opportunity to connect with key stakeholders and showcase our solutions on a grand scale. I also learned that success as a field marketer isn’t about the number of events you run—it’s about the impact. Focusing on quality over quantity and investing more in high-impact events that you know will deliver a strong ROI is far more effective than spreading resources across numerous smaller events. This approach ensures that our efforts are concentrated on activities that truly move the needle and build lasting relationships.

Get the latest tech insights on GTM Library@ https://itechseries.com/gtm-library/

What has been the most challenging marketing program that you have led or been involved in?

Cyber UK 2024 was one of the most challenging marketing programs, primarily because it required a significant amount of work to ensure we maximized the benefits of our lead sponsorship. The stakes were high, and we needed to navigate the complexities to achieve our goals carefully, but in the end, it was well worth the effort.

Additionally, leading ABM initiatives in my previous organization presented its own set of challenges, particularly given our limited budget and resources. It was crucial to define the scope accurately from the outset, which we successfully did, but it was an extremely heavy lift to demonstrate the effectiveness of the approach. Despite the challenges, both experiences reinforced the importance of strategic planning, resourcefulness, and perseverance in delivering successful outcomes.

While evaluating the success of your marketing campaigns, which key metrics do you track most closely?

The number of net-new leads on our UKI target account list, which ones converted to marketing-quality leads, and which types of campaigns converted these. Also, how many touchpoints (and which touchpoints) sourced and influenced an opportunity? The velocity for an opportunity to progress is also vital. ROI is key. I closely monitor engagement metrics, such as email open rates and click-through rates, to assess the effectiveness of our messaging. Understanding customer journey analytics allows us to refine our targeting strategies and optimize future campaigns. Tracking customer feedback and satisfaction is equally important, as it provides insights into how our efforts resonate with our audience and can inform improvements moving forward.

As a marketing leader, how do you ensure that your teams are aligned, and laser-focused on the current goals?

Keeping priorities to a minimum and committing to those priorities. If direction needs to change, ensure the rationale for the direction change is explained clearly. It’s also essential to create a culture of transparency and open communication, where team members feel comfortable discussing challenges and sharing insights. I regularly check in with team members to assess progress and identify any obstacles that need to be addressed. By ensuring that team members deliver outcomes, we foster an environment that encourages collaboration and accountability. This results in a clear understanding across the team of how priorities map to the overall revenue goals of the company and ensures everyone is working towards a common objective.

Follow for more info: https://www.itechseries.com/

What advice can you offer fellow marketing leaders on incorporating AI tools into their marketing technology stack?

See what makes your life easier and how easy and fast it would be to embed AI within the tech stack.  It’s essential to evaluate AI tools that align with your specific marketing goals and processes. There is no one-size-fits-all approach here. So, look for platforms that can automate repetitive tasks, analyze data for actionable insights, and enhance personalization efforts in line with your marketing objectives. Make sure you collaborate with your team to identify pain points where AI can make a significant impact. AI for copy initiation is key for me. Also, investing time in training and support is crucial to ensuring your team can effectively utilize these tools, maximizing their potential for driving results.

Holly Fisk's insights offer a comprehensive guide for businesses attempting to navigate the complexities of field marketing, cybersecurity, and cloud computing. By incorporating these elements into your marketing strategy, leveraging AI and cloud-based tools, and focusing on measurable outcomes, you can achieve meaningful results and stay ahead of the competition.

mWISE Conference 2024: See Future Of Cybersecurity

The field of cybersecurity is always changing, and using collective intelligence to remain ahead of the curve is essential. The mWISE Conference 2024 offers you the opportunity to interact with the visionary thinkers influencing the future of cybersecurity and immerse yourself in the most recent threat intelligence and Cutting-Edge Technology

mWISE Conference 2024 is a three-year-old program that was specifically created by the security community for the security community. Attendees will share information, get insight from personal experiences, and view the most recent, tried-and-true solutions that are assisting organisations in fending off significant threats throughout the two-day event, which is vendor-neutral.

On September 18–19, at mWISE in Denver, Colorado, experts from Mandiant, Google Cloud, and the larger cybersecurity community will convene.

The keynote address: Expert perspectives

Feature the most recent information from luminaries and pioneers in security on keynote stage.

Kevin Mandia

The first day of the conference begins with statements from Google Cloud strategic security advisor Kevin Mandia. The threat environment and how organisations should secure their most valuable assets will be covered tactically.

Jen Easterly

What worries the Cybersecurity and Infrastructure Security Agency? CISA director Jen Easterly discusses the biggest cybersecurity issues on day two.

The growing cash cow of cyberspace

Groups and their affiliates are still being driven to increase operations and make additional investments in their businesses by the profitability of ransomware. Experts in cybercrime Brett Callow of FTI Consulting, Kimberly Goody of Mandiant, and Allan Liska of Recorded Future talk about the most recent data and trends surrounding ransomware, including a rise in aggressive extortion tactics, and how businesses may better protect themselves against and handle threats. Journalist Kim Zetter, an expert in cybersecurity and national security, will moderate the panel.

Defending against complex threats

Firsthand observations Mandiant Consulting’s CTO, Charles Carmakal, leads a mainstage conversation with seasoned business executives who have guided their companies through well-publicized cybersecurity incidents. Discover how cybersecurity leadership is changing in-depth, with insights that can be applied by professionals of all stripes.

John Hultquist

Leaders need to employ dynamic, frontline intelligence in the current threat scenario in order to anticipate changing enemies. John Hultquist, chief analyst at Mandiant Intelligence, examines the most recent front-line findings and solutions for the most pressing threats in a fireside chat.

What will they know when AI becomes intelligent?

Author and researcher David Eagleman analyses how artificial intelligence may surpass human intelligence and how google cloud might forecast it.

Large sessions: Dive deeply into the crucial cybersecurity problems of the day

Over 70 presentations covering nine tracks Cloud Security, Threat Intelligence, the Intersection of AI and Cybersecurity, Next Gen CISO, Security Engineering, Security Operations, Security Threats and Exploits are offered at this year’s mWISE Conference 2024. We’ve picked a few sessions to highlight here to pique your interest

How generative AI changes defense

Leaders in Google Cloud Security Steph Hay and Umesh Shankar explain macro trends at the nexus of security and AI and what they represent for your company using insights from talks with CISOs, the most recent Mandiant research, and Google DeepMind breakthroughs.

North Korean-backed threat actor goes from job interview to bitcoin heist

Clearing a job interview is the first step towards an insider bitcoin theft. Listen as Mandiant Senior Consultants Yi Han Ang and Sun Pu reveal a highly skilled cyber-espionage operation that was launched against a cryptocurrency corporation by a North Korean threat actor. They intend to talk about how crucial it is to put in place thorough security measures in the cloud in order to lessen the likelihood of assaults like this one.

Generative AI-era secure remote identity verification

In the age of generative AI, secure remote identity verification Science-based biometrics-as-a-service can prevent deepfake assaults by enabling dependable, simple-to-manage remote identification for employees and customers. The CEO and creator of iProov, Andrew Bud, discusses the difficulties in implementing remote identity throughout the company and offers customer best practices in this presentation.

The supply-chain attack summer taught us

In the summer of 2023, there were an unprecedented amount of supply chain attacks. Key issues like legal exposure, cyber reporting, and handling threats to company officials or their families will be covered by Erin Joe (Google Cloud Office of the CISO), Lyn Brown and Megan Brown (Wiley Rein), and Jennifer Burnside (Crisis Communications for Google Cloud Security). They will also share lessons learnt and talk about emerging trends.

Construct a low-cost, high-value quantitative risk management program

Tim Anderson and Matthew Harding of ID.me have provided a systematic guide to implementing quantitative risk management. Find out how to report and communicate risk from the boardroom to the security team room. The application and operation of quantitative program design using people, procedures, and technology will be covered.

The cloud security dilemma Unsecure use, safe cloud

Cloud service providers make significant investments in security, far more than what most businesses could accomplish on their own. But leaks and breaches in the cloud dominate the headlines. Why is that? In actuality, cloud security is a shared opportunity as much as a shared obligation. Google Cloud‘s Anton Chuvakin explores this somewhat perplexing conundrum in this session.

Opportunities for networking: Establishing your cybersecurity community

Building a network that can help you in your profession and interacting with peers to gain knowledge from their experiences are all important aspects of mWISE Conference 2024. Make the most of the many breakout sessions, social events, and networking opportunities to establish meaningful relationships.

Among these chances is a special Capture the Flag challenge where you may put your cybersecurity prowess to the test. This CTF game simulates a threat hunt using real-world information from ransom notes, the dark web, and CISA advisories. Using a new Google Threat Intelligence product, follow the clues, evaluate the evidence, and work through the puzzles to identify the flags.

On September 18–19 in Denver, Colorado, They look forward to building Google defender’s community and sharing their most recent security findings with you.

Read more on govindhtech.com

Josh Dinneen, CEO of Blue Mantis – Interview Series

New Post has been published on https://thedigitalinsider.com/josh-dinneen-ceo-of-blue-mantis-interview-series/

Josh Dinneen, CEO of Blue Mantis – Interview Series

Josh Dinneen, CEO of Blue Mantis, is a seasoned leader dedicated to driving the company’s organic and M&A-fueled growth and continuously fostering innovation throughout the organization and its growing client base.

Formerly President of Blue Mantis, Josh spearheads efforts to enhance the company’s ongoing initiatives aimed at deepening client engagement and sustainability by delivering the optimal experience that produces measurable and positive business outcomes.  Josh’s mantra for success is simple but consistent: client sustainability fuels company growth, which in turn, drives continuous innovation.

Blue Mantis is a private-equity-backed national managed services provider focused on cloud, cybersecurity, AI and digital transformation.

Blue Mantis serves mid-market and enterprise organizations by helping them identify and implement enterprise software solutions from firms like AWS, Arctic Wolf, Acronis, Cisco, Dell, HPE, Microsoft, and many others.  Major customers include Cole Haan, the Jacksonville Jaguars, Liberty Mutual, Woodforest National Bank, and Boston Medical Center.

Can you share the journey of Blue Mantis from its inception to becoming a leading managed services provider in cloud, cybersecurity, AI, and digital transformation?

Blue Mantis has a 30+ year history of delivering innovative and proven technology solutions to mid-market and enterprise clients. We’ve been an integral part of their digital transformation journeys and, as your question suggests, we have also been on our own modernization journey, one marked by a dramatic expansion in the type of solutions we offer and the manner in which we help clients achieve positive business outcomes.

We have transformed from our roots as a small, regional reseller of hardware and software products to a national and now an international provider of next-generation services in what we call three core business “pillars” – cybersecurity, cloud and managed services.

As we have scaled our organization, we have also successfully attracted several new blue-chip executives to expand our leadership team. In doing so, we have strengthened our technical acumen, broadened our services offerings, refined our sales execution, and sharpened our go-to market strategies.  These key leaders include Chief Operating Officer (and former CISO and CIO) Jay Pasteris; Chief Services Officer Steven DeMaayer; Chief Revenue Officer Terry Richardson, and our Chief Marketing Officer, Sarah Foote.

As a provider of next-generation solutions, we have also expanded our consulting capabilities and we are increasingly serving as a strategic advisor for our clients, surveying the hyper-dynamic technology landscape and developing the blueprint to help clients harness these technologies to support their businesses and attain measurable and positive outcomes. We have also continuously broadened our portfolio of product bundles and services, which include cybersecurity and risk management, cloud, networking, data center modernization, modern workspace, carrier services, resource management and the ability to offer any of those solutions as managed services.

Formerly known as Green Pages until our new brand identity and name change were unveiled in July 2023, the name Blue Mantis signifies our role as a strategic advisor, one capable of leading our clients into the future. In fact, the word mantis literally means a “seer, a prophet and one who divines.” This really captures our mission and our ethos.

What are the key factors that contributed to Blue Mantis’ impressive growth rates in cybersecurity, cloud service practices, and managed services?

First, was our ability to remain keenly focused on the market opportunities we saw right in front of us. Second, was keeping our clients at the forefront of everything we do was critical. Third, we felt it was critical to undertake the transformation that has moved Blue Mantis from a gross profit, cost of goods sold model to a strategic services-led business aimed at driving business outcomes for clients. That dramatically changed the growth trajectory of Blue Mantis. To augment our organic growth, we also have made several acquisitions and added technical talent in these three key growth segments.  These investments have paid strong dividends; we have achieved a five-year growth rate of 405 percent for cybersecurity, 119 percent for cloud service practices and 495 percent for managed service. We have also increased our headcount by 127 percent during that time.

Can you elaborate on the dual role of AI at Blue Mantis, both internally for operational efficiencies and externally for client services?

We have gone all-in on GenAI for both internal and external uses. To be successful in AI, data management takes on heightened importance. We are continuing to invest in our data enablement capabilities at our foundation. As a Microsoft partner, we had early access to Copilot and are at the forefront of Managed Services Providers harnessing the power of AI for enterprise customers. This point has been validated by customers, partners, and market observers in the IT channel.

For our clients, we began offering Managed AI Copilot Solutions in Q2 2024, a customized turnkey offering powered by Microsoft. We seamlessly and securely integrate AI into clients’ existing Microsoft Cloud environments with executive education, strategic planning, and managed services. Our GTM is based on an Assess, Modernize, Manage framework. Through our consultative approach, we have helped customers identify high-value use cases for GenAI, identify and remediate security issues associated with their data estate, and modernize data processing in support of GenAI use cases. Internally, we are leveraging AI across many functions within Blue Mantis. Whether it’s Microsoft Copilot or another AI technology, we are seeing significant productivity improvements as more use cases are identified and people become familiar with the technology.

What are some specific AI-driven initiatives or projects that have had a significant impact on your clients?

We are still in the initial stages of this technology wave and many clients are still formulating their strategy relating to applied GenAI for their business. The market is clearly in the education phase as clients are looking at “the art of the possible” as they look to take advantage of this emerging technology. The most significant impact we’ve seen is on two fronts. First, as clients begin to explore their data assets, this has revealed the expansive scope and magnitude of their data estate and caused them to revisit their data governance processes and expose new threat vectors for data leakage and data loss. Many clients have been surprised to find out just how much data they have and who has access to it. Second, when clients invest the time and effort to train their staff, time-to-productivity is greatly enhanced. Establishing command and trust of this new technology is critical to driving the type of impact that clients expect to see from their GenAI investments. Naysayers and detractors have been converted to champions and advocates when given the right baseline and this has had a significant impact with clients as they roll out GenAI solutions.

How does Blue Mantis stay ahead of emerging threats and manage risk for its clients?

We are a security-first firm, and we consider security to be the bedrock of everything we architect, build and support. As a provider of managed services, we are relied upon heavily by clients to be their eyes and ears and their first line of defense against their adversaries – whether insider or external threats.  We stay ahead of these threats and help not only manage but reduce risk by offering a complete suite of cloud security, network and systems security and governance, risk and compliance solutions to meet all their needs. We put a high premium on security awareness training both internally and with clients to ensure we stay up to date on the latest vulnerabilities and attack methods. This involves threat intelligence feeds, security conferences, and industry best practice research. We also offer comprehensive security assessments to identify weaknesses in a client’s existing security posture. This helps them prioritize potential risks and implement solutions tailored to their environment, industry and budget. For many clients we provide managed security services and 24/7 monitoring through Managed Detection and Response (MDR) solutions through partners like Arctic Wolf, as well as guidance and implementation services to assist them on their Zero Trust journeys.

By combining these approaches, we provide clients with a comprehensive security strategy that adapts to the evolving threat landscape and increases their vigilance against cyberattacks.

Can you discuss any recent cybersecurity trends or challenges that mid-market and enterprise organizations should be aware of?

Whether we are talking about mid-market or enterprises, the organizations we are working with face many of the same challenges. At the top of the list is the need for better and more holistic data management and privacy assurance from a regulatory perspective. The new SEC mandate to disclose data breaches more quickly and transparently intensifies our client’s already complex environments.

Data resiliency is another major challenge for the midmarket. It is no longer good enough to be good enough. For the simple reason that again, regardless of size or vertical industry, our clients’ customer data is under continuous attack by an increasingly sophisticated universe of adversaries. Clients’ risk profiles are expanding, and defenses must become stronger, more vigilant and more sophisticated to ensure continuous protection.

Finally, despite the increased threats they face, many organizations are expected to “Do more with less.” This is where Blue Mantis has shined. We help clients who are grappling with these issues by delivering guidance and direction on how best to prioritize projects in the areas of cloud, cybersecurity and digital transformation. However, we have also expanded our capabilities and scale in the area of strategic resource management in cyber security as all as IT. We have expanded a comprehensive talent pool that allows Blue Mantis to seamlessly integrate resources into client teams, filling specific skill gaps and ensuring project success.

How does Blue Mantis guide clients through their cloud journey, and what are the key components of a successful cloud strategy?

Blue Mantis helps guide customers through their cloud journey with a pragmatic approach. We work closely with customers to understand the real drivers behind their cloud transformations and work together collaboratively to build a roadmap.

As with most transformation initiatives, moving to the cloud does not mean customers will have parity with their existing operations and this creates challenges within their firms. Whether it is a skillset gap, expertise needed, training, or capacity for work, we help our customers envision their future state and ensure they are supported in any way needed to be successful.

We have identified four primary insights about leveraging the cloud:

First, is alignment to the business.  Any cloud transformation needs to have clearly defined objectives. Without a clear demarcation for ‘what good looks like’ and the business outcomes defined, it is easy to get lost in your cloud journey.

Second, is understanding workloads and assessing their fit-for-use in cloud. .  We excel at framing the decision points for our customers and providing insights into what we’ve seen work and not work.  It is very common for us to see a hybrid approach to cloud, especially for legacy applications.  Many applications were not built for the cloud and they are not cloud ready. Deciding how much to invest in order to make them fit in a cloud environment can be very challenging (and potentially not worth the investment).

Third, prioritizing migration is critical.  As with any transformation initiative, it is important to see some early wins.  For business-critical applications and infrastructure, nothing will kill your cloud transformation faster than large, long running, projects that do not return some value back to the business.  We seek to avoid this situation and work together with clients to find balance.

Finally, as clients migrate to the cloud they will need to put some type of governance process in place.  This can be very challenging for any organization that is experimenting with new technology, while trying to run their business.  Customers will need to manage their costs (as that’s something that can get out of control quickly, if you are not prepared), make sure the costs are effectively communicated to their business stakeholders, and ultimately optimize that spend over time.  Following this blueprint and making some good choices has made many of our customers successful in their cloud journey.

What differentiates Blue Mantis’ managed services from other providers in the market?

Again, I would go back to the point made earlier about reinvention. What separates Blue Mantis from the many technology solution providers in the market is that many have failed to reinvent themselves. We have had a clear vision and a focused strategy that has been embraced by a terrific, talented and loyal base of employees who remain committed to the mission. We have not tried to grow too big too fast or to take on more than we could successfully manage. And that is a temptation, believe me.  Our steadfast devotion to resilience and ability to adapt and change is massive based on the market we are in. I am extremely proud and appreciative of the talented people we have grown and retained here at Blue Mantis and the new leaders and team members we have successfully added. This has been huge in helping us grow, diversify and differentiate. They have embraced change, been flexible and continue to drive our clients into the future. Clients tell us repeatedly – “this makes you stand out.”

What are the latest trends in data center modernization, and how is Blue Mantis preparing its clients for future opportunities?

The data center industry is truly witnessing a transformative era marked by the incredibly rapid and broad adoption of Generative Artificial Intelligence (GenAI). This technology, which includes advanced models like GPT-4, is reshaping the landscape of data processing and management. We are working closely with CIOS, CISOs and even CEOs within our client base to help them fully understand the implications of this seismic shift. As important, we are preparing existing data center resources – whether those are on-prem, in a private or public cloud or consumed in a hybrid model. Blue Mantis partners with all the major data center hardware providers to ensure your modernization solution is future-proof and energy-efficient. We can also optimize for cost by integrating the services of our FinOps team, which has been proven to reduce our customers’ annual cloud costs by 30% or more.

Can you provide insights into how Blue Mantis approaches complex networking challenges for its clients?

We solve complex networking challenges for clients through several key strategies:

Blue Mantis partners with clients to understand their business goals and communication needs, ensuring that the network infrastructure supports these objectives effectively.

We offer customized solutions to meet the specific needs of each client, considering factors like their size, industry, and exact network requirements.

We apply advanced technologies including software-defined networking (SDN), network function virtualization (NFV), and advanced network monitoring tools.

Clients’ networking initiatives are supported through our team of highly skilled networking experts who have extensive experience in dealing with complex network environments. This team can diagnose and resolve intricate network issues efficiently.

We are not a point solutions provider; we offer comprehensive end-to-end services that address everything from network design and implementation to ongoing management and optimization.

We apply proactive monitoring and maintenance to every client engagement to continuously track network performance and identify potential issues before they become critical problems. We conduct regular maintenance and updates to ensure network reliability.

By combining best of breed and emergent technology, we ensure our customers are fully aware of the options they have.  Combining a consultative approach, highly skilled specialists, and a portfolio of market leading partners we are able to deliver the right solution at the right time.

By combining these approaches, Blue Mantis effectively addresses the complex networking challenges faced by its clients, ensuring secure, efficient, and reliable network performance.

Thank you for the great interview, readers who wish to learn more should visit Blue Mantis.

The Growing Role of Cybersecurity in the HR Sector

Table of contents. Introduction: The Growing Importance of Data Security and Privacy in HR Tech 2. Developing Cybersecurity Competencies in the Workforce 3. Collaborating and Partnering for Cyber Risk Management Initiatives

Also Read: HRTech Interview with HR Expert, Natalie E. Norfus, Founder of The Norfus firm

Introduction In technology, the importance of cyber security cannot be emphasized, especially as firms increasingly rely on AI and machine learning to handle their daily business operations. However, if used carelessly and without security procedures, users are more likely to become victims of cyber threats and data breaches. Although the duty for protecting essential organizational assets from multiple security risks falls on the company's chief information and security officers (CISOs) and chief security officers (CSOs), the human resources (HR) department also plays an important role in this respect. As a result, HR specialists with expertise in human management, organizational behavior, and company culture can play an important role in strengthening cybersecurity teams and establishing insider threat programs.

To know  More Visit: https://hrtechcube.com/evolving-the-role-of-cybersecurity-in-the-hr-sector/

🔒 Meet Rick Leib, CISO at Access Point! 🔒

👨‍💻 With over 35 years in cybersecurity, Rick shares invaluable insights into safeguarding healthcare data. From threat modeling to vulnerability management, learn how to fortify your systems against evolving cyber threats.

🎥 Watch the full interview and discover cutting-edge strategies to protect your healthcare organization.

🚀https://nextdigitalhealth.com/healthcaretechnology/cybersecurity/securing-healthcare-advanced-cybersecurity-strategies-with-rick-leib-at-access-point-advisory/

Cybersecurity #HealthcareSecurity #CISO #DataProtection #ThreatModeling #Wi4 #vineetagrawal #nextdigitalhealth

Navigating the Digital Battlefield: Embarking on an MBA in Cybersecurity

In today's hyperconnected world, where digital technologies are deeply integrated into every aspect of our lives, cybersecurity has emerged as a critical concern for organizations of all sizes. As cyber threats become increasingly sophisticated and widespread, the demand for skilled cybersecurity professionals has never been higher.

An MBA in Cybersecurity, such as the one offered by Xaltius Academy in collaboration with BHS Switzerland, can provide you with the comprehensive skills and knowledge needed to succeed in this dynamic and challenging field. By combining business acumen with technical expertise in cybersecurity, you'll be prepared to lead and protect organizations from evolving cyber threats.

Why Pursue an MBA in Cybersecurity?

An MBA in Cybersecurity offers several compelling advantages for career advancement and personal growth:

Broader Career Prospects: An MBA in Cybersecurity opens doors to a wide range of leadership positions in the cybersecurity domain, including Chief Information Security Officer (CISO), cybersecurity consultant, information security manager, and cybersecurity analyst.

Higher Earning Potential: Cybersecurity professionals are among the highest-paid professionals in the world, with median salaries surpassing six figures in many countries. The growing demand for skilled cybersecurity professionals ensures strong job security and opportunities for career advancement.

Greater Job Satisfaction: Cybersecurity professionals often report high levels of job satisfaction, deriving motivation from the intellectual challenges of protecting critical data, the opportunity to make a real impact on their organizations, and the constant evolution of the field.

Xaltius Academy and BHS Switzerland: A Partnership for Excellence

Xaltius Academy, a leading provider of online education in project management and data science, has partnered with BHS Switzerland, a renowned business school in Switzerland, to offer an MBA in Cybersecurity program. This program is designed to prepare professionals with the skills and knowledge they need to navigate the complex cybersecurity landscape and protect organizations from evolving cyber threats.

Key Features of the Xaltius Academy and BHS Switzerland MBA in Cybersecurity Program

Industry-aligned curriculum: The program curriculum is developed in collaboration with industry experts to ensure that students learn the skills and knowledge that are most in demand by employers.

Live online instruction: Students learn from experienced and qualified instructors in a live online classroom environment.

Hands-on projects: Students gain practical experience through hands-on projects that involve working with real-world cybersecurity scenarios.

Capstone project: Students complete a capstone project at the end of the program, which gives them the opportunity to apply their skills to a real-world cybersecurity challenge.

Career support: Xaltius Academy and BHS Switzerland provide career support services to help students prepare for job interviews and find employment in the cybersecurity field.

Conclusion

The MBA in Cybersecurity program at Xaltius Academy and BHS Switzerland is a valuable investment in your career and professional development. By combining business acumen with technical cybersecurity expertise, you'll be well-equipped to lead and protect organizations in today's increasingly complex and digital world.

If you are passionate about cybersecurity and seeking to advance your career in this critical field, I encourage you to explore the Xaltius Academy and BHS Switzerland MBA in Cybersecurity program. With its comprehensive curriculum, experienced instructors, and strong industry ties, this program will prepare you to become a cybersecurity leader and make a significant impact on the organizations you serve.

On 2 October 2023, John Reed Stark, a digital regulatory compliance expert with 15 years of experience as an SEC enforcement attorney, took to social media platform X to discuss the impending trial of Sam Bankman-Fried (SBF), the founder of FTX. ohn Reed Stark is a seasoned expert in cybersecurity, fintech, and regulatory compliance, with a career spanning over two decades. He currently serves as the President of John Reed Stark Consulting LLC, where he advises Boards of Directors, CEOs, CIOs, CISOs, and General Counsels on a range of issues, including cybersecurity preparedness, data breach response, and SEC/FINRA regulatory matters. His firm, based in the Washington D.C. Metro Area, specializes in all aspects of cyber-incident response, from crisis management to forensic analysis and regulatory response. Before establishing his consulting firm in 2015, Stark was a Managing Director at Stroz Friedberg, where he led engagements in data breach response, digital forensics, and cyber risk management. His academic contributions are notable; he has taught cyber law for nearly 20 years at Georgetown University and Duke University Law Schools. Currently, he serves as a Senior Lecturing Fellow at Duke University School of Law, where he teaches a course on the legal issues of cybersecurity and data breach response. Stark’s regulatory experience is rooted in his 18-year tenure at the U.S. Securities and Exchange Commission (SEC). He founded and led the SEC’s Office of Internet Enforcement, overseeing investigations and actions related to technology-based securities violations. He also served as an FBI Instructor at the Quantico Marine Training Facility and was a Special Assistant U.S. Attorney for the District of Columbia. Early in his career, Stark was an associate at Arent Fox, focusing on financial and commercial litigation. Earlier today, Stark laid out three unique reasons that make SBF’s conviction highly likely: Unprecedented Level of Insider Cooperation: Stark emphasizes that the prosecution’s case against SBF is bolstered by an unparalleled level of cooperation from senior corporate insiders. These insiders include Caroline Ellison, the CEO of Alameda and SBF’s intermittent romantic partner; Gary Wang, co-founder of FTX; and Nishad Sing, FTX’s engineering director. All have pled guilty and are fully cooperating with the prosecution to mitigate their own sentences. Stark notes that these insiders, along with a host of other informants and whistleblowers, have been providing the prosecution with a detailed roadmap of SBF’s alleged criminal activities for over a year. This extensive collaboration is arguably unprecedented in the history of financial fraud trials.Comprehensive Access to Damning Evidence: John J. Ray III, who took over as FTX’s CEO, testified before Congress about the complete failure of corporate controls at FTX. Stark points out that Ray has spent around $200 million on a comprehensive forensic investigation into SBF’s alleged illegal activities. This investigation, he says, has likely resulted in a treasure trove of evidence being handed over to law enforcement agencies and regulatory bodies. He claims that the prosecution, therefore, has had the benefit of extensive groundwork laid by a team of world-class investigators, analysts, accountants, lawyers, and other experts.SBF’s Counterproductive Public Relations Campaign: Stark underscores the importance of defendants remaining silent, advice that SBF has apparently ignored. He points out that since the collapse of FTX, SBF has been vocal in the media, from social media platforms to interviews with news outlets. Stark notes that this has provided the prosecution with a wealth of visual and audio evidence that could be used against him. Stark suggests that SBF’s public statements could serve as fodder for impeachment if he takes the stand, undermining his credibility and further strengthening the prosecution’s case. Stark concludes

his post by stating that the prosecution in the SBF case has an unusually advantageous position since they have an extraordinary array of cooperating witnesses, a wealth of inculpatory evidence, and a defendant who has been far from discreet. He claims that while trials are inherently unpredictable, these unique factors make the case against SBF exceptionally strong. The Three Unique Reasons Why Sam Bankman-Fried Will Likely Be Convicted1. More Rats Than Both Willard Movies Combined. The SBF prosecution team will call to testify an incredibly broad array of senior corporate insiders, all of whom have pled guilty and are cooperating fully in…— John Reed Stark (@JohnReedStark) October 2, 2023 SBF’s trial is scheduled to start on October 3.

IT Audit Policy and Plans Company Background & Operating Environment Red Clay Renovations is an internationally recognized, awarding winning firm that specializes in the renovation and rehabilitation of residential buildings and dwellings. The company specializes in updating homes using “smart home” and “Internet of Things” technologies while maintaining period correct architectural characteristics. Please refer to the company profile (for additional background information and information about the company’s operating environment. Policy Issue & Plan of Action The corporate board was recently briefed by the Chief Information Officer concerning the company’s IT Security Program and how this program contributes to the company’s risk management strategy. During the briefing, the CIO presented assessment reports and audit findings from IT security audits. These audits focused upon the technical infrastructure and the effectiveness and efficiency of the company’s implementation of security controls. During the discussion period, members of the corporate board asked about audits of policy compliance and assessments as to the degree that employees were (a) aware of IT security policies and (b) complying with these policies. The Chief Information Officer was tasked with providing the following items to the board before its next quarterly meeting: (a)    Issue Specific Policy requiring an annual compliance audit for IT security policies as documented in the company’s Policy System (b)    Audit Plan for assessing employee awareness of and compliance with IT security policies a.       Are employees aware of the IT security policies in the Employee Handbook? b.       Do employees know their responsibilities under those policies? (c)     Audit Plan for assessing the IT security policy system a.       Do required policies exist? b.       Have they been updated within the past year? c.       Are the policies being reviewed and approved by the appropriate oversight authorities (managers, IT governance board, etc.)? Your Task Assignment As a staff member supporting the CISO, you have been asked to research this issue (auditing IT security policy compliance) and then prepare an “approval draft” for a compliance policy. You must also research and draft two separate audit plans (a) employee compliance and (b) policy system audit. The audit policy should not exceed two typed pages in length so you will need to be concise in your writing and only include the most important elements for the policy. Make sure that you include a requirement for an assessment report to be provided to company management and the corporate board of directors. ·         For the employee compliance assessment, you must use an interview strategy which includes 10 or more multiple choice questions that can be used to construct a web-based survey of all employees. The questions should be split between (a) awareness of key policies and (b) awareness of personal responsibilities in regards to compliance. ·         For the policy system audit, you should use a documentation assessment strategy which reviews the contents of the individual policies to determine when the policy was last updated, who “owns” the policy, who reviewed the policy, and who approved the policy for implementation. Research: 1.       Review the table of contents and relevant chapters in the Certified Information Privacy Professional textbook to find information about legal and regulatory drivers. 2.       Review the weekly readings including the example audit assessment report. 3.       Review work completed previously in this course which provides background about the IT Policy System and specific policies for the case study company. 4.       Find additional resources which discuss IT compliance audits and/or policy system audits. Write: 1.       Prepare briefing package with approval drafts of the three required documents. Place all three documents in a single MS Word (.

doc or .docx) files. 2.       Your  briefing package must contain the following: ·         Executive Summary ·         “Approval Drafts” for o   Issue Specific Policy for IT Security Policy Compliance Audits o   Audit Plan for IT Security Policy Awareness & Compliance (Employee Survey) o   Audit Plan for IT Security Policies Audit (Documentation Review) As you write your policy and audit plans, make sure that you address security issues using standard cybersecurity terminology. 3.       Use a professional format for your policy documents and briefing package.  Your policy documents should be consistently formatted and easy to read. 4.       You must include a cover page with the assignment title, your name, and the due date. Your reference list must be on a separate page at the end of your file. These pages do not count towards the assignment’s page count.  5.       Common phrases do not require citations. If there is doubt as to whether or not information requires attribution, provide a footnote with publication information or use APA format citations and references. 6.       You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.    7.       Consult the grading rubric for specific content and formatting requirements for this assignment. 8.       Submit your briefing package in MS Word format (.docx or .doc file) for grading using your assignment folder. (Attach the file.) ORDER THIS PAPER NOW. 100% CUSTOM PAPER CategoriesAPA 6th edition, English Leave a Reply Cancel replyYour email address will not be published. Required fields are marked *Comment * Name * Email * Website Save my name, email, and website in this browser for the next time I comment. Post navigation Previous PostPrevious Many corporations are seeking to regain the trust of shareholders through a demoNext PostNext Reaction Paper

Sirius decisions

#Sirius decisions how to#

SiriusDecisions 2017 Summit Europe, held from 4 th to 5 th October at Hilton Metropole UK is also the 8th annual event this year. Now again we are at the that time of the year where SMARTe is again on the list of sponsors of SiriusDecisions Summit Europe and SiriusDecisions Technology Exchange. SMARTe uses proprietary focused crawling and natural language processing technologies coupled with decades of domain expertise of data normalization to deliver highly relevant and most accurate prospect database. Fueled by data science, we are poised to usher in B2B – on demand economy's revolutionary 'data-as-a-service' (DaaS). 28, 2017 - PRLog - SMARTe works as a true agile data partner to provide key success metrics – 'high quality global data'. Head over to /books today!SAN JOSE, Calif. Sign up to get a copy of the 100 Business Ideas eBook and for the opportunity to win a book bundle of your choice. Also huge thanks to Salesforce for hosting Chad at the Salesforce World Tour!ĭon’t miss out on our Ultimate Book Bundle Giveaway! Everyone who enters will win a prize. Shout out to Pardot for having us at Serious Decisions this week! It’s important to find people you love to work with and can have a lifelong working relationship with.

#Sirius decisions how to#

He also shares how organizations can reward intelligent risk-taking and gives some insider tips for how to get hired at a company like Google. Ben talks about the disconnect between policymakers in the federal government and innovators in Silicon Valley tech companies. Ben has a unique background first working in the military, then working with the federal government, and now working in the tech giant that is Google. Our second guest is Ben Renda, Chief Operating Officer of Google Fi. Bracken also explains why he thinks small teams are the best teams and how to manage risk in a business. He shares some of his strategies for growth in both life and business. Our first guest is Bracken Darrell, President and CEO of Logitech, and has more than twenty years of experience in business management. With our team busy at these conferences, we will only be releasing two interviews this week: Bracken Darrell and Ben Renda. Across the country, Chad is keynoting at the Salesforce World Tour in NYC! For live updates from both conferences, tune into our Instagram. You can find the Marketing Trends squad at the Sirius Decisions Summit in Austin doing live podcast recordings with some of the world’s most innovative marketing professionals. This week, the Mission team is spread far and wide reporting onsite at conferences in New York and Texas.

The Fleet – Learn from the top drivers, managers, and executives innovating in fleet management today.Īpple Podcasts / Google Podcasts / Spotify.

Hidden in Plain Sight – Hear from the executives and innovators working to solve humanity’s most complex problems.

The Journey – It only takes one idea or one story to change the whole trajectory of your life, career, and work.

IT Visionaries – Your #1 source for actionable insights, lessons learned, and exclusive interviews with CIOs, CTOs, and CISOs.

Business X factors – Learn from the executives and leaders behind some of the world’s most innovative and exciting companies.

Mission Daily – Learn at least one new thing each day that will help you level up your health, wealth, wisdom, and career.

The Story – From the famous to the infamous, these are the backstories of people who changed the world.

The Data Chief – Meet the world’s top data and analytics leaders transforming how we do business.

Up Next In Commerce – Join host Stephanie Postles as she sits down with eCommerce leaders on the front lines of digital innovation.

Marketing Trends – Interviews with trailblazing marketers, including CMOs, CEOs, VPs, and industry leaders.

Channels & Communities To Level Up Your Health, Wealth and Wisdom.

We are looking for AVP/VP CISO – Information Security BFSI  Industry in Mumbai. The Ideal Qualification  Bachelor of Engineering (relevant stream) / B.E /MCA with MBA (optional) Relevant certifications like CISA, IS27001 Lead Auditor, CISM, CISSP, CEH, etc.Interested candidate can upload their Cv www.mhc.co.in/jobs or share their resume on [email protected]

https://bit.ly/3dBCXGZ

Kindlyfind below the Job Responsibilities: •Mandatory:CISA and ISO27001 Lead Auditor certifications are absolutely essential. • Guide & Monitor Red team, Cyber Security Drills •Experience in design and development of policies /procedures guidelines

How one MSSP's success story is supported by Check Point - CyberTalk

New Post has been published on https://thedigitalinsider.com/how-one-mssps-success-story-is-supported-by-check-point-cybertalk/

How one MSSP's success story is supported by Check Point - CyberTalk

Jason Whitehurst is the Chairman and CEO of FutureSafe Incorporated. For over eight years, he has been a cyber security services and stack provider in the Managed Service Provider (MSP) space. Jason contributes regularly to large MSP communities as an Evangelist, advocating for the use of Managed Security Services Provider (MSSP) partnerships when selling cyber security to end clients.

FutureSafe specializes in providing MSPs with a comprehensive suite of platforms and services, including SECOPS management. This allows MSPs to offer robust cyber security solutions at competitive margins while minimizing their overall liability. FutureSafe empowers MSPs to present themselves as cyber security experts and providers within their social networks, website and marketing campaigns. Jason maintains a strong advocacy for the Check Point suite of products and capabilities.

In this interview, the CEO of FutureSafe, Jason Whitehurst, discusses how his MSSP business operates, growing cyber security trends, why his partnership with Check Point has been valuable, and why he continues to leverage Check Point’s security technologies. By providing you with new perspectives, this interview will expand your horizons. Don’t miss it!

What inspired you to pursue a career in cyber security? How did your journey lead you to your current role at FutureSafe?

I would say that about eight years ago, I was deep into my career, working with, owning and running a decently sized managed service provider (MSP) for mid-tier and some enterprise businesses, where we worked in a co-managed IT world. We provided expertise that that particular business – usually banks – didn’t have the IT expertise to pursue in-house.

We would often manage them on an ongoing basis. What I noticed, however, was that as IT became more commoditized, the cyber security side started to become significantly more important…The expertise around what was needed to function as a proper CISO or cyber security architect for a client was quite divergent from what someone at the same level, in IT, would do.

So, I closed off the infrastructure side of my business and kept the security side. We were providing security products and consulting to our existing co-managed IT clients. That’s something that we were selling organically. We were just starting to shape up as an industry.

Since then, that’s all that we’ve done – we’ve provided that expertise.

What kinds of businesses do you generally serve?

Yeah, so we’re a little bit unique. We’re an MSSP for MSPs and more direct-to-enterprise businesses. Our MSP (managed service provider) clients are providing a service to their end-client and they’ve recognized that they don’t have any capacity to do cyber security – they just don’t have the expertise, they don’t have anyone who could be sworn in as an expert witness, there’s this whole list of things that they don’t have and that we provide.

We work behind the scenes. The end client doesn’t know that we exist, really. So, we augment the MSP and give them a full team’s worth of cyber security expertise. And the products that we provide and recommend have been fully vetted by us.

So, we have doubled in size, just about every year over the last 3-4 years and certainly, this year, we’ll be up there with our sales targets, reaching historical growth. And a lot of that has to do with what we’re doing with Check Point.

What drives FutureSafe’s ambitions? Organizational mission?

The core of our business is removing the liabilities that MSPs face, and even those that mid-market and enterprise clients face. We provide the proper cyber security despite the fact that they don’t have someone with that expertise in-house.

Companies have been winging it for a long time and tasking cyber security to their existing IT team, which runs into two problems. 1) They can’t make a recommendation because they don’t understand the implications of their recommendation. And 2) IT people feel uneasy because security is often auditing the work that’s been done by IT.

In other words, if an auditor works for IT, then he’s auditing his own boss. And that creates a conflict that we have to make sure isn’t there.

Would you like to provide a brief overview of the challenges that your clients are struggling with?

I think it boils down to standardization, simplification and optimization. Any work that we can do in those three areas will significantly increase the amount of available time, to the MSP, to do whatever it is that’s necessary – they’ll have more time available on their side.

All of our decisions are based around whether or not we can achieve those three objectives. In general, we’ve been able to do those three things very extensively, where our entire security stack is available with one agent that’s put on endpoint, and it doesn’t even require a rebuild. And Check Point is a big part of that stack.

We had to have a platform/stack with ease of onboarding, simplified views and consolidated risk data. Check Point has a level of maturity for that area of need, and there are very very few competitors who can perform at that level.

What kinds of questions do your clients typically have for you concerning stronger cyber security management? What do they want to know about improving their cyber security and cyber resilience?

The big question that they want to know the answer to is ‘what’s the best use of our cyber security budget spend?’ They want to know where to spend it, and where cyber attackers are attempting to infiltrate most frequently.

Oftentimes, we can tell them not only about what that threat landscape looks like, but we can also tell them about the products and services that we can deploy to mitigate corresponding threats.

We try to keep that (products and services) flexible as the threat landscape changes. That seems to work well. It’s better than guessing what will happen over the next 12 months and trying to build accordingly.

When you see client emergencies, what typically triggers those? Example of a client emergency?

It’s predominately business email compromise attack these days. Phishing is part of that, but the vast majority of compromises that we see right now involve threat actors trying to get in through SaaS apps, cloud apps, API connections…It’s a lot easier to exfiltrate that way and extort the exfiltrated database for ransom.

I don’t have a problem handling it when these situations do come to pass, but we just don’t see traditional ransomware as much anymore.

What is FutureSafe’s process for working with clients? How do you ensure that you’re providing comprehensive cyber security coverage?

The first step for us is reviewing whether or not our business — our model, the way that we work, my internal SOC team working in conjunction with the MSP, so that the client doesn’t know that we exist — is a fit. We also look at whether our cultures are a fit, meaning we’re about to start taking over a fair amount of the day-to-day incident response and care-and-feeding and all of that.

Because an MSP has been handling that for quite some time, we have to come to some agreement as to how to proceed…If they truly want to work with us, then we have to qualify if that’s a good fit.

As a vendor, what is your decision-making process when it comes to cyber security tools?

The first thing that we do is determine what level of compliance maturity a given product may have. If they don’t have a baseline of product maturity, it’s not worth looking at that particular platform.

We generally invest in economies of scale with enterprise players. We do have others. But that is the modality that we tend to choose. And that has to do with risk mitigation.

It’s not difficult to explain why I chose the de-facto leader in overall Azure, Microsoft 365 email security – which is Check Point Harmony. There’s just no comparison. So, I don’t really have to qualify that decision. Everybody gets it.

If I’m choosing some other product that is brand new to the market, that hasn’t been vetted or tested really, that says that it can do all of these magical things, we really have to determine whether or not it’s a good fit.

Again, for us, from a culture perspective, if it is, then the next step for us is to determine what piece of that stack we may use. Check Point is one of those vendors that seems like it has a never-ending number of products to solve problems. Trying to pick out what makes the most sense can be a real challenge.

What are your thoughts around leveraging AI within cyber security solutions? How does your team currently work with AI-based products, if at all?

I think that when it comes to AI, leveraging AI in the threat identification workflow is a little premature. I think that the ability to provide the AI platform with enough data, and then to integrate it within an adaptable platform, and to use it to provide actionable intel right now — I’m a little worried about people just accepting the output that comes from an AI platform for a risk decisioning framework.

At some point, the security business will change fundamentally due to the improvements related to AI, but I don’t see it right now. It does need to be in every platform to analyze information and to determine what it means, but I think that letting it function as the sole decision maker for a threat is too risky at the moment.

Is there anything else that you would like to share with the Cyber Talk audience?

Yeah, I think that right now, when folks look at where to spend money and what that budget cycle looks like, as an organization with hundreds of MSP clients and of course, downstream clients, it can be tough to see through the fog.

Look, we’ve tested a multitude of products in-depth, after spending months and months, sometimes 3-4 months, trying to verify that a product does what it says it does…

Based on that time that I’ve already put in, leverage Check Point Harmony with Avanan front-end if you need multi-tenancy, and then using the appropriate version so that you can protect Teams, OneDrive, SharePoint, DropBox, Box.net, ShareFile, as well as a unified quarantine. There just isn’t anything else that comes close.

There’s such a gap between Check Point Harmony and the next vendor that it very much was an easy decision for us.