By Aaron Mog | Trace3 Advisory CISO
Technology advancements over the past few years have made connecting with partners and clients amazingly easy. Gone felt the days of driving to events and meetings to talk to clients about their business needs. All I had to do was invite them virtually to my office! Sometimes you can’t truly appreciate something until you no longer have it. I had that feeling after attending a Trace3 hosted soiree at Top Golf where a few key partners gathered with a large group of top tech executives from the northern California region. Sharing ideas and talking about new technology solutions outside of the comfort of my own home was something I had missed.
No surprise in today’s current events the conversations turned to the tumultuous environment and our clients’ security postures. The discussion revolved around four key areas. My excitement in talking to so many of my partners and clients in person led me to memorialize the conversation and add some texture.
Russia and Global Tensions
As expected, the number one topic of conversation was the potential impact of the Ukraine conflict on the security space. We’ve all learned about, and in some ways begun to expect, a Russian-lead disabling cyber-attack. Now we haven’t seen that here in the U.S. yet, but below are a few ways we discussed preparing for something of that nature to occur:
- Now is the time time to review your incident response plan and run tabletops. If you need assistance with that, Trace3 can help you plan and test!
- Talk with your Cyber-Insurance provider now and understand the requirements and processes. Waiting for the crisis to occur could be detrimental to your business.
Ransomware
Our security-focused technology leaders mark ransomware as an ever-evolving top security concern. Much of our discussion was around new ideas and approaches in the market. Those included:
- Zero Trust and next-gen network design concepts as a means to limit lateral movement and ransomware attack scopes.
- Look at immutable backups, cloud backups, and admin/privileged identities.
- If these concepts feel foreign to you, check out this Trace3 Tech Drive that dives into these topics.
Security Startups and Funding
Speaking of markets, the security experts at Trace3 always discuss the staggering amount of money being raised by security startups to address cloud, data, events, and endpoint concerns. Being in the heart of Silicon Valley through our venture capital briefing series, raises and valuations are always a hot topic. Here are a few of the headlines.
-
- New start-ups are extremely focused on solving one key element of the security journey, with a huge emphasis on cloud security concerns and DevSecOps.
- Getting access to these emerging technologies has always been a strength of our company.
Security Talent Needs More Time on the Course
The swing quality for those of us staring at their screens all day catching bad guys needs a lot of improvement. I know cybersecurity resources are stretched thin – but we really need to get some of these folks on PTO so they can work on their games…
Big Thanks to Our Partners for Adding to the Conversation
Ingram Micro, Lenovo, NetApp, TD Synnex, Dell, HPE, Palo Alto Networks, Thales, Arctic Wolf, Automox, Axonious, Blackberry Cylance, Cohesity, Deepwatch, Delphix, Forescout, Noname Security, Nutanix, Western Digital
Aaron Mog has over 20 years of experience in the IT industry and over 15 years of experience in Information Security. Including experience as CEO of Goliath Security, VP of Services, Director of Strategic Services, Chief Information Security Officer, and Engagement Manager who can lead, drive and mature both corporate information security programs and professional services in the areas of Cyber Threat Management, Information Security Architecture, Security Infrastructure, Application/Infrastructure Security, Information Security Compliance, and Security Policy and Strategy development. He has developed information security management programs for a large number of Fortune 500 companies. Aaron has also managed the deployment and maintenance of enterprise security platforms, enterprise systems deployments, and large eCommerce environments.