- 25 years experience leading high-performing global product development teams, specializing in network security and security management.
- Experience in embedded software and hardware product development includes 12 years of development leadership at Cisco for products in the web services, Internet telephony, network and content security markets.
- Has led in-house and outsourced teams in India for more than 10 years; created groups and grew teams from 5 to over 50 employees; helped structure products and projects to get maximum benefit of U.S./India development work while minimizing the need for daily calls/meetings for coordination.
- Championed secure development practices at Cisco, focusing teams on processes to help improve the security of products from the initial design through implementation and bug-fix stages.
- Has spent virtually entire career working in multi-site development projects and has led multi-site development projects between the U.S., Europe and India
- All 10 Best Practices
- Pre-Call Discovery Process
- One-on-One Call with Expert
- Session Summary Report
- Post-Session Engagement
Attackers are moving beyond the older techniques of finding holes in security perimeters or stealing passwords. Now, they are moving toward complex malware – also referred to as advanced persistent threats – that can lie undetected on servers for extended periods before activating and then moving around your network looking for sensitive data.
Changes in how – and where – data are stored, accessed and used are making security needs a moving target. Increasing use of cloud services are creating additional risks. Knowing where your data is stored is now more difficult. A well-intentioned employee who copies company data to a cloud storage service puts your data at risk. A security flaw in that cloud storage vendor's offering could affect more than just your vacation photos – now it could be your company's intellectual property that is taken.
Meanwhile, requirements for more mobile and real-time access to data and the advent of bring-your-own-device computing creates many more access points for mischief or error.
These new realities are placing sensitive company data at increasing risk. And that risk extends to the entire company, which faces:
- Loss of business.
- Direct loss of money.
- Damage to the company's brand and reputation.
- Legal liability, both civil and criminal.
- Loss of intellectual property and market position.
Reducing that risk requires a solid security plan for both preventing and dealing with a potential breach. Developing that plan, in turn, requires an understanding of what needs to be protected; regulations and industry standards for data and privacy protection; how users access and share data, and current and possible security solutions.
It also requires constant attention and activity to:
- Stay abreast of industry and security news and change.
- Monitor security solutions 24/7.
- Audit user accounts.
- Adjust IT solutions to accommodate mobile business, increased reliance on the cloud and bring-your-own-device computing.
- Gain control of "shadow IT" services, like unvalidated file-sharing services.