25 years experience leading high-performing global product development teams, specializing in network security and security management.
Experience in embedded software and hardware product development includes 12 years of development leadership at Cisco for products in the web services, Internet telephony, network and content security markets.
Has led in-house and outsourced teams in India for more than 10 years; created groups and grew teams from 5 to over 50 employees; helped structure products and projects to get maximum benefit of U.S./India development work while minimizing the need for daily calls/meetings for coordination.
Championed secure development practices at Cisco, focusing teams on processes to help improve the security of products from the initial design through implementation and bug-fix stages.
Has spent virtually entire career working in multi-site development projects and has led multi-site development projects between the U.S., Europe and India
Malicious attempts at breaching security in systems that employ a high-level of knowledge of hardware, software and programming. Such attempts may use automated systems to persistently attack different avenues of entry or may use various forms of malware to secretly infect a system.
Bring your own device (BYOD)
As the world becomes increasingly mobile, and workers increasingly are expected to be "on call" for larger and larger shares of the day and year, employees increasingly use their own computers, tablets, phones and other equipment to attach to company servers and to access sensitive data. This bring-your-own-device approach to work creates a need to balance access with security.
Closed loop corrective action
A feedback loop designed to identify, investigate and take corrective action when systems fail. Solutions are tested and become part of the system or process in a continuing loop of observation, testing and correction.
Cloud computing, also known as "the cloud," cloud storage, cloud services, etc.
The use of remote servers hosted on the Internet to store, manage and process data, rather than on a local network or computer. This may include file storage and sharing, databases, applications or any other digital activity.
The process of removing data from the system and taking it elsewhere. In this context, you can think of this as stealing your data.
Indicator of Compromise (IoC)
Anything that serves as a clue that a breach or compromise has occurred. Often there will be multiple indicators that point to a particular type of attack or target of the attack. Events from security devices, unusual behavior observed on certain systems, and traffic from your network to unknown addresses on the Internet are examples of indicators of compromise.
Malicious software. A relative of older viruses, malware can take on many forms and be used for many different purposes, but no user would knowingly consent to installing them if their true purpose was known. Sometimes it is a program that has a benign front, perhaps a game or other application, which houses malicious code inside that works in the background. Alternatively, it can be software that is surreptitiously installed on a computer, perhaps unknown to the user, and which operates without the user ever knowing about it. Malware is often given commands from remote "command and control" servers. The most sophisticated malware can evolve and download new software to alter or enhance its capabilities over time.
Mobile device management (MDM) software
A general term for solutions aimed at providing controlled access to company data on personal, mobile devices. Normally, such solutions also include the ability to "wipe" company data from such devices in the event they are lost or stolen or an employee leaves the company.
Highly-targeted email messages, often sent to a very small number of people in a target organization. The purpose of these messages is to get the recipient to let his or her guard down and click on a link or download a file that infects their system – often silently. The victim may have no idea that anything malicious has occurred, but their system – or ones they have access to – are compromised and the attacker now has a foothold in your systems and network.
The informal aggregation of non-validated, unapproved cloud-based IT services used by employees in the conduct of their work. Such services normally are used by employees looking for solutions to problems that arise in completing their legitimate duties, but they pose a potentially significant security risk to sensitive data.
An attack technique that tries to convince targets that the person they are interacting with – via email, phone or in-person – is part of the same company or organization, thereby getting the targets to lower their guard and share information that they would not normally tell an outsider. Examples include usernames and passwords, information on company employees, phone numbers, titles, etc. Anything that an attacker can use to either directly attack the company's systems or that they can use to conduct more-convincing social engineering on other employees.
XaaS - Anything-as-a-Service
Software-as-a-Service (SaaS) started the trend, but now companies can purchase much more than just software as a service. This generally refers to the ability to rent a resource (such as software, hardware, storage) from a cloud provider for a monthly fee. It often includes the ability to dynamically grow or shrink the capacity dedicated to you, which allows for great flexibility. Additionally, renting the service often has financial advantages to a company, allowing it to expense the service costs monthly rather than capitalizing and depreciating equipment and software over time.