It is an unfortunate truism in IT: It's not a question of whether a security breach will happen to you, but when.

And, then, how long will it take you to detect it?  According to published research, in 2014 it took companies an average of 205 days to detect a breach.

Every company needs a security protection plan, but also a security breach plan similar to a disaster recovery plan. This plan needs to address how the company will respond to a breach so that when it does,  you're not creating a plan on the fly. 

Such a plan can help protect a company against loss of revenue, reputation and market position. Companies also can face civil and criminal penalties for failing to meet legal requirements for data or privacy protection and timely notification of affected parties.

Meet the Expert

About Steve

  • 25 years experience leading high-performing global product development teams, specializing in network security and security management.
  • Experience in embedded software and hardware product development includes 12 years of development leadership at Cisco for products in the web services, Internet telephony, network and content security markets.
  • Has led in-house and outsourced teams in India for more than 10 years; created groups and grew teams from 5 to over 50 employees; helped structure products and projects to get maximum benefit of U.S./India development work while minimizing the need for daily calls/meetings for coordination. 
  • Championed secure development practices at Cisco, focusing teams on processes to help improve the security of products from the initial design through implementation and bug-fix stages. 
  • Has spent virtually entire career working in multi-site development projects and has led multi-site development projects between the U.S., Europe and India

Experience

Managing Director • Safer Harbor
Jan, 2014 — Present
  • Consults in IT security and secure products development; clients include technology startups, educational institutions, global product development companies and global non-profits. 
  • Provided business strategy planning, including market and competitor analysis, for early-stage startup in the cloud storage/file sharing space. Analysis led to repositioning of the company in a different segment; company currently seeking venture funding.
  • Conducted technology review, including security compliance and threat analysis, for a global non-profit. Reviewed point-of-sale security concerns and compliance in the aftermath of the Target data breach; delivered recommendations to improve security strategy and planning.
  • Provided product development planning for a global security company and consulting in operations and process development for software-as-a-service (SaaS) company.
Director of Engineering • Cisco Systems, Inc.
Jan, 2001 — Oct, 2013
  • Served as engineering leader for Cisco's Intrusion Prevention System (IPS) and VPN concentrator development teams, with additional responsibility for elements of Cisco's Next Generation Firewall (NGFW).
  • Responsible for global teams that collectively delivered products and solutions to the U.S., Europe and India.
  • Led development teams responsible for security management product portfolio, including Cisco Security Manager (CSM), CS-MARS (SIEM offering).
  • Leader of the team that created ASDM – Cisco's first security management offering that provided full day-0 device support for the ASA product family including Firewall, VPN and IPS management,
Manager • Origin Technology in Business
Oct, 1999 — Oct, 2000
  • Led West Coast e-business development organization, focused on developing unique web applications for U.S. and international companies. Managed a team of consultants and ran the West Coast eBusiness office.
  • Applications included search engines, customer portals, product-affiliated "walled gardens," auction sites.
  • Provided business process consulting in addition to product development services.
Manager, Software Development • Philips Multimedia Center
Jan, 1996 — Sep, 1999
  • Lead engineer and development manager for Philips' advanced development lab, focused on web-based applications and services. 
  • Led creation of PlanetSearch Networks, a group of community web sites for vertical markets including K-12 education, WebTV users and Lighting professionals. 
  • Provided consulting services to Philips business units, including the audio and TV businesses, on techniques to leverage Internet technologies in their products.
  • Developed industry-first combination of speech recognition and search engines for PlanetSearch.
  • Created first search engine for WebTV Networks TV-based web browser.
Software Engineer • IBM
Sep, 1989 — Jan, 1996
  • Software developer for operating systems including AIXv3 launch on RS/6000 and OSF/1. 
  • Evangelist for Ultimedia Server/6000 product – authored white papers on video streaming and led customer briefings and demos of Ultimedia Server and Ultimedia Tools products.
  • Co-leader of IETF Working Group on updates to ST-II streaming protocol (RFC 1819)
  • Technical lead in team porting of Taligent CommonPoint to OS/2.
  • On-site representative for IBM at Taligent (Apple/IBM joint venture).

Education

California State Polytechnic University (Cal Poly-San Luis Obispo)
BS, Computer Science, 1989

Academia

Advisory board member, California Polytechnic State University. The advisory board:
    • Ensures that the computer science department has curricula and programs that help students develop foundational skills they can build on throughout their academic and professional careers. 
    • Provides industry insight to the academic leadership of Cal Poly and the computer science department to drive improvements in student success and relevance to industry.
    • Creates visibility and research opportunities for Cal Poly faculty and students with industry partners.
    • Mentors students and faculty

Publications

  • "Vocabulary and/or language model training," U.S. Patent #6430551, issued Aug. 6, 2002.
Packages with Steve starting from $400

Your Expert Package Includes:

Best Practices

Access to ALL Best Practices authored by TrustedPeer Expert Steve DeJarnett on this topic.

Pre-Call Discovery Process

Review and analysis of your issue with pre-call discovery questions by Steve, followed by a 30- or 60-minute one-on-one call. Sample

One+-on-One Call

Your (+colleagues) session is directed and focused from the first minute.

Session Summary Report

After your call, Steve completes a Session Summary Report to provide you with the session’s discussion topics, analysis, assessment and recommendations for next steps. Sample

Post-Session Engagement

After your session, continue your relationship with Steve on your own, or with TrustedPeer’s support.