From the Office of the CTO: Building Effective Insider Threat Programs

Three Short Stories To begin this latest post and in order to properly frame the Insider Threat conversation, rather than use obscure statistics in an effort to convince you that you should be suspicious of all your employees and coworkers, I think it is much more effective to tell you a few stories. None of these stories come from my clients and none of this information is privileged. You can…

The Importance of Data Security and Insider Threat Programs in Mergers and Acquisitions

Mergers and acquisitions have become an important part of many organizations’ growth strategy. In most large transactions, countless hours are spent on due diligence, whether that due diligence is related to the financial health of the company, compliance with applicable regulations, or a variety of risk factors. Refreshingly, cybersecurity has emerged as a risk factor that is getting significant attention as part of the due diligence process. However, there is…

Research and Development into Commercial and Domestic Alarm Systems

As part of my Radio Frequency research, I wanted to not only look at vehicles but also household name burglar alarm systems.  To that end I decided to look at three main manufacturer types that seemed to take a large portion of the market share. My findings concerned me, especially how some of them were trivial to bypass and disarm.  One of the alarms did come out on top, however,…

From the CTO’s Office: The Fallacy of End-to-End Encryption

RSA 2017 was, as always at InteliSecure, a very busy week that has the distinct possibility of disappearing into a blur of meetings, lunches, dinners and happy hours. During these events, I had the distinct pleasure of speaking with a group of smart, talented and influential people. One such discussion sparked a conversation about the disturbing trend of end-to-end encryption from any client to any destination that makes it increasingly…

Addressing the IT Skills Gap Part V: Deepening the Talent Pool

In order to strengthen the average talent in the cybersecurity labor market, we first need to address a major problem that faces the cybersecurity sector. Cybersecurity as a career field is overwhelmingly male and overwhelmingly Caucasian. In fact, according to a recent article from bankinfosecurityt.com citing government statistics, “Whites, who account for about 80 percent of the American workforce, make up 70 percent of the IT security workforce. About 7…

Addressing the IT Skills Gap Part IV: Utilizing Managed Security Services

By Jeremy Wittkop, InteliSecure CTO My previous posts have touched on hiring and cultivating talent as two of the three main strategies organizations can employ to build their cybersecurity team. Hiring well is difficult and time consuming even when cybersecurity hiring is your primary responsibility and when your business is cybersecurity. However, most people hiring cybersecurity professionals are in the business of doing something else, which makes the task of…

Addressing the IT Skills Gap Part III: Cultivating and Retaining Team Members

By Jeremy Wittkop, InteliSecure CTO For many large organizations, there are people on the inside who possess both the technical skill and the willingness to learn to become cybersecurity professionals. In order to effectively pursue this strategy, it is key to ensure that there are enough qualified and experienced team members on staff to mentor the newer professionals being groomed to fill out the team. Therefore, if you choose this…

Addressing the IT Skills Gap Part II: Hiring to Win

By Jeremy Wittkop, InteliSecure CTO “The secret of my success is that we have gone to exceptional lengths to hire the best people in the world.”  – Steve Jobs The first instinct of many executives is that they want to hire the talent they need in all aspects of their business. This approach gives the organization maximum flexibility and control with respect to those resources, but it comes at a…