Steve DeJarnett
- 25 years experience leading high-performing global product development teams, specializing in network security and security management.
- Experience in embedded software and hardware product development includes 12 years of development leadership at Cisco for products in the web services, Internet telephony, network and content security markets.
- Has led in-house and outsourced teams in India for more than 10 years; created groups and grew teams from 5 to over 50 employees; helped structure products and projects to get maximum benefit of U.S./India development work while minimizing the need for daily calls/meetings for coordination.
- Championed secure development practices at Cisco, focusing teams on processes to help improve the security of products from the initial design through implementation and bug-fix stages.
- Has spent virtually entire career working in multi-site development projects and has led multi-site development projects between the U.S., Europe and India
- All 10 Best Practices
- Pre-Meeting Discovery Process
- One-on-One Call with Expert
- Meeting Summary Report
- Post-Meeting Engagement
IT Security - How To Prepare For and Respond To Data Breaches
Common Problems
- Many companies don't have adequate plans for what to do after a computer security breach.
It's not a question of whether a company will be breached, but once it happens happen, how long will it take you to discover the breach. If a company does business in an area where natural disasters are common or a substantial threat, it is common to have a disaster recovery plan for the business. If the company operates in California, it plans for earthquakes. In Florida, it may be hurricanes.
Just about any company recognizes that it needs to have provisions for an offsite disaster recovery data center and some contingency plans to run the company in the event of a disaster. But they don’t have that same level of planning around what are they going to do when a data breach occurs or a security incident occurs. Well-prepared companies put together a plan, very much like a disaster recovery plan, that provides a playbook to follow in the event of a data breach or security incident.
- Software and hardware products from a variety of sources can create security gaps.
- Companies may build some of their own software, but they also buy software solutions from many different companies for many different purposes. In the world of software and network security, all of those products and their interfaces create a very large surface area to attack. These products may not have been designed or architected to work together, and it’s sometimes the cracks that emerge that people exploit to get intoo systems and networks.
- The time required for daily management, maintenance and update for software and networks can make it difficult to dedicate needed time to security planning and implementation.
Keeping IT systems running is more than a full-time job at most companies. Updating software across a range of operating systems and applications, while keeping the production systems running is a daunting challenge – especially if the organization does not have a staging environment to test the changes. There is a constant tension between improving operations and security and the basic need to keep the network and its applications stable.
But this is one place in which the old maxim "if it ain't broke don't fix it" won't apply because every system is broken in some way. As new vulnerabilities are discovered, it becomes clear that you must patch and otherwise update regularly to limit your security exposure.- The best technology solutions can fail without a commitment to proper human resources.
Security solutions tend to produce a lot of information about what’s happening in your network. There is so much so that it’s hard for people to know which data points represent something that’s truly new, unique and perhaps alarming, and which things are just sort of regular, run-of-the-mill, everyday events that don’t represent threats.
Companies, too often, buy these solutions but then don’t invest in the human resources to monitor them and investigate incidents quickly so that the window can be closed on a breach in the shortest time possible. The best security in the world won't work if it is not used correctly.
- Phishing and social engineering attacks on your employees and vendors put sensitive data at risk.
- Phishing and social engineering attacks target your employees in ways that are designed to attack your systems when their guard is down. Phishing email messages may appear to come from your IT team or senior leaders in your company. They will be designed to look exactly like a legitimate message, except they will entice the recipient to click a link or download a file that will infect your systems.
In social engineering attacks, the attacker uses information gained from social media and live conversations via email or phone to gain information about your company and about employee computer accounts with a goal of using the information to break into your systems. A seemingly "innocuous" call from "IT" may ask an employee to "verify their old password." The caller often uses just enough details to sound convincing, as though they also are employees of the company. - Cloud services leave company data outside of your network, creating a new security challenge
- With the growing use of company-sanctioned cloud services (sales, HR, storage, collaboration) and the rise of employees using consumer services for business purposes (“shadow IT”), companies have a large new security challenge in understanding where their company data is being stored and processed and how to ensure they can secure the data and manage access to it.