Working in Cybersecurity for the past two decades, helping managed security service providers ( MSSPs ) meet the needs of their customers, gives me a unique perspective on how our industry has evolved and ultimately led me to join Stellar Cyber last month to run the Global Service Provider Business. As I get to know Stellar Cyber’s current customers and those within the company that design, build, and deploy the leading   Open XDR Platform   on the market, I will, from time to time, share some insights I’ve gained working for some of the most well-known brands in the industry. Today I thought I would start by outlining the significant changes occurring in the market today and how those changes influenced me to join   Stellar Cyber .  The Rising Demand for Security Services from MSPs Anyone who has been in our industry for any length of time knows that many organizations find it challenging to hire and retain staff for their internal security teams. With a skil...

  Three signs your cybersecurity vendor might be gaming the system For those of you who attended the  RSA Conference  in April, I am sure the bombardment of vendor emails, phone calls, and LinkedIn meeting requests is underway. While I’d bet many of the vendors begging for meetings offer products or services that are not on your radar for 2023-2024, there are probably a handful that you would like to put to the test to see if they can deliver better results than what you are currently using. For those vendors, after the compulsory introductory meeting, some technical discussion, or even a customer reference call, you will be offered a Proof of Concept (sometimes also called a Proof of Value). This time-honored tradition allows you to  “test the product for yourself.”   During the PoC, the vendor attempts to show you how their product stops more attacks, detects more phishing emails, spots more malicious websites, and the like to validate their marketing claims. ...

For an MSSP, the key to a CIOs heart is reducing risk for a cost that is less than what they’re spending now, Stellar Cyber asserts. A CIOs or CISOs job is never easy, but it’s more difficult now because cyberattacks are more frequent and more complex than ever before.  Cybersecurity  is a top priority for enterprises, and fundamentally, C-level executives are responsible for managing the risk of security breaches at cost points the business can afford. When there’s a serious attack, those executives can lose their jobs. Reducing risk means spending more money on tools and hiring more analysts to run them, but CISOs never have enough budget. Also, really smart security analysts are expensive and very hard to find. In this environment,  CxOs  try to find a balance between spending and risk – they’re always looking for an acceptable level of risk given the resources available. For an  MSSP , the key to a CIOs heart (and wallet), in particular, is stressing that yo...

  Artificial intelligence (AI)  has been transforming the  cybersecurity  landscape for over a decade, with  machine learning (ML)  speeding the detection of threats and identifying anomalous user and entity behaviors. However, recent developments in large language models  (LLMs) , such as  OpenAI’s GPT-3 , have brought AI to the forefront of the cybersecurity community. These models use documented  cybersecurity  information to learn how to respond to prompts on the topic.  LLMs  can also explain complex security issues in easy-to-understand language, bringing the non-expert into the world of  cybersecurity . While  LLMs  are not a silver bullet for cybersecurity, they can quickly detect and mitigate cyberattacks at scale. Unfortunately, as with all advancements in the cybersecurity world, bad actors are using  LLMs  to increase the breadth and speed of their attacks with some early success. One of the...

  After four jammed packed days in the  Moscone Center  in the heart of San Francisco,  RSAC 2023  is in the books. By now, most attendees are probably back to their day jobs, keeping us protected from the bad guys. Before settling into my daily routine, I thought I’d share a few takeaways from this year’s conference. We are Back I am embarrassed to admit that I cannot remember how many RSACs I’ve attended in person, they all kind of run together over time, but if I had to guesstimate, I would say this was probably my  8th or 9th . At any rate, the moment I hit the expo floor on Tuesday morning and saw the crowds of attendees everywhere, it was clear that we were back, and the pandemic was definitely in our rearview mirror. Walking the floor, the energy coming from everyone was palpable. In short, after a couple of years of being sequestered, security practitioners were more than ready to mingle with their peers. While the size of the show, in my opinion, s...

  There is an innate quality humans have to resist change. Our brains are hardwired to resist change, according to researchers. A part of our brain called the  amygdala  sees change as a threat and releases hormones for fear, fight, or flight. So when change arises, our brain tries to protect us from harm1, which makes us resist making a change. So how do we overcome our preference for “the status quo”?  David Gleicher and Kathie Dannemiller  created a handy formula to determine the likelihood of change. This formula breaks down like this: Since the factors are all multiplied, if anyone of them is not present (0), change will almost certainly not occur. We work with companies who make this calculation often regarding the technology they use to protect their environments, whether they know it or not.  Recently several organizations decided to  replace their Securonix deployment with the Stellar Cyber   Open XDR Platform . So for them, the benefits ...