enterprisesecuritymag

It's a Gnu Year - Keep moving

By Sean Leonard, Director of Threat and Vulnerability Management, Universal Music Group

Sean Leonard, Director of Threat and Vulnerability Management, Universal Music Group

This month marks the 15th anniversary of what I call my “solo world tour”. A decade and a half ago, I jumped onto a plane at LAX and made my way to England, Greece, the United Arab Emirates, Egypt, and East Africa. Ok, so not exactly a “World” tour, but a good portion of it, and a spectacular experience in every regard. Highlights included the Tower of London, Big Ben, and The London Eye as well as every pub in between. Athens was surreal. It had just wrapped up hosting the Olympics, so the crowds were down, but the sites were in peak form and the people warm and welcoming. Dubai was remarkable in its scale and ambition. Egypt was amazing for every reason you can think, but it was my time in Africa that made the greatest impact. Started the visit by climbing Mt. Kilimanjaro but ended it with the obligatory African safari. If it’s not on your bucket list, take the time to write it in now. I’ll wait.

It was on that safari that I learned one of the greatest lessons of my career and one that I now pass along to you.

Keep up with the herd.

True enough. That one-day venture onto the open savanna yielded a spectacular and vicious display of what NOT to do when traveling in groups. Don’t be the slow one, but also try not to get too far ahead either. That is equally dangerous and gives new meaning to the term “bleeding edge”.

Yes, like every wildlife documentary you’ve ever seen, we witnessed what happens when a slow, possibly injured wildebeest cannot keep up with the others, and it was every bit as graphic as you might imagine. Suffice to say, I can no longer eat rare meat, and I now have a profound hate for hyenas.

"It was on that safari that I learned one of the greatest lessons of my career and one that I now pass along to you"

I was reminded of this event recently when our team was discussing our achievements for last year and our goals for the new decade. When discussing our current security processes and tool sets, the phrase “If you’re not moving forward, you’re falling behind” was used to, quite accurately, describe our current vulnerability management efforts. Indeed, if you’ve been using the same tools, the same processes, and NOT looking for opportunities to optimize, automate or consolidate, you are most likely falling to the back of the pack. Keep up!

It’s a new year and the budget is just starting to get tapped. If you haven’t already made plans to meet with your vendors, make those plans now; I’m sure they would love to hear from you. Or better yet return one or two of those sales calls for tools or services you’ve been meaning to look at; I KNOW they would love to hear from you!

Our environments are growing and changing on an EPIC scale. Given the move to cloud, our server base is multiplying weekly, and many are existing for no more than a few hours. How are you tracking those at your SEIM? How are you securing them when old processes can take days to detect and update? Do you even bother? What are others doing? Machine Learning and AI are the new hot trends: how are they being used to develop the tools you will be using?

There are answers out there for ALL these questions and good people ready to provide them.

Sure, we are not all wild animals grazing the open plain. Our clients and users are experienced, sophisticated, and intelligent human beings. But it only takes one knucklehead to click on that tantalizing link in that phishing email to infect the whole herd. Sure, our job is tough, and the hyenas are more clever than ever, so let’s keep moving.

It took 800,000 years of evolution to refine the Vulnerability Management practices of the East African wildebeest, and it made them the most abundant species of its kind. That title was hard-won and the product of relentless forward progress. Let’s follow that lead, stay together and keep moving.

Because the hyenas are closing in.

Weekly Brief

Read Also

Top Skills Needed for Security Guards

Top Skills Needed for Security Guards

Titan Samuel Jonas, Head of Global Sales, Titan Security Europe
Cybersecurity 2.0 - 4D (Digital Defense, Detection & Deception)

Cybersecurity 2.0 - 4D (Digital Defense, Detection & Deception)

Umesh Yerram, Vice President, Chief Data Protection Officer, AmerisourceBergen
Managing Risks to Security Officers during Covid

Managing Risks to Security Officers during Covid

Samuel Jonas, Head of Global Sales, Titan Security Europe
Security Aspect of Remote Access Technology

Security Aspect of Remote Access Technology

Dan Macgregor, IT Director, MMI Hotel Group
Securing the Transportation Systems

Securing the Transportation Systems

Chris Cooper, WW Information Security Director, Cubic Transportation Systems