“The Blob” Is Poisoning The Security Industry
Read about The Blob (and what we can do to fix it), empathy (of all things!) and detection engineering
Welcome to Security with Allie.
“I am prepared to meet my Maker. Whether my Maker is prepared for the great ordeal of meeting me is another matter.”
-Winston Churchill
Check out my insights from the past month or so in cybersecurity below – and please let me know what you think on LinkedIn. I do all of this to hear what you think. 🌟
“The Blob” Is Poisoning The Security Industry
The security community suffers at the hands of what I call "The Blob" - people that have simmered in the security industry for much if not all of their careers to the point where the lines between vendor marketing messages and reality have completely faltered.
The Blob says things like:
👎 “SIEM is dead!”
👎 “You don’t need detection if you have good prevention.”
👎 “The autonomous SOC/automation will take care of that talent shortage for you.”
These false messages slowly poison the industry, holding us back from collectively solving the biggest challenges we face. Read about The Blob (and what we can do to fix it) in my latest blog:
Reap The Rewards Of Empathy, The Emotional Buoy Of Trust
Forrester defines empathy as:
The perception that an organization is emotionally connected to its customers, employees, and partners and understands and shares their feelings and experiences.
In this blog, we showcase Forrester’s Enterprise Empathy Framework, a systematic way of building and maintaining an emotional connection to stay in touch with business stakeholders. When done on a continuous basis, these five steps enable organizations to build strong, trusted relationships with business stakeholders despite changing market dynamics, customer habits, and global events. Read more here:
The Detection And Response Development Lifecycle (DR-DLC) For Detection Engineering
The security operations center (SOC) has reached the same tipping point that software development faced many years ago: It’s dealing with too much data (big data and log management), struggling to innovate and update monolithic software (detection and incident response processes), and lacking ownership beyond initial deployment (content management).
When the software world reached this point, it pivoted from building monolithic software based on a waterfall methodology to microservices and agile. The SOC can take advantage of these same lessons and apply them to detection and response engineering, the engineering-focused capability responsible for building new detections and response automation workflows. Read more about building a detection and response engineering practice here:
Check out my insights from the past month or so in cybersecurity below – and please let me know what you think on LinkedIn. I do all of this to hear what you think. 🌟