Leslie K. Lambert
Chief Security and Strategy Officer, Gurucul
Managing Editor, Borderless Behavior Analytics
Apr 6, 2018
Taking over the helm of managing editor for the second edition of “Borderless Behavior Analytics – Who’s Inside? What’re They Doing?”, I couldn’t be more excited! We have continued the rich collaboration effort with top experts in the industry, widening the vision of the borderless story, as we have responded to, and expanded on, topical areas of interest we have seen expressed with a broad range of organizations we have encountered in the marketplace over the last year. The vaunted list of our Who’s Who caliber of new contributors includes:
- Devin Bhatt- CISO U.S. Federal Agency. With a chapter component originally appearing in the ‘Sneak Preview’ section of the first edition, Bhatt expands on his topic of best practices in insider threat programs. As well, the introduction to Bhatt’s chapter has a guide to the CMU-CERT (Carnegie Mellon University – Computer Emergency Readiness Team) Insider Threat program’s 20 best practices, including correlations of applications relating to advanced security analytics. While it’s not a replacement for the 175 pages of the original resource, it provides a quick reference to the material, and we think an invaluable and handy resource to the CISO.
- Nilesh Dherange- CTO, Gurucul. Following my chapter in the book on machine learning, my esteemed colleague at Gurucul, Nilesh Dherange, shares his seasoned insights into the world of big data, and emerging trends occurring there. Where the traditional industry experts have characterized big data breaking down into the six V’s (Volume, Velocity, Variety, Veracity, Variability, Value), Dherange has defined two more V’s to more accurately describe big data. Can you guess what they are? If not, you’ll need to read the book to see. As well, he observes ‘big data’ may very well have worn out its welcome as an apt industry term, it being too outdated, limiting and frankly… too small. Megadata is the new term Nilesh sees fitting the bill more accurately for the near future.
- Jairo Orea- CISO, Kimberly-Clark. Having also appeared in our sneak preview section of the first edition, Orea expands on his topic of the challenges and solutions for addressing the complex requirements of hybrid cloud environment architecture, along with the implications for emerging advanced security analytics requirements. His Triad (identity, data, and infrastructure) schema for optimized hybrid cloud architecture planning is an especially useful resource. Orea’s credentials as having been UnitedHealth Group’s Chief Information Security Architect along with continuing to serve as Chief Architect for the Trusted Cloud Initiative (Cloud Security Alliance), make this chapter a particularly authoritative read.
- Jim Routh- CSO, Aetna. Transitioning from writing the Foreword for the first edition of the book, Routh provides a rich and in in-depth view of model driven security, which includes insights to what he terms ‘unconventional controls’. Routh’s authority and subject matter expertise in the emerging world of advanced security is bolstered by his role as the chairman of NH-ISAC’s (National Health Information Sharing and Analysis Center) board. On top of that, Routh’s cutting-edge adoption of Aetna’s innovative security strategy was profiled in the Wall Street Journal. In his chapter, you’ll get in-depth insights into the realities behind this next wave of advanced security solutions that may very well define new standards for security in the near future.
- William Scandrett- CISO, Allina Health. Scandrett shares his insights into the healthcare utilities of UEBA beyond security applications. This fortifies the prospect of this security solution as being a beneficial part of the enterprises bottom line, not just seen as a cost center. It turns out that UEBA behavior monitoring can be applied to medical devices, to establish their normal operational behavior and be used for IT planning of appliances and to use UEBA’s baseline patterning to understand where devices should live and how they should operate in the network. As well, Scandrett shares his fascinating insights into Allina Health’s unique use case involving Super Bowl LII, hosted in Minneapolis, where Allina supported the healthcare services activities for that massive high-profile event.
- Vishal Salvi- CISO, Infosys. Writing the Foreword to the book, Salvi shares his insights of the challenges of a majority of organizations face today with digital transformation within today’s rapidly evolving environments. He has seen a great deal of digital transformation first hand from his vantage point as the security leader for one of the top system integrators in the world. From his perspective, he sees the unfolding value of UEBA across a broad collection of enterprise environments. As well, he observes that the majority of books CIOs and CISOs have for security technology in today’s emerging environment are simply outmoded. He sees how our book should be a critical part of their library going forward.
Adding to Vishal Salvi’s observation, Dan Lohrmann, of GovTech magazine, had this to say about the first edition of the book: “I am going so far as to say this is a MUST READ for understanding the next generation of security solutions…” It doesn’t get much better than that! We have strived to provide in-depth insights in the new topics that continue to make this an invaluable read… But don’t take Lohrmann’s word for it. You should really decide for yourself if the praise is worthy.
The second edition of the “Borderless Behavior Analytics – Who’s Inside? What’re They Doing?” book will be launched during RSA 2018 conference in San Francisco, starting April 16th and you can score a complimentary copy at the Gurucul booth in south hall #2001 (while supplies last!).