IT Ops Query
This podcast distills the signal from the noise about enterprise IT digital transformation and operations in the era of Agile, DevOps and distributed applications. Interviews feature expert guests in conversation with IT journalism veteran Beth Pariseau, Senior News Writer at TechTarget.
Episodes
7 days ago
7 days ago
Doug Merritt was CEO of Splunk from 2015 to 2021 and led the company's transition from an on-premises software company to a cloud-based service provider. After two years in the venture capital and board advisory space, Merritt joined multi-cloud networking company Aviatrix as CEO in 2023. That company introduced its first security product, a distributed firewall for Kubernetes, in May, and rolled out a managed version of its multi-cloud network and security control plane this week.
Merritt identifies two ways generative AI is shifting multi-cloud security: first, data gravity and the costs of generative AI mean cloud computing is becoming increasingly distributed, often including hybrid and edge environments, which he says calls for a new approach to centralized network management. Secondly, Merritt said he's a believer that generative AI will help network and SecOps pros keep pace with these changes – and in the coming weeks, Aviatrix will roll out the first of its own GenAI-powered features for security incident management and event reduction.
Thursday Nov 07, 2024
Thursday Nov 07, 2024
Robert Slaughter is CEO of Defense Unicorns, a defense tech startup specializing in Airgap software delivery in highly secure and sensitive environments in the military and federal government. Previously, he was director of the U.S. Department of Defense's Platform One DevSecOps project and co-founder at Space CAMP, a predecessor of Platform One for the US Space Force. Prior to starting Defense Unicorns, he served 12 years in the US Air Force.
If companies think threats to the security of critical national infrastructure don't involve them, Slaughter says, they should think again. And he suggests they might adopt some of the techniques familiar to military and government cyberdefense pros, from proactive threat hunting to air gaps.
Thursday Oct 31, 2024
Thursday Oct 31, 2024
Joshua Corman is executive in residence for public safety & resilience at The Institute for Security and Technology (IST), a non-profit think tank based in the San Francisco Bay Area. He is also co-leader of a Cybersecurity and Infrastructure Security Agency (CISA) community working group for SBOM on-ramps & adoption. Previously, he was vice president of cybersecurity strategy for Claroty, an IoT security company; chief strategist on the CISA COVID task force; director of the Atlantic Council's Cyber Statecraft Initiative; and CTO at security software vendor Sonatype.
In August, Corman delivered a presentation at CISA's SBOM-a-Rama event warning that time is running out to more effectively protect critical infrastructure systems such as the water and power supply that rely on potentially vulnerable software to operate. Corman emphasized the urgent need to more effectively identify vulnerabilities and defend against attacks such as China's Volt Typhoon nation-state threat group. An initiative Corman is leading at IST under the working title UnDisruptable27 now looks to address these threats.
"We live in glass houses," he said in this episode's interview. "And people are about to start throwing rocks."
Thursday Oct 24, 2024
Thursday Oct 24, 2024
Chris Steffen is vice president of research for information security at analyst firm Enterprise Management Associates. He previously held a variety of IT leadership roles at companies including Hewlett Packard Enterprise, and DXC Technology. He is a regular speaker at industry conferences, the host of the Cybersecurity Awesomeness podcast and a frequent guest on other IT security podcasts.
The day of the CrowdStrike outage, Steffen posted on LinkedIn, "Not trying to kick anyone while they are down, but those that equate resiliency with public cloud computing really need to re-evaluate those beliefs, especially for mission critical workloads. The outages being reported today were some of the exact same issues that we have seen before, but - as an industry - don't seem to learn from."
In this episode, Steffen discusses the lessons on data center resilience he says have been lost in the cloud era and why IT orgs must re-evaluate their cloud risk.
Thursday Oct 17, 2024
Thursday Oct 17, 2024
Esteban Gutierrez is chief information security officer and vice president of information security at observability vendor New Relic. Previously, he was an enterprise information security strategist at Intel, and he managed the network operations and security center for the US Army Corps of Engineers.
He shares takeaways from New Relic's recent State of Observability survey, lessons learned from his career in cybersecurity about bridging the SecOps / IT Ops gap and why he believes data is crucial to the future of both DevSecOps and AI.
Thursday Oct 10, 2024
Thursday Oct 10, 2024
Rich Lane is currently IT director at the City of Medford, Massachusetts, and has had a varied career in IT infrastructure and operations. He served as VP of digital operations strategy for data security software vendor Netenrich from 2021 to 2022, and as a Forrester Research analyst from 2018 to 2021. Before that, Lane worked as a professional services consultant for observability vendor Splunk, and as IT infrastructure and operations manager at Bain Capital.
From Lane's perspective, the CrowdStrike outage reflected an organizational disconnect at many companies between the IT security teams that choose tools and the infrastructure operations teams that must support those tools in production. In Lane's experience, this rift began to grow after the high-profile Sony Pictures data breach ten years ago as enterprises re-emphasized cybersecurity.
Now, he says, CrowdStrike should be a sign it's time for the two groups to come together again and come up with more resilient ways to operate security tools, demand better communication from vendors during incidents, and to better account for the human factor in cyberattacks.
Thursday Oct 03, 2024
Thursday Oct 03, 2024
Melinda Marks is cybersecurity practice director for TechTarget's Enterprise Strategy Group analyst firm. Previously, she held a variety of roles in the IT and cybersecurity industry, including marketing and PR leadership positions at vendors such as VMware, Qualys, Tenable Network Security. Just before joining ESG in 2021, she was chief strategy officer and CMO at Soluble, makers of a CI/CD security and compliance automation tool for infrastructure as code.
In this episode, Marks discusses how Microsoft's first Secure Future Initiative report can serve as a blueprint for other enterprise SecOps pros; the evolution of cloud security tools; the future of cybersecurity regulations; and how SecOps practices must also evolve in an age of increased regulatory scrutiny to become more efficient and collaborative while maintaining visibility and control.
Thursday Sep 26, 2024
Thursday Sep 26, 2024
Kyler Middleton is senior principal software engineer at healthcare tech company Veradigm. She is also founder, owner, and CEO at 14ers Consulting, an IT services and engineering firm, as well as the co-host of her own podcast, Day Two DevOps and the founder of an IT training website, LetsDoDevOps.com. Her LinkedIn profile says, "I will teach you. It's unavoidable."
In this episode, Middleton and TechTarget Editorial's Beth Pariseau examine two of the biggest double-edge swords in IT: cloud security and AI. The same cloud platforms that connect the world -- and broaden its attack surface -- also offer free and low-cost tools for IT pros to experiment with multiple layers of security automation and centralize log analytics; the same AI models that make burgeoning log data manageable could make it more difficult for security novices to learn the basics. Middleton shares her outlook on all these issues as well as tips for SecOps newbies.
Thursday Sep 19, 2024
Thursday Sep 19, 2024
Brian Jack is chief information security officer and data protection officer at KnowBe4, a security awareness training software vendor based in Clearwater, Florida. The company made headlines in July when it thwarted an attempt by a North Korean nation-state actor to infiltrate its software engineering staff. The company did hire the attacker, who used the stolen identity of a US citizen and deepfake images to get through the vetting process, but detected suspicious activity on his account and contained the threat before the attacker gained access to any company data.
In this episode, Jack shares the details of the incident, how the company's SOC detected and responded to the threat, advice for other companies on how to mitigate this increasingly common path of attack in the age of remote work and how he defines a good state of SecOps.
Thursday Sep 12, 2024
Thursday Sep 12, 2024
Kevin E. Greene is public sector CTO at OpenText Cybersecurity. Prior to his current role, Kevin worked at the MITRE Corporation supporting DevSecOps initiatives for sponsors, ATT&CK research, and MITRE’s Common Weakness Enumeration program, and served as cyber research and development program manager at the US Department of Homeland Security. Kevin's research in Hybrid Analysis Mapping (HAM) helped shape and influence Gartner’s Application Security Posture Management Magic Quadrant.
He has been an outspoken public advocate of challenging the status quo in software engineering practices as well as government policies and procedures to improve cybersecurity. This episode features a wide-ranging conversation about what's broken about software security and how the concept of software resiliency can improve the industry's cyberdefense.