![]() ![]() Our SOC is not just a demo environment but it has real data.” “We use our own tool sets, we test on ourselves first to ensure that we are always making continuous improvements. Our SOC is used by both our customers and internally,” she explained. “Having a working SOC is table stakes for us. It is a lot like looking at Pantone color shades: there is plenty of red to look at.” This was something she mentioned at Supercloud: “It seems we’ve had this concept of zero trust, or principles of least privilege, seemingly forever, at least since Cro-Magnon man,” she quipped.īaloo spoke at Supercloud about having a security operations center that wasn’t a movie set but an actual functional entity. When she compared what she was worried about a decade ago to what is on her plate now, she told me, “Everyone struggles with the same stuff, just the threats are different. Baloo spoke at the SiliconANGLE’s Supercloud 3 conference last month as well as doing a follow-up interview this week with me, providing insights for how to improve cybersecurity. ![]() And it reportedly is the subject of a potential takeover by a private-equity firm.Īs a longtime security manager, Baloo can afford to take the long view. ![]() 8, it said it will lay off more than 400 people worldwide, 18% of its staff, in a restructuring. Indeed, Rapid7 itself has run into a rough patch despite continuing growth. Now, 11 years later, she’s chief security officer at Rapid7 Inc., which she joined earlier this year. Fortunately, she hasn’t had to deal with an insider threat yet there.īut there are new obstacles: She now has to navigate not only ever-evolving cybersecurity challenges but also business challenges. “Both at KPN and at Avast, our leadership took it well and upped their security game.” “Breaking down silos in the name of security is critical,” she said. The reason she considers both events career highlights is the way they helped her break down silos among different tribes and getting these teams to work together toward improving security. “It was a reality and sanity check on how good we thought we were.” But it forced changes in security practices that have informed her thinking ever since. ![]() “This kid moved the needle on how we saw our security, and he made an impact on our self-confidence,” she recalled. Those first few weeks were certainly a scramble as she worked through what happened, how to fix things and most important, how to prevent another breach from happening.īut that was the second time she was dealing with an active breach. She had been working for only three months at the Dutch mobile operator KPN in 2012 when the company was attacked by a 15-year-old hacker who found a flaw that affected a couple hundred of its machines. When I first met her, four years ago, she was the chief information security officer for another security provider, Avast, now part of GenDigital. There, she came into her first week on the job having to deal with an attack on their software supply chain that had been happening inside its systems for several months. But this is what happened to Jaya Baloo, who is now chief security officer at cybersecurity provider Rapid7 Inc.Įven more interesting, she considers both times - which happened at two different companies - career highlights. Not many chief security officers will point out not one but two times they took a job while their companies were under attack. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |