On our most recent podcast, we featured cyber security expert Derek Gabbard from FourV Systems. Derek has spent his multi-decade career working with cyber security systems and protecting assets—which has led him to what he does now, an interesting combination of security and research. These days, there are so many ways to protect your systems, devices, and people. What’s not talked about is the resulting data and evaluation of those protective measures. Are they working? Are you identifying risks and then optimizing them? Gabbard says, “We’re basically trying to show you how you evolve.”
Derek states that there’s no perfect way to create a rock-solid correlation between an occurrence within your system and an alert, but with the amount of incoming information they can create metadata that helps refine the process to reach a point where the data is helpful. The more data that is gathered and organized, the more trends, and patterns they can identify as positive or negative as it relates to your individual brand.
Users. Surprised? Don’t be. Derek mentions that in his experience, users are not acting with malice when they put their systems at risk; they’re just trying to do their jobs as quickly and efficiently as possible. Some of the ways they find to get around things for the sake of speed may put them at risk without even knowing it. What’s the best way to decrease user risk? Training, forced learning, information. The more your users know about different types of risk, the better they will be at avoiding it.
