‘In the industry, we've observed fragmentation, especially among larger organizations,’ says Chris Fisher

Have hardware or software with potential exposure or vulnerabilities that could be exploited by a hacker.
Chris Fisher is a seasoned marketing professional who specializes in digital marketing and demand generation to fuel business growth. I integrate product messaging and innovative strategies with data-driven marketing to achieve quantifiable outcomes. Read on to know his thoughts about safeguarding the layers of Cyber-security.

When you consider vulnerability management, the goal is to identify all areas where you might have hardware or software with potential exposure or vulnerabilities that could be exploited by a hacker.

Media 7: What experiences or moments of truth ignited your desire for a career that marries product messaging with data-driven marketing? Can you take us through the key moments that ignited your passion for this field or role?
Chris Fisher:
I have a background in computer science, which is my degree and the basis of my university education. However, I discovered early on that I struggled with coding and realized I wouldn't excel in that area. Consequently, I began exploring alternative avenues within the IT world. I initially embarked on my career in information security as an IT security auditor, holding the necessary certification. I worked for firms like PricewaterhouseCoopers as an auditor before transitioning into a different role.

Subsequently, I assumed the position of program manager for the Internet sites of a large multinational technology company. It was during this period that I truly grasped the potential of leveraging the Internet for effective product messaging. This realization led me to make a career shift towards marketing, away from IT, and this decision was made in 2001.

M7: As the Marketing Officer at TAC Security, your expertise in merging product messaging, creative strategies, and data-driven marketing for tangible results is remarkable. What significant steps have you taken in this role that have expanded its potential?
CF:
When I joined TAC Security several years ago, Trishneet had a company with strong products but weak marketing. One of the initial priorities I set was establishing a roadmap for what I'd call our marketing infrastructure. This serves as the bedrock for data-driven marketing. To achieve this, we required a sturdy website and essential marketing automation tools for tasks such as email marketing, social media management, and search engine marketing. Without this foundation, executing data-driven marketing, as you refer to it, would be impossible.

The exciting development is that, thanks to the emergence of social media, the Internet, and websites, we now have a fantastic opportunity. We can conduct experiments and gather data swiftly, providing us with the necessary feedback for improvement. Therefore, the first step I proposed to Trishneet was, "Let's establish the foundation." We've successfully implemented several vital components. Our website has undergone two or three significant evolutions since my arrival, and we've incorporated a marketing automation platform. This platform enables us to gather and analyze data beyond website metrics, helping us gauge the effectiveness of our programs and campaigns.

M7: What spellbinding qualities do you believe weave a tapestry that distinguishes your company from the mundane crowd?
CF:
One of the unique differences we have is Trishneet Arora's background. He started in services and then transitioned into product development. He understands the importance of listening to customers, identifying their problems, and finding the best solutions. This service-oriented background shapes our entire culture. Service is part of our DNA; we genuinely care about our customers and design products to meet their needs, enabling them to perform their jobs more effectively and efficiently. Our key differentiator is this service-oriented DNA, which means we prioritize listening to our customers and addressing their challenges.

Another crucial aspect is the innovative ideas that Trishneet has integrated into our products. Our commitment to innovation keeps us one step ahead of the competition, helping end-users translate complex cybersecurity data into easily usable information. This empowers them to communicate effectively across their organizations, bridging technical and business boundaries. Consequently, they can clearly convey the cyber risk and take the necessary actions to mitigate it. 

Read more: 'AI & ML algorithms will play a critical role in identifying cyber threats,' asserts Trishneet Arora


One of the initial steps in understanding your vulnerability and risk management posture is to have a complete inventory of everything connected to your network.

M7: How does the alchemy of content wield its power to conquer the formidable challenge of trust-building and brand differentiation faced by companies in the information and security space?
CF:
I've witnessed significant content evolution in the past decade during my involvement in cybersecurity marketing. Social media has gained prominence, making it easy for people to quickly grasp information. It has transformed their inclination to engage with content.

You must consider making a quick impact within the first few seconds. When someone views your content, they tend to scan and skim rather than read thoroughly. This has led to the rise of platforms like YouTube and video content. People are too busy, and their attention span is short. They want to quickly assess and decide if it is interesting enough to invest more time — perhaps a minute or even five if we are lucky. For companies like ours, the average website visit is often less than a minute, even if visitors find the information they seek. They will not linger on the site for long. This is why the content alchemy you mentioned needs to be concise, engaging, and convey trustworthiness to encourage viewers to spend more time on it.

M7: What's your perspective on the significance of safeguarding every layer of cyber security?
CF:
I believe this is of utmost importance. Last year, I delivered a presentation to the Cecil organization in India. One key point I emphasized is that for a security organization responsible for safeguarding their company's assets, they must maintain a high level of vigilance every day in all aspects. In contrast, a hacker only needs to be successful once to potentially inflict significant harm on an organization.

To illustrate this to security leaders, I use the analogy of safeguarding the crown jewels of their company. Each facet of those jewels represents an area that they must carefully consider and protect. If there's a vulnerability in any of those facets, hackers can exploit it. Therefore, it's crucial for them to assess all areas of risk and protect every facet of that crown jewel. Failing to do so would leave them vulnerable to a damaging attack.

M7: What, in your opinion, will constitute the most crucial advancements in vulnerability management over the upcoming years?
CF:
I alluded to this question earlier when you asked me about the most significant advancement in vulnerability management. I believe it lies in the steps we've taken with our products to transform technical risk into something meaningful for security leaders and their organizations to convey beyond the technical teams within a company. We've developed a cyber risk scoring algorithm that converts technical risk into an easily understandable score. It simplifies the assessment, allowing you to see red, yellow, or green, indicating whether we're improving or regressing compared to the previous day. Additionally, it helps us identify where to focus our attention through our dashboard system to address the vulnerabilities presenting the highest risk to the organization.

Another notable advancement we've made in the last six months is translating technical risk into financial risk. This, too, aids security organizations in communicating with business leaders by quantifying the potential financial impact, whether it's a million, two million, or ten million dollars. Business leaders find this approach more comprehensible than a cybersecurity score or a report stating, "We've identified a thousand vulnerabilities, and we've patched 800 of them, focusing on the high-risk ones, as we work to enhance our security posture." This ongoing journey revolves around translating technical risk into metrics and reports that resonate with business leaders, enabling them to support cybersecurity actions and invest in our security efforts, backed by an understanding of the cost to our organization.

M7: Delving deeper into your company's vision and aspirations for pioneering global industry innovation, could you provide a comprehensive perspective on its visionary mission and the pioneering innovations it endeavors to introduce globally within your industry?
CF:
We've designed the features I mentioned to translate technical risk into meaningful insights. Our ongoing mission is to expand our ESOF platform, making it the preferred solution for companies seeking comprehensive cybersecurity coverage. As I mentioned earlier, security leaders must protect every aspect of their environment to address cyber risk, and vulnerability management is just one piece of the puzzle.

In the industry, we've observed fragmentation, especially among larger organizations. They often need tools from multiple vendors to cover the various aspects of cybersecurity. To address this, we've developed Esau Enterprise Security in one framework, which allows us to swiftly and easily introduce new capabilities while maintaining a unified architecture and platform. This is crucial for cybersecurity teams, given the challenges they face, such as staffing shortages and the rapid industry growth that makes it difficult to retain or hire personnel.

With a single platform that continually expands its capabilities to address diverse customer needs beyond vulnerability management, we simplify the decision for our customers. They no longer have to contend with an array of tools, training requirements, and staffing constraints. Instead, we provide one solution that caters to multiple aspects of their security needs. Our cloud-based architecture, with common services and presentation layers, enables us to rapidly integrate new features and enhance the value we offer to our customers. This is how we are positioning ourselves to provide greater value across the globe.

Read more: ‘Data and analytics play a crucial role in shaping our advertising strategies,' asserts Aleksander Groshev


When creating content on platforms like LinkedIn, our foremost objective is not merely self-promotion but the promotion of content that empowers the customer to acquire knowledge that could potentially address their challenges.

M7: Could you explain the automated ESOF VMDR recently launched by TAC Security and its role in streamlining vulnerability and risk management?
CF:
The concept behind VMDR was to provide customers with a comprehensive vulnerability and risk management solution. When you consider vulnerability management, the goal is to identify all areas where you might have hardware or software with potential exposure or vulnerabilities that could be exploited by a hacker.

One of the initial steps in understanding your vulnerability and risk management posture is to have a complete inventory of everything connected to your network. Creating such an asset inventory has been a challenge for security teams. So, we decided to take a step back and offer to do the asset inventory for you. We can discover everything on your network, assess it for vulnerabilities, automatically prioritize the issues, and provide a cyber risk score. We'll also guide you on what vulnerabilities to address first and give recommendations on how to patch them. Furthermore, we complete the full cycle by automatically rescanning the assets where vulnerabilities were found to ensure they've been addressed and patched, thus improving your overall risk posture.

Our automation covers the entire vulnerability lifecycle, from asset discovery to vulnerability assessment, prioritization, scoring, and rescanning. This automation allows you to confidently identify which assets require immediate attention to reduce your risk posture and track improvements over time through rescanning.

M7: Thought leadership serves as the guiding light for many companies. How does your company gauge the return on investment of its thought leadership initiatives, particularly concerning brand recognition, customer trust, or business growth?
CF:
I find this question quite intriguing, and it has been the subject of debate within my marketing teams for the past decade. In a broad sense, I would categorize thought leadership as a facet of awareness. The challenge with awareness metrics lies in their inherent complexity, especially when attempting to quantify the return on investment. When you consider demand generation tactics, the process is rather straightforward. You implement strategies to generate leads that enter the sales funnel, and it becomes relatively simple to ascertain that these leads have converted into opportunities, eventually translating into business growth. Consequently, measuring the financial impact of demand generation is a feasible task.

However, evaluating the efficacy of concepts such as thought leadership presents a more intricate challenge. With thought leadership, the primary objective is to initiate the initial steps in attracting and engaging individuals. The outcome may or may not result in actual business transactions. While having thought leadership in place undoubtedly bolsters one's brand, gauging its precise impact remains elusive. Therefore, our approach is to diligently work on these initiatives, recognizing that quantifying a financial impact may not always be feasible. I must admit, in the early days of social media, I held reservations about its utility. Heated debates ensued with my vice presidents responsible for PR and advertising. The difficulty lay in being able to say, "We've amassed numerous followers" or "Our posts are receiving significant attention." The pivotal questions revolved around whether these engagements translated into website visits or conversions.

Within my teams, I emphasize three primary objectives we aim to achieve: engagement, attraction, and thought leadership's role therein. Consequently, we find it necessary to scrutinize what I previously referred to as "vanity metrics." These encompass metrics like the number of clicks and likes, offering at least a rudimentary indication of whether our strategies are effectively attracting and engaging our target audience. Measuring conversion is comparably more straightforward. Once we have a lead, we meticulously follow their journey through the pipeline, culminating in either successful business conversions or otherwise. The intricacy emerges when we endeavor to measure the initial stages of attraction and engagement.

M7: Considering the future, how do you foresee your company's role in content evolution within the IT sector in the coming years? Are there any new strategies or approaches under your consideration?
CF:
In this context, we seek innovative methods to ascertain whether our brand recognition is on the rise. One of the most straightforward indicators is observing our position in organic search results when individuals type relevant keywords into their search engines. If our brand consistently appears in these organic search results, it signifies that we are being recognized. Subsequent clicks indicate engagement, reflecting the trust our audience places in our content. Consequently, we adopt a holistic approach, striving to measure various aspects of our online presence where quantifying business growth might be elusive, yet recognition and customer trust can be effectively gauged by analyzing social media and website metrics.

M7: Given your expertise in marketing automation and demand generation, can you highlight a specific instance where these strategies significantly contributed to enhancing brand visibility and customer engagement?
CF:
As I mentioned earlier in the interview, when I first joined TAC Security, we invested in marketing automation because we didn't have a platform at that time.

With the implementation of our marketing automation platform, we've gained the ability to rapidly assess the impact of our strategies on platforms like LinkedIn. From my perspective, LinkedIn is akin to the business version of Facebook.

By leveraging this marketing automation platform, we can promptly discern what content resonates with our audience and drives engagement. It's crucial for us to identify the posts or content that genuinely pique their interest and prompt them to take the next step, which, for me, is leading them to our website. While it's one thing for them to view a post or tweet announcing TAC Security's presence, it's another to track that engagement, such as reading a post or clicking on a link, indicating progress in the marketing funnel towards the sales funnel.

Our choice of platform for this purpose is HubSpot. It plays a critical role in enabling us to measure our performance and observe our brand's increasing visibility. We can see that people are not only following and monitoring our activities but also engaging by visiting our website.

M7: Exploring the profound significance of native advertising within the information and security sector. How does TAC Security approach native advertising to effectively engage its target audience?
CF:
Advertising is a challenging endeavor that demands attention, and its efficacy is often uncertain. Consequently, our approach has been to concentrate on native advertising on platforms frequented by our customers and audiences. Among these platforms, LinkedIn has proven to be highly effective. It is significantly more convenient to place an advertisement adjacent to a LinkedIn post, blog post, or other content where valuable information is shared.

When creating content on platforms like LinkedIn, our foremost objective is not merely self-promotion but the promotion of content that empowers the customer to acquire knowledge that could potentially address their challenges. As a technology company, it is easy to fall into the trap of highlighting the remarkable features of our products. However, we find it more effective to focus on understanding the customer's problems and demonstrating how our product can assist in resolving those issues. This approach enhances customer engagement and encourages them to explore adjacent content that piques their interest. Thus, commencing with an understanding of the customer's problem is crucial.

Rather than beginning with the promotion of our product and its features, we emphasize comprehending the customer's challenges, such as compliance or risk communication to a non-business audience. We convey our commitment to assisting them in overcoming these obstacles, with technology discussions being secondary. Initiating discussions centered on the customer's issues rather than features is pivotal to crafting native advertising that effectively targets our audiences.

As previously mentioned, I believe the way people consume content is evolving. Many internet users are pressed for time and possess short attention spans. Consequently, our content must evolve to become concise and engaging. It should capture the audience's interest within a minute or two, prompting them to invest additional time. This consideration leads us to explore shorter and more accessible content formats.

Over the past years, we have experimented with cartoons, recognizing that injecting a touch of humor into our content can grab the audience's attention and encourage them to pause and explore further. Given the gravity of our target audience's responsibilities, a hint of humor can be an effective attention-grabber. Additionally, we are producing shorter explainer videos that offer quick insights into how our solutions can address specific problems. These bite-sized pieces of content eliminate the need for form submissions and provide immediate value, aiding the audience in comprehending how our solutions align with their challenges.

ABOUT TAC SECURITY

TAC Security, a global leader in vulnerability management, offers protection to Fortune 500 companies, leading enterprises, and governments worldwide. Through its advanced Artificial Intelligence (AI) based Vulnerability Management Platform called ESOF (Enterprise Security in One Framework), TAC Security effectively manages over 5 million vulnerabilities. ESOF has been acknowledged as Gartner's top choice for Vulnerability Management/Assessment, making it the preferred solution by customers. The company has received accolades for its exceptional work environment, being recognized as a "Great Place to Work" and earning the title of "Great People Manager Company" for the third consecutive time by GMI in collaboration with Forbes and The Economic Times. To know more, please visit https://tacsecurity.com/. 

More C-Suite on deck

'Content is a crucial aspect of your online presence as it essentially represents your brand,' says Michael Cichon

Media 7 | June 15, 2023

Michael Cichon is a seasoned B2B marketer specializing in digital and content marketing for identity-based online fraud detection and advanced email security solutions. With an expertise in product and digital marketing, he excels in developing brand narratives, driving integrated demand generation campaigns, and connecting with customers on a personal level to inspire action. Read on to know his ideas on the importance of content syndication practices in information security industry.

Read More

‘Security solutions need to be consistent, regardless of geography or technical stack,’ emphasizes Nishant Kaushik

Media 7 | June 16, 2023

Nishant Kaushik is an excellent technologist with strategic foresight and tactical know-how to manage technology-driven businesses and security expansion plans. He has successfully led cross-functional and highly focused teams to achieve business objectives that align with customer needs. Read this interview to discover Nishant’s expertise and unique perspective on omnichannel security and risk management.

Read More

‘Data and analytics play a crucial role in shaping our advertising strategies,' asserts Aleksander Groshev

Media 7 | June 28, 2023

Aleksander Groshev is the CEO and Co-Founder of Autobahn Security. Previously he was Vice President of Product responsible for the product development of the SaaS platform. Before joining Autobahn Security he held the position of Head of Product at Fincite, a wealth management B2B platform.

Read More

'Content is a crucial aspect of your online presence as it essentially represents your brand,' says Michael Cichon

Media 7 | June 15, 2023

Michael Cichon is a seasoned B2B marketer specializing in digital and content marketing for identity-based online fraud detection and advanced email security solutions. With an expertise in product and digital marketing, he excels in developing brand narratives, driving integrated demand generation campaigns, and connecting with customers on a personal level to inspire action. Read on to know his ideas on the importance of content syndication practices in information security industry.

Read More

‘Security solutions need to be consistent, regardless of geography or technical stack,’ emphasizes Nishant Kaushik

Media 7 | June 16, 2023

Nishant Kaushik is an excellent technologist with strategic foresight and tactical know-how to manage technology-driven businesses and security expansion plans. He has successfully led cross-functional and highly focused teams to achieve business objectives that align with customer needs. Read this interview to discover Nishant’s expertise and unique perspective on omnichannel security and risk management.

Read More

‘Data and analytics play a crucial role in shaping our advertising strategies,' asserts Aleksander Groshev

Media 7 | June 28, 2023

Aleksander Groshev is the CEO and Co-Founder of Autobahn Security. Previously he was Vice President of Product responsible for the product development of the SaaS platform. Before joining Autobahn Security he held the position of Head of Product at Fincite, a wealth management B2B platform.

Read More

Related News

Platform Security

D3 Security is a proud participant in the Microsoft Security Copilot Partner Private Preview

D3 Security | January 08, 2024

D3 Security today announced its participation in the Microsoft Security Copilot Partner Private Preview. D3 Security was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft. “In the context of security, AI’s impact is likely to be profound, tilting the scales in favor of defenders and empowering organizations to defend at machine speed. At Microsoft, we are privileged to have a leading role in advancing AI innovation, and we are so grateful to our incredible ecosystem of partners, whose mission-driven work is critical to helping customers secure their organizations and confidently bring the many benefits of AI into their environments,” said Vasu Jakkal, Corporate Vice President, Microsoft Security. D3 Security is working with Microsoft product teams to help shape Security Copilot product development in several ways, including validation and refinement of new and upcoming scenarios, providing feedback on product development and operations to be incorporated into future product releases, and validation and feedback of APIs to assist with Security Copilot extensibility. “D3 has always pushed SOAR technology forward, be it through our deep research into integration design; our Event Pipeline, which reduces alert-handling time by up to 99%; or our operationalizing of the MITRE ATT&CK and D3FEND frameworks,” said Gordon Benoit, President, D3 Security. “By teaming with Microsoft in the Security Copilot Partner Private Preview, we will be able to use AI to evolve SOAR in ways that would have sounded impossible just a year ago.” Security Copilot is the first AI-powered security product that enables security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. It combines an advanced large language model (LLM) with a security-specific model that is informed by Microsoft's unique global threat intelligence and more than 65 trillion daily signals. About D3 Security D3 Security’s Smart SOAR™ (security orchestration, automation, and response) solves entrenched problems in cybersecurity by transforming separate tools into a unified ecosystem with multi-tier automation, codeless orchestration, and robust case management. Smart SOAR performs autonomous triage and reduces false positives so enterprise, MSSP, and public sector security teams can spend more time on real threats. Product or service names mentioned herein may be the trademarks of their respective owners.

Read More

Software Security

Trellix and One Source Deliver Industry-Leading Managed Detection and Response Security Services

Trellix | January 22, 2024

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. “The partnership aligns with Trellix’s ongoing commitment to secure organizations from advanced cyber threats,” says Sean Morton, SVP of Professional Services at Trellix. “Leveraging One Source’s MDR capabilities and expanded footprint, we enable more businesses to build cyber resilience, with continued innovation in our combined products and solution offerings to stay ahead of bad actors.” One Source has multiple SOCs leveraging Trellix’s technology, staffed by the industry’s top experts to provide Managed Detection and Response (MDR) capabilities. Their team implements a proactive cyber strategy for customers specific to industry, technology environment, and vulnerabilities, built on the Trellix XDR Platform with 24x7 monitoring. The partnership and combined expertise benefits customers with enhanced services like managed threat detection and response, incident response, security operations and analytics, threat intelligence, threat hunting and forensics, and training and enablement. “The Trellix and One Source partnership is extremely powerful; the former offers an incredible set of security solutions, and the latter excels at personalized deployment and execution,” said Paul Moline, Chief Information Officer, Lindsay Automotive Group. “I never anticipated we could protect our environment with the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night.” The Trellix XDR Platform’s open architecture and broad set of native security controls across endpoint, email, network, cloud, and data security integrates with over 500 third-party tools to create multi-vector, multi-vendor event correlation and context to speed up investigations. The Trellix Advanced Research Center provides an additional layer of protection by continuously informing the platform with information from millions of global sensors on the latest threat vectors, tactics, and recommendations. One Source experts apply these insights to stay ahead of the constantly evolving threat landscape. “The collaboration with Trellix is a game-changer in reshaping the cybersecurity landscape,” says Eric Gressel, Executive Vice President of Sales, One Source. “Thanks to our partnership, we have access to the highest level of cyber intelligence to fend off newly-revealed hackers and their means of attack, enabling our customers with the most comprehensive offering of enhanced Managed Security Services to protect their businesses.” One Source has a proven track record supporting global businesses spanning retail, restaurant, automotive, healthcare, financial, and manufacturing industries. Trellix customers can rely on One Source's leading Managed Security Services to optimize technology expenses while enhancing telecom connectivity, IT infrastructure, and cybersecurity strategies. About Trellix Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com. About One Source One Source helps businesses simplify a complex technology world. One Source is the leading provider of Technology and Managed Security Services for enterprises. Today, One Source manages more than 2,500 customers, 45,000 business locations, and over one million assets throughout North America. In addition to Managed Security Services, One Source provides Managed Technology Expense Management, 24 / 7 local helpdesk, procures and provisions telecom & IT solutions, and manages customer service requests. One Source frequently generates triple-digit ROI for customers through contract negotiation, portfolio optimization, and ongoing expense management. In addition, One Source leverages partnerships with industry leaders, including Trellix to bring Fortune 500 security solutions and fully managed services to the mid-market. One Source's approach empowers businesses to focus on customers and revenue-generating activities. Learn more at https://www.onesource.net/.

Read More

Data Security

Boomi Strengthens Commitment to Data Security and Compliance by Achieving StateRAMP Authorization

Boomi | January 12, 2024

Boomi™, the intelligent connectivity and automation leader, today announced that the Boomi platform has achieved StateRAMP Authorization. This achievement reflects Boomi’s unwavering commitment to data security and compliance, and to delivering a secure and reliable solution that government agencies can rely on to safeguard their data and operations. “At Boomi, we are committed to democratizing modernization. Securing StateRAMP authorization for our platform was paramount, enabling public sector organizations to seamlessly and securely integrate and leverage cloud applications,” said Sean Wechter, Chief Information Officer at Boomi. “Through a strategic alliance with StateRAMP, Boomi actively collaborates with its leadership board, facilitating streamlined documentation and audit processes to expedite digital transformation within the public sector." According to the U.S. Government Accountability Office, government agencies plan to spend billions of dollars each year to support their IT and cybersecurity efforts, including transitioning IT resources to secure, cost-effective commercial cloud services.1 However, agencies are challenged to select secure cloud-based solutions, making it difficult for these organizations to modernize and improve constituent experiences. StateRAMP, a nationally recognized risk authorization management program that provides a standardized approach to assessing cloud products, improves security and simplifies procurement by building a pool of pre-authorized Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) solutions for public sector entities. As organizations more frequently implement cloud-based solutions, they also require validated access to integration platform as a service (iPaaS) to streamline application and resource integration. iPaaS integrates cloud-to-cloud, cloud-to-on premises, and on-premises-to-on-premises platforms, helping public sector organizations break down data silos to enhance information flow, improve citizen services, and increase operational effectiveness. About Boomi Boomi aims to make the world a better place by connecting everyone to everything, anywhere. The pioneer of cloud-based integration platform as a service (iPaaS), and now a category-leading, global software as a service (SaaS) company, Boomi touts the largest customer base among integration platform vendors and a worldwide network of approximately 800 partners – including Accenture, Capgemini, SAP, and Snowflake. Global organizations turn to Boomi’s award-winning platform to discover, manage, and orchestrate data, while connecting applications, processes, and people for better, faster outcomes. For more information, visit boomi.com.

Read More

Platform Security

D3 Security is a proud participant in the Microsoft Security Copilot Partner Private Preview

D3 Security | January 08, 2024

D3 Security today announced its participation in the Microsoft Security Copilot Partner Private Preview. D3 Security was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft. “In the context of security, AI’s impact is likely to be profound, tilting the scales in favor of defenders and empowering organizations to defend at machine speed. At Microsoft, we are privileged to have a leading role in advancing AI innovation, and we are so grateful to our incredible ecosystem of partners, whose mission-driven work is critical to helping customers secure their organizations and confidently bring the many benefits of AI into their environments,” said Vasu Jakkal, Corporate Vice President, Microsoft Security. D3 Security is working with Microsoft product teams to help shape Security Copilot product development in several ways, including validation and refinement of new and upcoming scenarios, providing feedback on product development and operations to be incorporated into future product releases, and validation and feedback of APIs to assist with Security Copilot extensibility. “D3 has always pushed SOAR technology forward, be it through our deep research into integration design; our Event Pipeline, which reduces alert-handling time by up to 99%; or our operationalizing of the MITRE ATT&CK and D3FEND frameworks,” said Gordon Benoit, President, D3 Security. “By teaming with Microsoft in the Security Copilot Partner Private Preview, we will be able to use AI to evolve SOAR in ways that would have sounded impossible just a year ago.” Security Copilot is the first AI-powered security product that enables security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. It combines an advanced large language model (LLM) with a security-specific model that is informed by Microsoft's unique global threat intelligence and more than 65 trillion daily signals. About D3 Security D3 Security’s Smart SOAR™ (security orchestration, automation, and response) solves entrenched problems in cybersecurity by transforming separate tools into a unified ecosystem with multi-tier automation, codeless orchestration, and robust case management. Smart SOAR performs autonomous triage and reduces false positives so enterprise, MSSP, and public sector security teams can spend more time on real threats. Product or service names mentioned herein may be the trademarks of their respective owners.

Read More

Software Security

Trellix and One Source Deliver Industry-Leading Managed Detection and Response Security Services

Trellix | January 22, 2024

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. “The partnership aligns with Trellix’s ongoing commitment to secure organizations from advanced cyber threats,” says Sean Morton, SVP of Professional Services at Trellix. “Leveraging One Source’s MDR capabilities and expanded footprint, we enable more businesses to build cyber resilience, with continued innovation in our combined products and solution offerings to stay ahead of bad actors.” One Source has multiple SOCs leveraging Trellix’s technology, staffed by the industry’s top experts to provide Managed Detection and Response (MDR) capabilities. Their team implements a proactive cyber strategy for customers specific to industry, technology environment, and vulnerabilities, built on the Trellix XDR Platform with 24x7 monitoring. The partnership and combined expertise benefits customers with enhanced services like managed threat detection and response, incident response, security operations and analytics, threat intelligence, threat hunting and forensics, and training and enablement. “The Trellix and One Source partnership is extremely powerful; the former offers an incredible set of security solutions, and the latter excels at personalized deployment and execution,” said Paul Moline, Chief Information Officer, Lindsay Automotive Group. “I never anticipated we could protect our environment with the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night.” The Trellix XDR Platform’s open architecture and broad set of native security controls across endpoint, email, network, cloud, and data security integrates with over 500 third-party tools to create multi-vector, multi-vendor event correlation and context to speed up investigations. The Trellix Advanced Research Center provides an additional layer of protection by continuously informing the platform with information from millions of global sensors on the latest threat vectors, tactics, and recommendations. One Source experts apply these insights to stay ahead of the constantly evolving threat landscape. “The collaboration with Trellix is a game-changer in reshaping the cybersecurity landscape,” says Eric Gressel, Executive Vice President of Sales, One Source. “Thanks to our partnership, we have access to the highest level of cyber intelligence to fend off newly-revealed hackers and their means of attack, enabling our customers with the most comprehensive offering of enhanced Managed Security Services to protect their businesses.” One Source has a proven track record supporting global businesses spanning retail, restaurant, automotive, healthcare, financial, and manufacturing industries. Trellix customers can rely on One Source's leading Managed Security Services to optimize technology expenses while enhancing telecom connectivity, IT infrastructure, and cybersecurity strategies. About Trellix Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com. About One Source One Source helps businesses simplify a complex technology world. One Source is the leading provider of Technology and Managed Security Services for enterprises. Today, One Source manages more than 2,500 customers, 45,000 business locations, and over one million assets throughout North America. In addition to Managed Security Services, One Source provides Managed Technology Expense Management, 24 / 7 local helpdesk, procures and provisions telecom & IT solutions, and manages customer service requests. One Source frequently generates triple-digit ROI for customers through contract negotiation, portfolio optimization, and ongoing expense management. In addition, One Source leverages partnerships with industry leaders, including Trellix to bring Fortune 500 security solutions and fully managed services to the mid-market. One Source's approach empowers businesses to focus on customers and revenue-generating activities. Learn more at https://www.onesource.net/.

Read More

Data Security

Boomi Strengthens Commitment to Data Security and Compliance by Achieving StateRAMP Authorization

Boomi | January 12, 2024

Boomi™, the intelligent connectivity and automation leader, today announced that the Boomi platform has achieved StateRAMP Authorization. This achievement reflects Boomi’s unwavering commitment to data security and compliance, and to delivering a secure and reliable solution that government agencies can rely on to safeguard their data and operations. “At Boomi, we are committed to democratizing modernization. Securing StateRAMP authorization for our platform was paramount, enabling public sector organizations to seamlessly and securely integrate and leverage cloud applications,” said Sean Wechter, Chief Information Officer at Boomi. “Through a strategic alliance with StateRAMP, Boomi actively collaborates with its leadership board, facilitating streamlined documentation and audit processes to expedite digital transformation within the public sector." According to the U.S. Government Accountability Office, government agencies plan to spend billions of dollars each year to support their IT and cybersecurity efforts, including transitioning IT resources to secure, cost-effective commercial cloud services.1 However, agencies are challenged to select secure cloud-based solutions, making it difficult for these organizations to modernize and improve constituent experiences. StateRAMP, a nationally recognized risk authorization management program that provides a standardized approach to assessing cloud products, improves security and simplifies procurement by building a pool of pre-authorized Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) solutions for public sector entities. As organizations more frequently implement cloud-based solutions, they also require validated access to integration platform as a service (iPaaS) to streamline application and resource integration. iPaaS integrates cloud-to-cloud, cloud-to-on premises, and on-premises-to-on-premises platforms, helping public sector organizations break down data silos to enhance information flow, improve citizen services, and increase operational effectiveness. About Boomi Boomi aims to make the world a better place by connecting everyone to everything, anywhere. The pioneer of cloud-based integration platform as a service (iPaaS), and now a category-leading, global software as a service (SaaS) company, Boomi touts the largest customer base among integration platform vendors and a worldwide network of approximately 800 partners – including Accenture, Capgemini, SAP, and Snowflake. Global organizations turn to Boomi’s award-winning platform to discover, manage, and orchestrate data, while connecting applications, processes, and people for better, faster outcomes. For more information, visit boomi.com.

Read More

Spotlight

TAC Security

TAC Security

TAC Security is a global leader in vulnerability management that protects Fortune 500 companies, leading enterprises, and governments around the world. TAC Security manages 5+ Million vulnerabilities through it's Artificial intelligence (AI) based Vulnerability Management Platform ESOF (Enterpris...

Events

Resources