T.E.N. Knowledge Base

ISE® North America 2018

Allow is the New Block: 10 Requirements for Saying “Yes” to User-led Cloud Services  > Download Whitepaper
Cloud adoption in the enterprise continues to gain momentum with more than 1,000 cloud services used by employees in a variety of environments from retail to healthcare and everything in between. It turns out that fewer than 5% of these cloud services are IT-led with IT having administrative access and the ability to manage the deployment. IT-led cloud services often include suites like Office 365 and Google G Suite and apps like Salesforce, Box, ServiceNow, and dozens of others. While IT-led cloud services often garner most of the enterprise focus, more than 95% of cloud services used by enterprises are user-led and are either shepherded in by lines of business or brought in by individual users that sign up for them because they are easy to access and use. User-led cloud services often fly under the radar of IT and security personnel and they are typically labeled as ‘unsanctioned’ or ‘Shadow IT’.

Given the lack of visibility and control, what does the security team do about user-led cloud usage? Do they take extreme security measures and try to block them using legacy security tools or do they allow their use and hope users do the right thing? This is a difficult decision and presents a catch-22 between extracting value from the cloud and being secure. Let’s take a look at the potential impact resulting from an allow or block decision.

The Security 2025 Project  > Download Whitepaper
As a community, we need to unite and define the new North Star of enterprise security. For the last 20 years, we have reactively implemented monolithic, ineffective solutions that are not integrated and introduce complexity, resource drag, and alert fatigue. How can we challenge ourselves to a new way of thinking? What do we want our security stack to look like by 2025?

Closing the IT Security Gap with Automation & AI in the Era of IoT: Global  > Download Whitepaper
The purpose of this research, sponsored by Aruba, is to understand the reasons for the dangerous gap in modern IT security programs and strategies, a gap that is diminishing the ability of organizations to identify, detect, contain and resolve data breaches and other security incidents. The consequences of the gap can include financial losses, diminishment in reputation and the inability to comply with privacy regulations such as the EU’s General Data Protection Regulation (GDPR).

Attivo Networks - ThreatDefend  > Download Whitepaper
We had intended to include Attivo Networks’ ThreatDefendTM Detection and Response Platform in our deception networks group but after looking pretty closely at it we decided that it is quite a bit more than a deception grid. It is true, of course, that this system includes BOTsink, a deception tool that is both effective and well-known. But BOT- sink is just part of the story. This is a full-fea- tured incident response system.

UEBA and Machine Learning: Automating Data Security Analysis  > Download Whitepaper
Securing electronic data in today’s environment remains a daunting challenge, particularly as technologies including mobility and the cloud continue to increase the complexity of maintaining effective defenses.

For decades, organizations have invested significant resources in creating layered IT security policies and infrastructure. However, as those methods and tools have continued to mature, so has the complexity of related management. While existing methods are adept at determining where issues occur, practitioners are frequently challenged to pinpoint critical incidents and prioritize response, based on the requirement to analyze huge volumes of security data generated by a vast array of sources.

To overcome this hurdle, today’s organizations require more effective analytical capabilities that calculate the precise intersection of sensitive data and user behavior, allowing them to focus on those responsive actions that will directly mitigate emerging data security risks.

20 CRITICAL SECURITY CONTROLS With Qualys Cloud Platform  > Download Whitepaper
The cyber security world is a noisy place. CISOs get bombarded daily with information, including the latest research studies, threat warnings, vendor announcements, industry and regulatory mandates, best practice controls and hacking incident reports.

The Making of the Modern CISO: Evolving Risks, Roles, and Rewards  > Download Whitepaper
Information Security (InfoSec) professionals who thrive to fight cyberattacks may be on a career path to rise to the level of Chief Information Security Officer (CISO). Even now, a fairly significant number shoulder many of the same risks and responsibilities that are inherent to the CISO position.

And the industry needs more prospective candidates who set high personal goals and grow from their experiences. Fortunately, future CISOs are already amassing experiences that inform their work. Get to know the modern CISO and their making. A collection of insights from top CISOs and business experts awaits.

Employee Benefits Organization Reduces Phishing Susceptibility by More Than 89%  > Download Whitepaper
Wombat’s assessments and education modules are core components of the organization’s security awareness and training program

The Challenge
In early 2015, a retirement benefits organization for public employees in the western United States was researching options for security awareness training. As part of that process, the association wanted more insight into its level of phishing susceptibility.

Bruce Coffing
Chief Information Security Officer
City of Chicago

Sponsored by:

What Is Security’s Role in Digital Transformation?  > Summary
Digital transformation is front of mind for many senior executives, but too often security is left behind. As IT and businesses fast-track initiatives like agile and DevOps to improve speed to market and reach business goals faster, security’s role is confined to asking questions afterwards about security challenges, cyber risks, and compliance requirements. Most IT teams already struggle with maintaining security initiatives. Rushing towards digital transformation without taking the proper precautions means that these newly connected systems can allow cyber threats to attack more rapidly, inflicting greater damage across enterprise networks. To protect our organizations, security must be applied holistically from the beginning of the process as an integral, automated necessity—but how do we ensure security is top of mind as our businesses embrace this digital transformation paradigm shift?

Ricardo Lafosse

Ricardo Lafosse
Chief Information Security Officer
The Kraft Heinz Company
ISE® Central Executive of the Year Award Winner 2019
ISE® North America Executive: Financial Award Finalist 2019

Orchestrating and Automating a More Secure SOC  > Summary
A Security Operation Center (SOC) team is often found deep in the trenches, detecting, containing, analyzing, and remediating any IT incident that threatens a company’s processes. While SOC teams are usually equipped with skilled managers, they often suffer from a lack of skilled staff, alert fatigue, resource depletion, and wasted time chasing after false positives. Because of their importance and their overwhelming workloads, introducing security orchestration and automation into SOC processes is more crucial than ever before for security executives to consider. Not only do these tools assist SOC teams in performing their responsibilities and mitigating skills gaps, but also they help businesses with employee retention, lessening the probability of burnout. However, organizations should become aware that employing too many specialized tools can add more complications and work processes than they resolve. Join our discussions on why security executives should have a keen understanding of SOC pain points and the team’s current needs before pursuing shiny, new solutions.


Robert Pace
VP, Information Security & CISO
Invitation Homes

Creating a Dynamic and Actionable Information Security Plan  > Summary
Even though the need is great for organizations to have an active and effective information security plan in place, few have taken the time to continuously adapt their plans to fit the company’s evolving business. However, in order for cyber risks to be monitored and managed, security teams need to be on the same page about how vulnerabilities in the system are assessed, how data assets are identified and managed, and what key business processes are crucial in case such processes are jeopardized or disrupted due to a cyber event. As enterprises continue moving to the cloud and instituting BYOD policies, an information security plan should also incorporate strict procedures and control protocols on third parties and the devices used within the business. This includes technology that will be able to monitor users, analyze activity in-house and remotely, and enact appropriate risk management tactics when necessary. Join our discussion to learn how, above all, a well-designed InfoSec plan will continue to stay up to date with the latest policy and compliance changes while also undergoing continuous cyber hygiene so data, hardware, and software remain current and secure.

Marcia Peters

Marcia Peters
SVP, Information Security Governance, Risk, and Compliance
US Bank

Creating a Secure Cloud Infrastructure  > Summary
The more data and applications move to the cloud, the more security executives have to balance business productivity with compliance and information security. The rules for both physical security and legacy program security cannot be applied to a cloud infrastructure, adding further complications for security teams to perform consistent due diligence. While some security procedures are the responsibility of the cloud service provider (CSP) to maintain, others are at the sole discretion of the consumer to ensure. Therefore, it is critical for both security executives and the C-suite to understand what cloud services they are buying, how to use the tools CSPs provide, and in what areas their security team needs to more proactively protect. Join our discussions to learn how a thorough understanding of your company’s cloud capabilities and infrastructure aids security professionals in having a much higher chance of preventing cyber threats from taking advantage of overlooked vulnerabilities.

Yabing Wang

Yabing Wang
Deputy CISO
Carrier Corporation

Data Loss Prevention in an Age Without Borders  > Summary
The types and amounts of data that organizations obtain and how they store and protect them have vastly changed. In the past, businesses kept hardcopy data records, but as more data is uploaded digitally and stored on the cloud, the more perimeters dissolve and the larger the threat landscape becomes. In reaction to these changes and the data breaches occurring more frequently, security teams have devised Data Loss Prevention (DLP) strategies, each tailored toward their specific organizational needs. However, many organizations find DLP programs to be a daunting task to start, with security teams being uncertain about what data they should prioritize protecting, how to classify the data, and at what point their data is most at risk. For organizations that don’t possess the time, funds, or resources to start their own DLP program in house, a worthy alternative it to enlist DLP as a service. Through the cloud, the DLP vendor’s security team can constantly monitor and protect against an organization’s internal and external threats. Join our discussions to learn more about how DLP as a service gives organizations the added benefit of more protection based on the experiences and security problems of the vendor’s customer base, making outsourcing DLP an attractive option for security teams that are spread thin.