Cybersecurity is in chaos. Despite increased spending, organizations keep exposing known vulnerabilities. Attackers keep penetrating defenses all too easily. Regulations such as the GDPR for privacy and DFARS for Defense contractors' cybersecurity are ratcheting requirements tighter, but compliance doesn't always meaningfully increase security. Despite general agreement that cybersecurity programs need to be better aligned with the business, why do we continue to struggle? What should we do differently?
Dan Blum, Security Architects Partners
Biography
An internationally-recognized expert in security, privacy, cloud computing and identity management Dan Blum leads and delivers consulting projects spanning multiple industries. Formerly a Golden Quill award-winning VP and Distinguished Analyst at Gartner, he has led or contributed to projects such as: cloud security and privacy assessments, security organization and risk management framework development, and identity management architectures. He’s also consulted on technical security engagements in all areas of data protection domains including enterprise authorization, DLP, privileged access management, and encryption/key management.
Mr. Blum holds CISSP and Open FAIR certifications. He is a frequent speaker at industry events and participates in industry groups such as ISACA, FAIR Institute, IDPro, ISSA, CSA, Kantara Initiative, Open ID Foundation, OASIS, and others.
Finally, Mr. Blum is writing the book “Rational Cybersecurity for the Business.” This book is addressed to security leadership and staff requiring guidance on how to coordinate, architect, and implement security initiatives with business engagement at the Executive, Line of Business, IT, Development, and End User levels. As part of the book project, he is in the process of interview over 100 CISOs, Board Members, and other business or security leaders.