SPoT: Branden Williams / @BrandenWilliams
Welcome to this week’s installment of Security Pros on Twitter. Today we turn our attention to an expert in a very important area of compliance, PCI DSS – the Payment Card Industry Data Security Standard – in addition to his other areas of security expertise. Branden Williams is the Director of the PCI Practice for Verisign, a global security consulting firm. He also maintains a Verisign blog focused on a range of security topics: Branden Williams’ Security Convergence.
Real Name: Branden Williams
Twitter Handle: @BrandenWilliams
Top 3 Social Media/Networking Sites:
Linkedin, Twitter, Facebook
1. In which area(s) of security are you most involved?
My primary focus is payment security, however, my background is fairly technical and includes application development.
2. What security topics will be the most important in the next 18 months? Why?
Application Security, Data Discovery and Loss Prevention, and Wireless. The first two are inter-related as we continue to amass more data on more individuals, and need more ways to crunch the data. Today, we have a myopic view of where our data lives, which unfortunately becomes focused when we lose it. The latter is a catch-all. More applications are going mobile, thanks to improvements in networks and devices like the iPhone. Watch for attackers to flock to those platforms.
3. Biggest Pet Peeve: Name one thing about Network Security that you wish business stakeholders would understand and why.
I’m not sure I have one particular one, but the future of security lies in the hands of those individuals that can speak to the business about quantitative risk in a way they can understand. Security is a business issue, and they need to be on-board with it.
4. Tell us why you became so active on Twitter and any other important social media outlets. What value are you getting?
I became active on Twitter to keep up with colleagues in the industry and to stay on top of the deluge of information available to netizens. I’m getting a ton of value as it helps me promote my blog and allows me to learn more about emerging trends.
5. Name one security peer whom everyone with an interest in Network Security should follow. (OK to name 2 if you can’t decide on only one)
@DavidNavetta – Legal professionals need to have an open dialogue with Security pros. This guy gets it, bigtime.
6. What’s your take on security for social media and cloud services in general? Top concerns, overstated issues, etc.
The top concerns around this type of media really should be the content, not the method. PR departments have to embrace this more real-time method of information dissemination, but moreover, employees have to realize that what they post leaves a permanent record.
7. What are the top 3 real-world (i.e. live) events you’d recommend for networking with security professionals?
RSA Conference, a long staple even though its attendance in recent years seems to have dwindled a bit. Blackhat, the best of the best are here. Information Security Forum, the global community is well represented here.
