After a one-week hiatus for the Thanksgiving holiday (and we hope you liked our MeThinks entry), we turn our attention back to the ALIST series. For those of you who are familiar with the SIEM space, you should already know about LogLogic. Bill Roth, their new CMO, has graciously agreed to take part in the ALIST series. As a quick aside from our focus on SEs and Technical Marketing types, let’s get the viewpoint from the executive suite.
ALIST: Bill Roth of Log Logic
Name: Bill Roth
Title/Role: EVP / Chief Marketing Officer
Company: LogLogic
Product Focus: Security, Log Management, Compliance
Twitter Handle: @loglogic
1. What is your company’s flagship product, and why is it important for security purposes?
Our flagship product is our Open Log Management Platform, which collects, normalizes, indexes, stores, and searches log data automatically with our easy-to-deploy appliances or hosted solutions. This provides a platform for collecting system information from a wide array of products and devices, especially those related to security. Our security products, on top of the platform, allow system admins and IT security staff to analyze and correlate diverse log data in real-time for identification and management of security events.
2. What areas of security are most important to you professionally, and which do you enjoy working with most?
Security event management. The only true way to detect a security breach is by tracking what actually happens in real time. In addition, it is crucial to be able to understand the security profile across many different devices, systems, and environments, and to be able to correlate those events to detect sophisticated security threats. Personally, I enjoy working on the areas of security which most closely align with public policy, especially in areas like HIPAA and HITECH.
3. What is the most common security challenge you are brought in on to help fix on behalf of customers?
Vsibility of security events in an environment. Most customers we encounter are unaware of the scale of security information they have or do not know the scope of the security issues they have occurring right in front of them. Many companies are stunned to learn the amount of simple, out-of-policy activities that are going undetected in their organizations, such as illegal P2P file sharing or employee-driven data-leakage.
4. How do you see Cloud Computing, virtualization, and Social Media affecting security in the coming months?
These are three very different topics, each with a different set of security issues surrounding them.
Cloud computing security will be the most vexing issue in the foreseeable future for two reasons. First, it will be vexing because the subject is so ill-defined. Second, because the fundamental essence of cloud computing is to trust your computing assets to “the network.” As soon as you begin to broadcast any of your bits to the internet, your security exposure goes up by several orders of magnitude. Much more attention will need to be paid to secure cloud computing in the future.
The juxtaposition of virtualization and security results in no new security issues, just more of the security issues we already know about. Virtualization is, at its core, about making the hardware boundaries more flexible so that you can run more “images” on the same amount of hardware. This means a proliferation of events to watch and an explosion of correlations to watch for.
Of the three topics mentioned, social media is the likeliest to be transformative. Social media is essentially a means of exposing fine-grained information about oneself, one’s assets, or one’s behavior. This implies a more fine-grained analysis of who has been granted what data, and in what context. The implication of this is that fine-grained authentication and authorization will be more important than ever.
5. Tell me what your most pressing security concern is over the next 1-2 years.
Providing people with the ability to comply with the suite of security and privacy laws around the world. With the major portions of the HITECH act coming into force this year in the US, and with federal penalties of up to $1.5M, my most pressing concern is being able to provide products to protect our customers. I have the same concerns for EU legal regimes.
6. How do you stay abreast of the latest market developments in your space? Shows, social media, RSS, etc.
Oddly enough, RSS via FireFox’s Live Bookmarks feature allows me to quickly scan the day’s news and to get up to date quickly on what is happening around the world. Using this feature, I can quickly scan 5 major newspapers (San Jose Mercury News, New York Times, Washington Post, Wall Street Journal, and USA Today) and 10-15 trade publications. I am a huge fan of CMO.com, from Adobe’s Omniture unit. To be honest, I do not get much information from Social Media. But that is another story for another time.
7. In closing, give us one idea you have about security that everyone should consider. Your “Golden Egg”, so to say.
While systems security is vitally important, security is not just about security products. It is about people, process, and products.
Several recent studies have shown that the greatest sources of security breaches are not from hackers or terrorists, but from people inside your organization. A holistic approach to security involves good systems monitoring, to be certain, but also involves making sure the right processes and people are in place as well.
_________________________________________________
Thank you for playing Bill!
For those of you who want to learn more about the people and process part of this equation, please view one of our archived Security Policy Webinars, courtesy of Erin Jacobs and Anue Systems. We also recommend you sign up for the next three so you can earn your certification in Security Monitoring Optimization!
