A great friend and trusted advisor once asked me, “Mark, are you running to anything? If so, what is it?”
It stopped me in my tracks. I hadn’t really thought about my life or my career in Information Security that way.
I’d always thought about what I did not as running to build a new product or business, but about creating an advantage for defenders – the weary CIO/CISO/CTO, their team of practitioners pitted against adversaries with increased specialization and tremendous resources.
Then, I came across Verodin – a new business that is creating a distinct and material advantage for defenders.
Over the course of my career, I’ve met lots of security folks at all levels and through a variety of venues. Fatigue is a real thing facing these teams.
Fatigue from what?
It’s not just from facing the adversary. It’s from piles of vendors and products as well. The defensive stack of tools – built largely on needs to defend against a class of threat or protect a single type of information – is increasingly cumbersome, and the ability to prove the effectiveness of these defenses is often based on best guesses. Moreover, every time a new technology gets added, defenders have to step away from keeping their users and companies safe and turn their talents to system integration, taking them further away from their core mission.
This is where Verodin is unique, essentially instrumenting security, so defenders can keep their eye on the ball – and on the security of their users and companies.
I know how important this is because I committed much of my time and energy to teams that shared my viewpoint – and we introduced a lot of capability that did create meaningful advantages in the mean time to identify a breach and reduce the time required to scope, contain and remediate once a breach occurred.
But, that’s all about accepting the inevitable.
If organizations could actually answer the question “Are we secure?” then we could manage our Information Security programs based on empirical evidence – taking a quantum leap forward in creating advantage for defenders and in demonstrated value to the businesses these programs are designed to protect.
That’s why I was so intrigued the first time I heard Chris Key describe Verodin to me. As I began to learn more about how many Fortune 500 companies were already successful with Verodin and demonstrating how their Information Security programs could improve with instrumentation, it became clear to me that this was a unique opportunity to “do Security differently.”
The icing on the cake is the team behind Verodin, which is customer-first and committed to a culture that is both smart and nice – a powerful proposition that helped solidify my decision to run to Security Instrumentation.
I’m looking forward to sharing the Verodin Security Instrumentation platform with all of you, both my colleagues at vendors and those currently engaged in defending against the adversary. The power of the people and the technology behind Verodin are thrilling, and I’m confident that we can set a new standard for Information Security together.