Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementLeadership & ManagementSecurity Leadership and ManagementSecurity Education & Training

How SOCS Help in Training Security Professionals

How are McAfee's new SOCs mitigating cyber and physical risks and training future security leaders?

By Diane Ritchey
SEC0519-cover-Feat-slide1_900px

Grant Bourzikas, CISO at McAfee, is responsible for McAfee’s cybersecurity and physical security strategy, including security architecture and solutions delivery, security governance, risk and vulnerability, and security operations and intelligence programs.

Photo courtesy of Mike Lewis Photography

SEC0519-cover-slide2_900px

McAfee’s centers and analysts host, on average, eight customer visits per month for customers who want to visit and understand how to better manage the demanding requirements of their own security operations and to see human-machine teaming in practice.

Photo courtesy of Mike Lewis Photography

SEC0519-cover-slide3_900px

“It is easier when your executives understand security,” says Grant Bourzikas, CISO at McAfee, shown with the McAfee Pledge Wall. “That is a hard message sometimes in an organization, but we are a security organization that builds and protects our customers, and we’re doing the same thing for ourselves, so the message is very easy. Security is on the forefront of what we do.”

Photo courtesy of Mike Lewis Photography

SEC0519-cover-slide4_900px

“A key theme when building the centers was physical and cybersecurity convergence. Past thinking in the security industry has been that the CSO and the CISO shouldn’t work closely together, that physical and logical security should never touch,” says Bill P. Woods, Senior Director – Security Intelligence for McAfee. “At McAfee, we believe that it is inevitable that cyber and physical will work together. Consider the very basics of physical security: locks and cameras are all networked, thus cyber, so why not combine the two parties to better enable the business to function?”

Photo courtesy of Mike Lewis Photography

SEC0519-cover-Feat-slide1_900px
SEC0519-cover-slide2_900px
SEC0519-cover-slide3_900px
SEC0519-cover-slide4_900px
May 1, 2019

"My mission is simple: it is to protect McAfee and our customers,” says Grant Bourzikas, chief information security officer and vice president of Labs Operations at McAfee. “My team and I will test and use McAfee products and services before anyone in the world does, to ensure that they are secure and that they meet our customer’s expectations. Then, and only then, will McAfee launch them into the marketplace.”

Beyond Bourzikas’ personal mission is the McAfee corporate mission of “We’re all better working together.” McAfee CEO Chris Young launched the new mission statement when McAfee split from Intel Security in April 2017. Inside McAfee’s lobby in Plano, Tex. is a pledge wall where each employee has signed their name and thus, their commitment to that mission statement.

The split from Intel also gave Bourzikas and his team the opportunity to create two security operations centers (SOCs): one in Plano and the other in Cork, Ireland.

“In a sense, the Intel split really made us the world’s biggest startup,” says Bourzikas, who has 19 years’ experience in cybersecurity strategy, architecture, engineering and operations. He is a four-time CISO, having expanded his experience at a Fortune 500 gaming company, a top financial services bank and brokerage organization and a Fortune 500 critical infrastructure utility company. He began his career in public accounting, during which he led cybersecurity strategy and assessment consulting teams.

The two new state-of-the-art cyber and physical SOCs, named the McAfee Security Fusion Centers, were designed last August and opened in January 2019.

Why Cork, Ireland for the second SOC? “It’s part of our continuity plan,” Bourzikas says. “Cork runs on a different electrical grid and is in a different time zone, so if our Plano SOC is hit with a major storm or power outage, we have an identical facility that is halfway around the world that should not be subject to those same issues.”

The purpose of the two centers is threefold: to protect McAfee, to identify new cybersecurity product needs and to act as a best practices blueprint for customers and partners.

Bill P. Woods, Senior Director – Security Intelligence for McAfee, who was hired by Bourzikas last year and who was instrumental in the design and layout with Bourzikas – is directed with carrying out those tasks.

 “A key theme when building the centers was physical and cybersecurity convergence,” Woods explains. “Past thinking in the security industry has been that the CSO and the CISO shouldn’t work closely together, that physical and logical security should never touch. A lot of my former colleagues are still working in those types of environments,” he says. “At McAfee, we believe that it’s inevitable that cyber and physical will work together. Consider the very basics of physical security: locks and cameras are all networked, thus cyber, so why not combine the two parties to better enable the business to function?”

Bourzikas adds, “It was an incredible opportunity to engineer what we wanted a SOC to be. Most SOC layouts are not conducive to collaboration, so we made sure that the layout would allow our cyber and physical security analysts to share information. We also had a goal of ensuring that the centers would help us to train the next generation of security analysts. We had our goals established and we had the infrastructure and support from the C-suite, so the entire process was seamless. People think that SOCs are difficult to build and extremely expensive, but this turned out very well.”

Physical and Cyber

There is one physical entrance to the center in Plano and it can only be accessed by entering a secure mantrap and via a facial recognition system. Electrostatic windows are in place to ensure privacy. “Physically, we do not want people to get to our network, so we needed a good physical barrier,” Woods explains. “In a war, if your command post is overrun; it is all over but the crying. This is our command post, and we need to protect it.”

Once you are inside the Plano SOC, it’s easy to see how the placement of the analyst workstations are optimized to ensure collaboration between the security teams. The workstations also run on separate operating systems to ensure redundancy. “We want the analysts to hear what their colleagues are discussing,” Woods explains. “At the same time, they can alert their colleagues, via a status light, if they are deep into an investigation and aren’t available to collaborate.”

Woods stresses that collaboration is key to helping McAfee physical and cyber teams to stay ahead of threats. But more importantly, it allows them to be proactive, rather than reactive. “You can’t have an effective SOC if you are only reacting to threats,” he says. “It’s much harder to employ a proactive threat hunting team, but it’s necessary in today’s threat environment.”

The data derived from the cyber side of the center includes weekly reports to Bourzikas and Woods on the number of attacks, blocks, false positives and more that the analysts were successful in mitigating.

One area of the center houses a Malware lab, on a separate network that’s isolated from the corporate McAfee network, where analysts can test new malware threats. Nothing that occurs in the Malware lab leaves that area, and a film on the window blocks the ability for anyone to see what’s happening on the computer screens.

A final part of the Plano center is the physical corporate security component, where analysts monitor security at 67 McAfee offices in 54 countries. Woods says, “It is always business hours somewhere in the world for McAfee. The analysts feed data to security teams in each office and region. They monitor news feeds and employee travel.” Here again, the center’s layout allows for physical security analysts to collaborate with the cyber team.

Training Future Security Leaders

One of the challenges with operating the center in Plano is talent, Bourzikas says. “We are very thorough in the training of our analysts, but find it’s difficult to keep them in their roles long-term, as many suffer from burnout. One way we solve this is by offering our analysts different roles within McAfee, such as engineering or product development. In fact, many analysts are perfect for those future careers as they have experience testing those same McAfee products in our SOC.”

Bourzikas is passionate about finding solutions to the cybersecurity shortage at McAfee and the industry. He regularly speaks at industry conferences such as RSA, about the cybersecurity talent shortage, and he believes that the industry is neglecting one key area, which is developing a diverse workforce. “We need to tap into hiring more diversity. The industry as a whole is not good about tapping into that area – women, people of diverse backgrounds and former military,” he says. “I am only successful if I have great people working for me. Bill was a great hire, but there are not many ‘Bill’s’ out there,” he notes. “The industry is not good about developing a pipeline of future security leaders. We do a great job of taking people from other companies, but that will never solve the talent gap.”

Woods has specific skills in mind when he hires new SOC analysts. “Of course, they need to have the core skills, but we also look at curiosity. When you are an analyst, you are an investigator, and what separates the good from the bad is curiosity. We also regularly hire retirees and former military who have analytical skills. I can teach you to build a firewall by the end of this week but I cannot teach you an analytical mindset in a short period of time.”

“As an industry, we are too focused on hiring people with a CISSP,” Bourzikas adds. “Instead, I want to know how someone can securely design a server. That’s an awful thing to ask of a job candidate, because there are thousands of ways to do it, but I want to see their thought process. I’m also very open to working with millennials, who I believe are misunderstood. I do not share the notion that they are difficult to manage; you just have to get to know them. If you treat them as an equal and you empower them, they will be receptive to your leadership.”

Customer Zero

In addition to researching new cybersecurity and physical security threats and mitigating risks to the McAfee organization and its employees, the security analysts at McAfee test each McAfee product before they are pushed out to the market. “We call ourselves ‘Customer Zero’ because we are the first organization to use McAfee’s new offerings and product updates, and because we share our learnings to help customers implement faster and more smoothly,” Bourzikas explains. “I’m providing a service by testing and using our products before our customers use them. I can see and provide direct feedback to our product development teams on how McAfee products can be improved.”

Bourzikas is also an advocate of sharing feedback to industry colleagues. “The ‘bad guys’ have so many advantages,” he notes. “They don’t have any rules to follow. They do not want to share their new hack or malware because if it becomes widely used, then companies will reverse engineer it to prevent it. We believe that all cybersecurity companies can and should share information on a regular basis. As an industry, we need to do better with sharing.”

KEYWORDS: cyber security Security Operations Center (SOC) security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Diane 2016 200

Diane Ritchey was former Editor, Communications and Content for Security magazine beginning in 2009. She has an experienced background in publishing, public relations, content creation and management, internal and external communications. Within her role at Security, Ritchey organized and executed the annual Security 500 conference, researched and wrote exclusive cover stories, managed social media, and authored the monthly Security Talk column.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

September 29, 2025

Global Security Exchange (GSX)

 

November 17, 2025

SECURITY 500 Conference

This event is designed to provide security executives, government officials and leaders of industry with vital information on how to elevate their programs while allowing attendees to share their strategies and solutions with other security industry executives.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • education feat

    How Four Young Professionals Chose Careers in Security

    See More
  • Security in 2013 feature image

    How Security Can Add Value and Mitigate Risk in 2013

    See More
  • SEC0819-talk-Feat-slide1_900px

    How a GuideWell Security Team Member Saved a Life

    See More

Events

View AllSubmit An Event
  • November 17, 2025

    SECURITY 500 Conference

    This event is designed to provide security executives, government officials and leaders of industry with vital information on how to elevate their programs while allowing attendees to share their strategies and solutions with other security industry executives.
  • April 23, 2025

    Employee Perceptions of Workplace Safety in 2025

    ON DEMAND: Workplace safety continues to be a critical concern in 2025, with employees across industries expressing growing concerns about their safety at work.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing