Noah Beddome will join Opendoor as Chief Information Security Officer (CISO). Beddome will be responsible for protecting the data and technology infrastructure that is core to Opendoor business. He will oversee Opendoor’s information security program and IT, and will help to maintain trust with customers by ensuring the integrity of data systems.
The talent war is real, the strength in numbers favors our opponent, we now have the original digital transformations we were planning pre-COVID, and now we have additional transformations that we have to take on to enable a distributed workforce that was previously never a consideration. There simply are not enough properly equipped resources to meet global demand, and even then, an organization is only as strong as its weakest analyst. The adversary knows that and, leverages the vulnerabilities in human behavior to advance their position in the “infinite game” of cyber warfare.
Traditionally, security operations centers (SOC) used tools such as endpoint detection and response (EDR), network detection and response (NDR), and security information and event management (SIEM), but as a result of the rush to remote work, many security teams have found their tools are now blind to many new and emerging threats.
Security operations centers need to solve the detection puzzle, creating human experience that is less tedious and more productive. The overall solution must give security professionals and the enterprise a consistent view of security preparedness, and the necessary implementations to keep their coverage high and their alerts rich. So where do you start?
Distributed denial of service (DDoS) attacks are more than an inconvenience; they paralyze operations and cause significant direct and indirect costs to those affected. Over 23,000 DDoS attacks are recorded per day, leaving companies to deal with disrupted online services. Recently, New Zealand’s Stock Exchange (NZX) was hit by a large DDoS attack for four consecutive days which led to a stock market closure that barred many from trading.
SOAR’s place in the fast-moving security arena has changed, and it is being swallowed up by advanced SIEMs. A new Gartner report sheds light on how the market has shifted and lays bare the paradox of smaller SOC teams, who need automated triage the most but aren’t able to maintain a SOAR.
Security Orchestration, Automation and Response (SOAR) solutions came on the market around six years ago. The two main objectives of these tools were to orchestrate 3rd party tools for filtering false positive alerts out of the network, and to automatically block attacks. SOAR came on the scene with bold statements to fill in some of the gaps that existed in Security Information and Event Management (SIEM) platforms, which have been making security analysts miserable for twenty years now.
In order to optimize Security + Operations and integrate it as a strategic function of the business, security teams need to shift their mindset to fully embrace automation. Doing this will require breaking down a few persistent barriers that stand in the way.
It’s easy to see how network tool sprawl gets started. The needs and challenges facing security and networking groups are immense. Network speeds have steadily increased, and there are always new demands and uses. Network conditions and requirements change weekly, if not daily. Security threats increase in number and approach. At the same time, technological advancement rapidly brings new solutions to the market that are beneficial in addressing networking and security needs.
SonicWall Capture Labs threat researchers unveiled third-quarter threat intelligence collected by the company’s more than 1 million global security sensors. Year-to-date findings through September 2020 highlight cyber criminals’ growing use of ransomware, encrypted threats and attacks leveraging non-standard ports, while overall malware volume declined for the third consecutive quarter.
In recent months, I’ve had many different conversations with our customers about how the COVID pandemic has impacted their security operations—from global companies with hundreds of thousands of employees to much smaller organizations with control rooms responsible for local operations and campuses. The overwhelming feedback is that everyone has needed, in one way or another, to change their processes, and expect to continue having to do so for the foreseeable future.