Information Security Leader, Author, Instructor and Speaker

Data Science in Cybersecurity: Five Questions to Ask Vendors

“There’s a mad rush in the cybersecurity solutions space to use the terms machine learning, analytics, and data science in conjunction with security products. IT executives considering these solutions should ask probing questions that dig through the marketing hype to allow a careful assessment of the scope and depth of analytics techniques. By asking these questions, IT leaders will be better able to assess the potential value to the enterprise,” said Mike Chapple, adjunct research analyst with IDC’s IT Executive Programs (IEP).

IDC Research Report published November 2017.
Read the full report: Data Science in Cybersecurity: Five Questions to Ask Vendors

Posted in White Papers | Tagged | Leave a comment

Addressing the Cybersecurity Skills Gap

Cybersecurity professionals are used to managing crises, from the latest ransomware attack streaking across the Internet to a critical security vulnerability that requires patching hundreds or thousands of systems overnight. Cybersecurity experts step in to help organizations when things go wrong.

Today, the cybersecurity profession itself is facing a crisis that requires a different kind of management. There is a critical skills gap in the profession that will leave many crucial positions unfilled, jeopardizing the security of enterprises around the world.

Published November 2017 in Certification Magazine.
Read the full article: The right cert can provide a strong foundation for your cybersecurity career

Posted in Articles | Tagged | Leave a comment

IDC PlanScape: Creating a Cybersecurity Professional Development Program

“The world of cybersecurity is becoming increasingly siloed,” says Mike Chapple, adjunct analyst with IDC’s IT Executive Programs (IEP). “Leaders should understand that their teams have a wide variety of professional development needs and invest in developing a robust program that builds a stronger workforce through a combination of education, training, and hands-on experience.”

IDC Research Report published November 2017.
Read the full report: IDC PlanScape: Creating a Cybersecurity Professional Development Program

Posted in White Papers | Tagged , , | Leave a comment

IDC PlanScape: Building a Security Operations Center

“The security operations center serves as the nerve center of an organization’s cybersecurity program,” says Mike Chapple, adjunct analyst with IDC’s IT Executive Programs (IEP). “IT leaders that make investments in staffing and equipping a SOC will gain insight into their organization’s security posture and increase their ability to react promptly to cybersecurity incidents.”

IDC Research Report published October 2017.
Read the full report: IDC PlanScape: Building a Security Operations Center

Posted in White Papers | Tagged , , | Leave a comment

IDC PlanScape: Building Compliant Cloud Environments

“Compliance has come to the cloud,” says Mike Chapple, adjunct analyst with IDC’s IT Executive Programs (IEP). “Enterprises planning a large-scale cloud migration should absolutely consider regulated workloads as part of the pool of candidate services to operate in the cloud. Those who already completed cloud migration projects but held back regulated workloads should reexamine that decision and consider the potential technical and compliance benefits of migrating those workloads as well.”

IDC Research Report published October 2017.

Read the full report: IDC PlanScape: Building Compliant Cloud Environments

Posted in White Papers | Tagged , | Leave a comment

3 Tips for a Smooth Data Loss Prevention Rollout

Edward Snowden and Reality Winner grabbed headlines for leaking sensitive information from agencies, but they?re only the most visible examples of data theft. Agency leaders see these high-profile cases as evidence they must dedicate time and attention to insider threats. In a recent Symantec survey, 85 percent of federal IT managers say they are more focused on the insider threat than one year ago. In addition, 86 percent say they now run a formal insider threat prevention program, up from 55 percent in 2015.

Published October 2017 in FedTech Magazine.

Read the full article: 3 Tips for a Smooth Data Loss Prevention Rollout 

Posted in Articles | Tagged , | Leave a comment

DHS’s CDM Program Moves to the Next Phase: Protection

From Russian and Chinese hackers to WikiLeaks and North Korea, nefarious actors have long targeted federal systems, looking to steal sensitive national security information and disrupt government activities. But as agencies answered these threats, IT shops found they simply didn’t have the technical tools or sophistication to defend themselves.

Published October 2017 in FedTech Magazine.

Read the full article: DHS’s CDM Program Moves to the Next Phase: Protection

Posted in Articles | Tagged | Leave a comment

Find Your Footing in Cloud Security with CCSK

The cloud is here to stay. Organizations of all sizes and industries are turning to cloud services as a flexible, agile alternative to building expensive data centers, maintaining silos of technical expertise, and overprovisioning capacity to meet future demand.

Gartner recently estimated that the cloud computing industry will grow at an 18 percent rate in 2017, reaching a total market size of $246 billion dollars. There’s no sign that the adoption of cloud services is slowing down, and a quick search of technical job descriptions shows that technologists with experience on cloud platforms such as Amazon Web Services (AWS), Microsoft Azure, Salesforce, Workday, and other similar services are in high demand.

At the same time, however, that organizations are turning to the cloud to achieve cost savings, improve their agility and drive flexibility in computing, they also remain concerned about the security of data stored and processed in the cloud. Turning over responsibility for handling data at any layer of the cloud computing stack raises the eyebrows of security professionals and calls for a different kind of expertise than securing traditional environments.

Published June 26, 2017 on gocertify.com

Read the full story: Find Your Footing in Cloud Security with CCSK

Posted in Articles | Leave a comment

Solving the cybersecurity staffing shortage

Cybersecurity is at a critical juncture. Organizations around the world increasingly recognize the importance of cybersecurity to their reputation and ongoing operations, driven by mainstream media reports about breaches. This recognition results, in many cases, in an increased desire to hire skilled cybersecurity professionals to protect systems and information assets.

This renewed interest in cybersecurity talent also is creating a significant skills gap, a cybersecurity staffing shortage, as employers struggle to stand out among the pack and recruit talented professionals to fill their open positions. Recent research confirms that this trend exists and that organizations are truly struggling to fill positions.

Information security industry association (ISC)² released its Global Information Security Workforce Study in February. This study surveyed more than 19,000 security professionals and projects that there will be a gap of 1.8 million cybersecurity experts over the next five years. That gap represents a 20 percent increase from the 1.5 million shortfall predicted by the same study last year — and provides quantitative evidence of the anecdotal pain felt by hiring managers around the world.

Published June 5, 2017 on certmag.com

Read the full story: Solving the cybersecurity staffing shortage

Posted in Articles | Leave a comment

IDC PlanScape: Deploying Multifactor Authentication

“Multifactor authentication is a time-tested approach that is finally coming of age,” says Mike Chapple, adjunct analyst with IDC’s IT Executive Programs (IEP). “Organizations recognize that they face an increasing threat from the compromise of password-based credentials; knowledge-based authentication simply doesn’t provide an adequate level of protection against those threats. Push-based authentication using smartphones is both simple for end users and cost-effective for the organization.”

IDC Research Report published May 2017.
Read the full report: IDC PlanScape: Deploying Multifactor Authentication

Posted in White Papers | Tagged | Leave a comment

Mike Chapple, CISSP, Ph.D.

Mike is an IT leader, information security professional, author, speaker and trainer with over fifteen years of experience in the field.

Full Biography

@mchapple