Information Security Leader, Author, Instructor and Speaker

4 Ways Data Loss Prevention Tools Fit Right into Layered Security Strategies

Cybersecurity pros often follow a defense-in-depth strategy, acknowledging the fact that controls will fail. Layered defenses are especially important in the open-computing environment of academia. Data loss prevention solutions are an important component of a layered approach to security. DLP scans content leaving the institution for signs of sensitive information and often serves as the last line of defense, stopping data exfiltration after other controls fail to prevent a breach.

Published January 2018 in EdTech Magazine.
Read the full article: 4 Ways Data Loss Prevention Tools Fit Right into Layered Security Strategies

Posted in Articles | Tagged , | Leave a comment

Six Big Cybersecurity Certification Changes for 2018

On the heels of one of the most significant years in cybersecurity history, organizations around the world are making plans to develop the cybersecurity skills of their technical teams in 2018. IT leaders recognize that the threat landscape continues to shift and that they require skilled cybersecurity professionals to protect their information and systems against sophisticated attackers.

Whether you’re already a cybersecurity professional, or you’re seeking to switch into an exciting, growing career field, there’s plenty of opportunity to go around. The field needs plenty of newcomers to fill the cybersecurity skills gap and opportunities abound for existing security professionals to ramp up their skills and earn internal promotions and opportunities at new firms.

Just as the changing threat environment is creating new staffing needs, it’s also leading the technical certification industry to increase their focus on cybersecurity certification programs. The next 12 months will be full of changes in professional certification programs and IT pros should pay careful attention. Let’s break down some of the biggest developments in the field as we enter the new year.

Published January 2018 in Certification Magazine.
Read the full article: Six Big Cybersecurity Certification Changes for 2018

Posted in Articles | Tagged | Leave a comment

2017 in Review: The Top Cybersecurity News Stories

2017 was quite a year in the world of cybersecurity! From the politicization of cyberwarfare to several major data breaches, hardly a week went by that cybersecurity issues didn’t appear on the front pages of newspapers around the world. Let’s take a moment to recap what I consider to be the 10 biggest cybersecurity news stories of the past 12 months.

Published December 2017 in Certification Magazine.
Read the full article: 2017 in Review: The top cybersecurity news stories

Posted in Articles | Tagged , , , , , , | Leave a comment

IDC PlanScape: Threat Hunting

“Threat hunting is the latest trend in cybersecurity analytics,” says Mike Chapple, adjunct analyst with IDC’s IT Executive Programs (IEP). “Organizations that adopt threat hunting programs combine time-tested security knowledge with modern analytic techniques to identify and respond to suspicious activity.”

IDC Research Report published November 2017.

Read the full report: IDC PlanScape: Threat Hunting

Posted in White Papers | Tagged , , | Leave a comment

Data Science in Cybersecurity: Five Questions to Ask Vendors

“There’s a mad rush in the cybersecurity solutions space to use the terms machine learning, analytics, and data science in conjunction with security products. IT executives considering these solutions should ask probing questions that dig through the marketing hype to allow a careful assessment of the scope and depth of analytics techniques. By asking these questions, IT leaders will be better able to assess the potential value to the enterprise,” said Mike Chapple, adjunct research analyst with IDC’s IT Executive Programs (IEP).

IDC Research Report published November 2017.
Read the full report: Data Science in Cybersecurity: Five Questions to Ask Vendors

Posted in White Papers | Tagged | Leave a comment

Addressing the Cybersecurity Skills Gap

Cybersecurity professionals are used to managing crises, from the latest ransomware attack streaking across the Internet to a critical security vulnerability that requires patching hundreds or thousands of systems overnight. Cybersecurity experts step in to help organizations when things go wrong.

Today, the cybersecurity profession itself is facing a crisis that requires a different kind of management. There is a critical skills gap in the profession that will leave many crucial positions unfilled, jeopardizing the security of enterprises around the world.

Published November 2017 in Certification Magazine.
Read the full article: The right cert can provide a strong foundation for your cybersecurity career

Posted in Articles | Tagged | Leave a comment

IDC PlanScape: Creating a Cybersecurity Professional Development Program

“The world of cybersecurity is becoming increasingly siloed,” says Mike Chapple, adjunct analyst with IDC’s IT Executive Programs (IEP). “Leaders should understand that their teams have a wide variety of professional development needs and invest in developing a robust program that builds a stronger workforce through a combination of education, training, and hands-on experience.”

IDC Research Report published November 2017.
Read the full report: IDC PlanScape: Creating a Cybersecurity Professional Development Program

Posted in White Papers | Tagged , , | Leave a comment

Russia meddling mess will cost tech giants big bucks to fix

During a series of hearings before House and Senate committees this week, members of Congress trotted out poster boards showing graphic examples of social media advertisements that attempted to influence the 2016 election. With headlines like “Heritage, not hate. The South will rise again!” and “Join us because we care. Black matters!” these ads focused on polarizing, hot-button issues including gun ownership, race relations, immigration, and religion, simultaneously targeting both sides of each debate in an effort to foment unrest.

Attorneys for Facebook, Google, and Twitter sat in the hot seat during these hearings and offered Congress assurances that they take the issue seriously and are implementing new controls to prevent misleading advertising. The issue with those safeguards, however, is that they are not likely to be effective. Many of them depend heavily upon artificial intelligence and machine learning technologies that simply aren’t yet up to the challenge, at least on their own.

At the heart of these approaches is the belief that social media companies can develop models that automatically identify false and misleading advertisements, as well as advertisers operating under a false flag. The reality is that parties seeking to defeat these automated safeguards can continually alter their advertisements until they discover content that passes through the algorithm’s filters.

Read the full article: Russia meddling mess will cost tech giants big bucks to fix

Published November 2, 2017 on CNBC

Posted in Articles | Tagged , | Leave a comment

IDC PlanScape: Building a Security Operations Center

“The security operations center serves as the nerve center of an organization’s cybersecurity program,” says Mike Chapple, adjunct analyst with IDC’s IT Executive Programs (IEP). “IT leaders that make investments in staffing and equipping a SOC will gain insight into their organization’s security posture and increase their ability to react promptly to cybersecurity incidents.”

IDC Research Report published October 2017.
Read the full report: IDC PlanScape: Building a Security Operations Center

Posted in White Papers | Tagged , , | Leave a comment

IDC PlanScape: Building Compliant Cloud Environments

“Compliance has come to the cloud,” says Mike Chapple, adjunct analyst with IDC’s IT Executive Programs (IEP). “Enterprises planning a large-scale cloud migration should absolutely consider regulated workloads as part of the pool of candidate services to operate in the cloud. Those who already completed cloud migration projects but held back regulated workloads should reexamine that decision and consider the potential technical and compliance benefits of migrating those workloads as well.”

IDC Research Report published October 2017.

Read the full report: IDC PlanScape: Building Compliant Cloud Environments

Posted in White Papers | Tagged , | Leave a comment

Mike Chapple, CISSP, Ph.D.

Mike is an IT leader, information security professional, author, speaker and trainer with over fifteen years of experience in the field.

Full Biography

@mchapple