Can You Spot What’s Wrong with This Picture? by Thomas Leduc


Suspend your reality for just a moment and imagine waking up in the cockpit of a Boeing 757 soaring above the clouds. Let’s pretend that you are a trained pilot with years of experience flying commercial jets. At first, you feel right at home gazing out at the sea of blue. Butthen, you look down at your controls and panic. You can’t seem to draw any contextual information from the various flight instruments in your navigation panel — the gauges, the displays. Everything is blank. It’s like staring into a black abyss. One thing is for sure, you’re several miles up in the air, cruising on the cusp of the stratosphere. But, for how long? In what direction? And, to what end? You study the unlabeled switches and dials but are careful not to touch anything out of fear of misconfiguring a critical control which could send the plane into a nosedive. All you can do is assume, hope and pray that the person before you has calibrated the autopilot correctly and that you are off to somewhere peachy. In case you are an actual pilot, I understand that every commercial jet has a backup battery-powered system and magnetic compass… But, don’t be “that guy.”

Okay, so, clearly the scenario that I painted is an absolute nightmare. But, security professionals are facing a similar circumstance in real life. Right now. F1000 companies exhaust a massive amount of effort, spend millions of dollars and deploy hundreds of security products to protect their organizations from cyber attacks. However, without proper instrumentation, security professionals have no way of accurately measuring the effectiveness of their layered defenses across people, processes, and technology. In other words, they, too, are “flying blind.”

Basic questions still go unanswered:

  • Based on the tools we’ve deployed, can attack XYZ happen to us? Will we detect it? Prevent it? How will we respond?
  • Are the dollars we’re spending actually making us more secure? How can I demonstrate security ROI?
  • Is every tool in our defensive stack optimally configured?  Will they stay that way?
  • Are the changes in our environment being properly implemented and communicated?

Cheesy but true — Verodin is lighting up the controls in your proverbial cockpit with Security Instrumentation®. The Verodin Security Instrumentation Platform (SIP) enables organizations to understand and communicate cybersecurity effectiveness with quantifiable, evidence-based data. Verodin SIP empowers you to elevate your security programs from the perception of a “magic black box” to a metrics-driven business unit. After the first week of deploying Verodin SIP, you’ll wonder how you ever flew without it.

More on Verodin:

Verodin is the first business platform to measure, manage and improve cybersecurity effectiveness. By demonstrating the impact of modern threats and malicious activities within the context of your environment, Verodin proves the effectiveness of your investments, proactively identifies configuration issues in your security stack and exposes true gaps across your people, processes, and technology. Verodin provides clarity on what a threat means for you and empowers you to drive decisions and priorities with empirical data. Verodin dramatically increases the ROI of existing and future security investments and quantifiably measures if security posture is improving or regressing over time.

*** This is a Security Bloggers Network syndicated blog from Verodin Blog authored by Verodin Blog. Read the original post at: