Jim Broome

Jim Broome is a seasoned IT/IS veteran with more than 20 years of information security experience in both consultative and operational roles. Jim leads DirectDefense, where he is responsible for the day-to-day management of the company, as well as providing guidance and direction for our service offerings. Previously, Jim was a Director with AccuvantLABS where he managed, developed, and performed information security assessments for organizations across multiple industries, while also developing and growing a team of consultants in his charge. Prior to AccuvantLABS, Jim was a Principal Security Consultant with Internet Security Systems (ISS) and their X-Force penetration testing team. Jim has also developed and provided training courses on several security products, including being a primary author of the CheckPoint Software Software CCSA/CCSE/CCSI training program, as well as creating and delivering numerous client-focused training programs and events.

DORA, aviatrix, security, multicloud, encryption, keys, sysdig, access, cloud security, Wiz, assets, security, multi-cloud, strategies, security, AWS, Amazon, cloud, cloud environment, data privacy, data protection, cloud security teams, security, cloud-native, Palo Alto Dell zero trust Network Security multi-cloud zero-trustQualys multi-cloud Wi-Fi 6 access point zero-trust cloud security remote data protection

Do You Know What Your Assets Are?

Jim Broome | January 27, 2025 | Asset Awareness, cybersecurity policy, Data Security, Incident Response, Third Party Risk

Asset awareness is the first step in understanding your complete security posture. If you don’t know what assets you own, how can you protect them? ... Read More

Security Boulevard

Cyberattacks Against Sporting Events are Growing More Calculated

Jim Broome | October 25, 2024 | cybersecurity awareness, events, Hacking, training

The amount of data being collected and shared online before and during large sporting events is low-hanging fruit for attackers ... Read More

Security Boulevard

A Deep Dive Into the Economics and Tactics of Modern Ransomware Threat Actors

Jim Broome | June 14, 2024 | black hat tools, Cybersecurity, data exfiltration, Incidents, Ransomware

The MGM Resorts breach is just one example demonstrating the crippling financial, legal and operational consequences of ransomware incidents ... Read More

Security Boulevard

SEC rules, cybersecurity, SEC cyber data breach rules

Why Biden’s EO on AI Conflates the Role of Red-Teaming

Jim Broome | December 12, 2023 | AI, Cybersecurity, executive order, LLMs, model security, Red Teaming

The AI executive order's broad language, particularly the role of red-teaming, prompts doubts about its practical implementation and effectiveness ... Read More

Security Boulevard

stolen, credentials, file data, anomaly detection, data exfiltration, threat, inside-out, breach, security strategy, data breaches, data search, Exabeam, data, data breaches, clinical trials, breach, breaches, data, residency, sovereignty, data, breaches, data breaches, NetApp data broker FTC location data

The Five Stages of Grief: Coping With a Data Breach

Jim Broome | August 11, 2023 | Cybersecurity, data, Data breach, Incident Response, recovery

Have you been a victim of a data breach? You’re not alone. As an incident response (IR) professional, I have met many different types of corporate staff, from the IT staff to the C-suite. Unfortunately, it was probably on their worst day ever, and in our world, it’s most likely ... Read More

Security Boulevard

When ChatGPT Goes Phishing

Jim Broome | May 18, 2023 | AI, ChatGPT, generative AI, Malware, security,

ChatGPT has become a powerful tool for security professionals seeking to enrich their work. However, its widespread use has raised concerns about the potential for bad actors to misuse the technology. Experts are worried that ChatGPT’s ability to source recent data about an organization could make social engineering and phishing ... Read More

Security Boulevard

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On