CIS then provides reporting of log information for all blocked requests, among other data. CIS will also assist in remediation if needed.

In 2022, the cyber threat intelligence (CTI) team at the Multi-State Information Sharing and Analysis Center (MS-ISAC) witnessed cyber threat actors (CTAs) step up their attack attempts against U.S. state, local, tribal and territorial (SLTT) government organizations. The MS-ISAC's Malicious Domain Blocking and Reporting (MDBR) service registered 908 billion DNS requests for SLTTs over the course of the year, for instance. Of that activity, the service blocked 7.8 billion requests.

SLTTs and private hospitals need a way to strengthen their defenses against a very active cyber threat. Thats why we at the Center for Internet Security (CIS) have released Malicious Domain Blocking and Reporting Plus (MDBR+).

BETTER VISUALIZE POTENTIAL THREATS ON YOUR NETWORK

Made available by CIS and industry leader Akamai to SLTTs and private hospitals, MDBR+ is a quick-to-configure and easy-to-deploy cloud-based secure web gateway service. It proactively identifies and blocks network traffic from your organization to known malicious websites.

Once you point your organization's domain name system (DNS) requests to the Akamais DNS server IP addresses, MDBR+ compares every DNS lookup against a list of known and suspected malicious domains. The service blocks and logs attempts to access known malicious domains such as those associated with malware, phishing and ransomware, among other threats, thereby increasing your organization's web security.

Akamai provides all logged data, including both successful and blocked DNS requests, to the CIS 24x7x365 Security Operations Center (SOC). SOC analysts use this data to perform detailed analysis and reporting for the betterment of the SLTT community and for reporting that's specific to your organization.

CIS then provides reporting of log information for all blocked requests, among other data. CIS will also assist in remediation if needed.

In addition to keeping your SLTT organization or private hospital safe against common threats, MDBR+ comes with six features that make staying secure even easier.

The purpose of MDBR+ is to strengthen your web security and keep you safe from known malicious domains using processes and policies that work for you. Register now to see what changes tailored threat protection brings to your business.

About CIS

The Center for Internet Security, Inc. (CIS) makes the connected world a safer place for people, businesses and governments through our core competencies of collaboration and innovation.

We are a community-driven nonprofit, responsible for the CIS Controls and CIS Benchmarks, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images provide secure, on-demand, scalable computing environments in the cloud.

CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC), the trusted resource for cyber threat prevention, protection, response and recovery for U.S. state, local, tribal and territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), which supports the rapidly changing cybersecurity needs of U.S. elections offices.

View original post here:
How to Strengthen Your Web Security Your Way - Government Technology

Cybersecurity threats require organizations to employ comprehensive data protection tactics and software such as antivirus, but Apple administrators may see Apple devices as sufficiently protected by the native security features.

Apple devices historically have a reputation for strong security, and macOS has a built-in antivirus tool, XProtect, so third-party antivirus might seem unnecessary to some Mac administrators. However, that reputation isn't necessarily accurate today, and malware such as viruses can cause serious issues if they're able to slip through the cracks. Additional antivirus protection is one important part of an effective cybersecurity strategy for Mac devices in the enterprise.

There are a few reasons why Macs have been seen as especially secure devices over the years. In the past, Apple had a much smaller share of the business computing market compared to Windows. There were more users to reach within the Windows OS, so hackers focused on writing malicious code to target Windows devices. Today, however, plenty of people use Macs, so they're a more appealing target for cyber attacks than they used to be.

Another reason for this security reputation is Apple's walled garden approach, where any software or service must be reviewed and approved by Apple before it can run within macOS, iOS or iPadOS. With the App Store, Apple carefully vets third-party software before making it available for download, so it's harder for users to unwittingly install malicious software onto their devices. While this approach can strengthen device security, it has been the subject of criticism and antitrust charges in recent years, so Apple might have to allow third-party app stores on its devices in the future.

New threats emerge constantly, and XProtect isn't as up to date on those threats as third-party antivirus providers tend to be.

Still, there are some aspects of macOS that give the operating system an edge when it comes to security. XProtect is macOS' built-in antivirus protection tool, which scans all applications and files to detect and block the download of malware. Another built-in security tool is Gatekeeper, which verifies that any app users try to open or install has come from a certified developer. These native Mac security tools also receive silent automatic updates, keeping them effective as threats evolve.

Even with these security strengths, viruses and other malware infections can and do affect Mac devices, with new vulnerabilities coming out every year. Their reputation for security can also contribute to cybersecurity risks, as users might be more careless when dealing with phishing attempts and other threats in a Mac environment. To stay on top of any potential vulnerabilities, organizations should supplement macOS' native security features with third-party antivirus software.

Antivirus software typically runs in the background to scan devices for malware and vulnerabilities, detecting and blocking threats such as ransomware, spyware and adware in real time. While XProtect can do this fairly well, it only scans for the malicious software that Apple is already aware of. New threats emerge constantly, and XProtect isn't as up to date on those threats as third-party antivirus providers tend to be. Plus, many antivirus products offer advanced features to further enhance protection, such as built-in VPN, malicious traffic detection, data loss prevention and patch management.

Third-party antivirus can fill in some of the gaps that macOS doesn't cover for security, making it a necessity for organizations that have to deal with sensitive corporate and end-user data. It should be just one part of a malware protection strategy, however. In addition to third-party antivirus software, organizations should invest in security awareness training for end users.

User behavior plays a major role in cybersecurity, with the Verizon "2022 Data Breach Investigations Report" finding that 82% of breaches in 2021 involved human error. Users don't always recognize the signs of a malware attack or know how to react to pop-ups and other suspicious activity. And while one of Apple's security strengths is that it issues regular security updates, users aren't always quick to install updates, allowing vulnerabilities to cause serious issues for even longer. Ensuring that users know the importance of software updates and other cybersecurity best practices is vital to effectively secure Macs in the enterprise.

There is a wide range of Mac antivirus providers on the market today. To choose from the available options, organizations should consider a few factors. Some tools, such as Intego Mac Internet Security X9, only support macOS, but most antivirus vendors can accommodate both macOS and Windows systems. Vendors such as Bitdefender and ESET include Linux support as well. Implementing security platforms that can support all of an organization's systems is a good way to reduce administrative overhead and licensing costs.

Similarly, organizations should look for antivirus software that's compatible with other IT tools and won't significantly impact device performance or the end-user experience. Some vendors, including Malwarebytes and Avast, offer a few different antivirus products and editions to choose from. It's important to sort through all of the available features to find the best fit among all of the vendors and their offerings. Some features that organizations should opt for include ransomware protection, adware detection and centralized management. Other popular vendors to consider include Norton, McAfee, TotalAV and Kaspersky.

See the rest here:
Does macOS need third-party antivirus in the enterprise? - TechTarget

The Avast One internet security suite recently earned perfect scores for malware protection from the two biggest independent security software labs, AV-Comparatives, and AV-Test. But it also has several advanced security tools, like a system cleaner, network protections, and unlimited VPN access.

For our UK Tom's Guide readers only, Avast has a special introductory offer. For only 23.99 (that's a 70% savings) you can protect up to 5 devices for a whole year!

Here's a quick look at some of the cool features of Avast One:

Firewall: Especially important when connected topublic Wi-Fi, the Avast firewall keeps tab on your connection to make sure snoops and hackers can't sneak in this way. The firewall also works alongside Avast's network security so your system is clear of threats that don't originate from the web.

System cleaner: As you download apps and save files, your devices tend to run slower. Even after files have been deleted small remnants are left behind. Avast's system cleaner looks for these small bits, and anything else causing system slowdown and removes them.

VPN: A virtual private network hides your online activity by using encryption, so your activity can't be intercepted. There's also no proof linking your online movements to you. Even your IP address is hidden. Avast's VPN will kill your internet access automatically if your connection is ever compromised while using it.

ID monitoring: Because of how easy it is to lose personal information due to data breaches, using the ID monitoring that comes with Avast One is very helpful. It will keep watch for your passwords, email addresses, and other login credentials being used on the dark web.

Today's best Avast Mobile Security deals

The rest is here:
Heads up! Avast One is 70% off for Tom's Guide readers in the UK - Tom's Guide

Looking to add some excitement to your portfolio? Investing in software stocks could give you that jolt, while also setting up your portfolio to make money in the long run. And if you're looking for some solid picks in this sector, I've got your back.

Read on to dive into three software stocks that are worth your attention: software giant Microsoft (MSFT -0.55%),programmatic advertising platform The Trade Desk (TTD -2.18%), and cloud-based security provider Cloudflare (NET -4.95%). Get ready to learn why these three companies could be great additions to your portfolio this year.

You can't beat the classics sometimes. Microsoft is an excellent investment after dominating the software industry for decades. The market opportunities might have changed, but the company's growth prospects remain enormous, even now.

For example, the tech giant's revenue rose by 10% in constant currency in the recently reported third quarter of 2023. If that jump doesn't impress you much, maybe you didn't notice that the global economy is waist-deep in an inflation-based crisis. Any growth should be seen as good news in this market, especially if the growing business was large and established in the first place.

And that's for the whole shebang, including underperforming businesses such as Windows licenses and Microsoft-branded hardware devices. Balancing out those weak spots, the Redmond, Washington, company is pulling off some truly remarkable growth in cloud computing and productivity software. Strong demand for Windows Azure and other cloud-based services is driving that train.

Of course, no investment is a sure thing, but Microsoft seems well positioned for continued growth in the years to come. It's no surprise that as a leading cloud-computing platform with a keen eye on the artificial intelligence (AI) space, the stock is up by more than 27% year to date in this AI-flavored economy.

But wait -- there's more. In the third quarter, Microsoft returned $9.7 billion of spare cash to shareholders through buybacks and dividends. That stockholder-friendly move was based on $17.8 billion in free cash flows. Microsoft is putting those deep pockets to good use.

You'll want to take a closer look at The Trade Desk in the digital advertising space.

The company's programmatic advertising platform is gaining market share, and its advertising business is snowballing. In the fourth quarter of 2022, The Trade Desk reported revenue growth of 24% year over year.

Remember what I said about any growth being good news? That's even more true in the advertising sector, which has taken the inflation-based downturn on the chin. Ad buyers are holding their purse strings tightly since their prospective customers generally aren't ready to buy stuff. A 24% revenue jump against that backdrop is nothing short of stunning.

Like Microsoft, The Trade Desk's ongoing success has caught the attention of hungry investors lately. Share prices are up by 40% year to date.

For a software stock with strong growth potential in the advertising space, consider adding The Trade Desk to your portfolio. When this company does a good job, it makes ad campaigns more effective with a lower budget. This programmatic advertising platform looks like a great addition to your holdings.

And when you're looking for ideas in internet security and performance services, look no further than Cloudflare. The company is gaining market share, and its customer base is growing rapidly. It added 114 large customers in the first quarter of 2023, with annual contracts worth $100,000 or more. That customer group now has 2,156 members.

Cloudflare is also expanding its product portfolio and growing its global footprint. In the first quarter, the company reported revenue growth of 37% year over year. I don't need to remind you of the challenging market environment, right? The gains are only getting bigger.

The last quarter was tough, with customers scrutinizing every penny of their operating budgets. On last week's first-quarter earnings call, CEO Matthew Prince likened it to the grimmest days of the pandemic. Still, Prince emphasized that his company remains indispensable, not just an expendable luxury. As he put it, "Thankfully, we continue to be a must-have, not a nice-to-have."

So stop me if you've heard this before, but Cloudflare is a software stock with explosive growth potential. You should consider adding this promising company to your portfolio, giving you a healthy exposure to the internet security and performance markets. Like Microsoft and The Trade Desk, Cloudflare should serve your wealth-building investment goals well for the long haul.

View post:
3 Best Software Stocks to Buy in 2023 and Beyond - The Motley Fool

Work on a Big Interactive Map. Facility is Full of Screens Showing Technical Data.getty

We are in a state of cyber-flux with new and many asymmetrical challenges to cybersecurity. As cybersecurity gaps abound, a new urgency in both industry and government has arisen on how to better protect the cyber landscape.

The digital attack surface has vastly expanded from the transitions by many companies and organizations to remote work, and from more interconnectivity of PCs and smart devices coming online from around the globe. For many companies and institutions, the overall IT perimeter is now more complex and dispersed with on-premises systems, cloud, and edge computing that necessitates more visibility, and a need for better threat detection, analysis, and incident response.

The cyber ecosystem is in a precarious situation. Emerging technologies such as the Internet of Things, Machine learning & artificial intelligence, and 5G are creating operational shifts that require new and more robust cybersecurity strategies. Exacerbating the cybersecurity challenge is the global dearth of qualified cybersecurity workers and expertise available to help defend the data at risk.

Finally, but not least of concern is the fact that criminal enterprises and state actors are posing a much more sophisticated and capable threat. They are sharing resources and tactics over Dark Web forums and using advanced hacking tools that enable them to discover vulnerable targets to infiltrate malware and automate attacks.

One vital and important development to meet these numerous cyber-threat challenges is the development of enhanced capabilities in Security Operations Centers (SOCs) used by companies, government, and organizations. SOCs provide an operational risk management structure for organizations to organize, monitor and respond to cybersecurity threats.

An effective SOC can manage corporate systems, control systems, and physical security. It is designed to deliver continuous prevention, protection, detection, and mitigation of threats to systems. SOC teams also uncover vulnerabilities, respond to threats, and handle incidents that may be in progress on your networks or systems. A SOCs success quotient depends on the rapid and accurate interpretation and response to threats by analysts and the security team. Please see my article on the key functions and operations of SOCs in Homeland Security Today at: Using SOCs and Cybersecurity Hubs to Prioritize Security Operations in a Critical Era - HS Today

Also, security operations center benefits are well defined in an article called Security Operations Center Trends for 2023 by Gilad David Maayan:

Improved Security Posture: A SOC helps to improve an organization's security posture by continuously monitoring for security threats and vulnerabilities and taking appropriate action to address them. This can help prevent security incidents and protect the organization's assets.

Enhanced Visibility: A SOC provides a centralized view of the organization's security posture, allowing security professionals to easily see what is happening across the organization's networks, systems, and applications.

Please see: Security Operations Center Trends for 2023 - DZone

Every year the RSA conference in San Francisco operates as a venue where many new cyber technologies are introduced for consideration to IT and security teams. SOC technologies have become a significant focus of those seeking improved cybersecurity. Other venues and conferences are also discussing the important role of SOCS for cybersecurity as the threat matrix grows. I have selected a few examples of solutions and products in different areas of SOC operations that can help advance SOCs and their operators for the years ahead.

IBM, a historical leader in developing tools for SOCs, has responded to new SOC challenges with an array of AI and security solutions designed to unify and accelerate the security analyst experience across their entire process of threat detection, investigation and response The IBM QRadar Suite offers a comprehensive set of security software built around a new user interface that is embedded with AI, and connects security data and response workflows between SOC analyst toolsets. It is delivered as SaaS and is designed so businesses small, medium, and large can select and customize products from the suite that specially fit their unique situations.

Specifically for SOC operators these products include AI/automation innovations for:

Alert triage; contextualizing threats, reducing false positives, and automatically prioritizing or closing alerts with AI trained on prior analyst response patterns,

Threat investigation; with the system automatically conducting early investigation steps that analysts would normally do manually, such as searching across systems for other evidence related to the security incident, and compiling results into easy to digest format for analysts to review and respond.

According to IBMs press release from the RSA conference, there are three core design elements of the QRadar Suite that immediately garnered my attention that bring immediate advantages to SOC operators to help ameliorate cyber-threats:

Please see RSA Press Release:

For more information also for a deeper dive on QRadar see:

Peripherals

Fibernet

An Israeli company called Fibernet LTD. known for their data center expertise (including for the CERN particle reactor), and has developed of a line of products for SOCs to keep secure USB, HDMI, and similar data lines. Their solutions allow companies to protect high-level secured environments, including multi-media peripherals that connect to SOCs, by separating source and data. Their new products can secure and simplify the aggregation of audio/visual data from multiple sources that may feed into a SOC. Fibernet restrings, emulates and separate signals, keeping functionality and avoiding any possibility of hacking through these lines.

Cybersecurity at the signal level is an interesting approach as physical security is based on the laws of physics it makes it physically impossible to transfer data in the wrong direction, denying an attacker access to your system.

For more information, please see:

Following The Audit and Log SOC Trail

A Canadian company called Datex created a technology called DataStealth that is beneficial for SOC operators performing audits. DataStealth is deployed between 2 endpoints: User to Application or Application to a database or even an On-Premises environment to a SaaS Service. Their platform then creates an audit record for everything that passes between.

The uniqueness of this approach is that the collection is performed at the transport layer enabling DataStealth to sit between any source and target, without any installation of collectors or agents. By collecting and reviewing audit logs, system administrators can achieve unparalleled granularity in tracking user activity, while security teams can easily and quickly investigate any security incidents to ensure full compliance with regulations, privacy laws, and governance requirements.

Please see: DataStealth Audit and Logging Use Case

While technologies are very important, there is no substitute for the human factor in cybersecurity and in especially managing the operations of a security operations center. There are a variety of organization that specialize in SOC certifications, two of them are described below.

SANS Institute

The SANS Institute was launched in 1989 as a cooperative for information security thought leadership. SANS ongoing mission to empower cyber security professionals with the practical skills and knowledge they need to make our world a safer place. SANS offers the latest SOC training certification and resources for SIEM, Elastic Stack, and modern detection techniques to help equip Blue Teamers with the right knowledge and ability that is needed to safeguard their organizations and drive security operations with actionable intelligence.

Please see: Security Operations Center | SANS Institute

CompTIA is another certification organization that offers excellent training for potential SOC analysts. The Computing Technology Industry Association (CompTIA) is a leading voice and advocate for the $5 trillion global information technology ecosystem; and the estimated 75 million industry and tech professionals who design, implement, manage and safeguard the technology that powers the worlds economy.

Please see: What Is a Security Operations Center | Cybersecurity | CompTIA

The State of The SOC

CompTia

The adage is that people, processes, and technologies are essential for holistic cybersecurity. I have discussed some interesting technology applications, but there are also newer processes that SOCs need to implement. While models can differ, below is a glimpse of the basic elements usually found in operating an SOC:

In the past, three significant risk management themes have been put forward to help ameliorate the digital risk ecosystem including: security by design, defense in depth, and zero trust. They are a triad, or three strong pillars of risk management needed for a successful cybersecurity strategy.

Security by Design is well defined in an article in United States Cybersecurity magazine, cybersecurity expert Jeff Spivey provided an excellent working definition: Security by Design ensures that security risk governance and management are monitored, managed, and maintained on a continuous basis. The value of this holistic approach is that it ensures that new security risks are prioritized, ordered, and addressed in a continual manner with continuous feedback and learning. Security by Design | United States Cybersecurity Magazine (uscybersecurity.net)

Security by Design is really the initiation point of a risk management processespecially if you are a software or hardware developer concerned with security. In fact, DHS CISA recently came out with a strategy for both the private and public sectors making security by designing a preferred course of action. Please see: Secure by Design, Secure by Default | CISA

Defense in Depth. A variety of strong definitions exist for defense in depth in the security community. A NIST publication defines the Defense-in-depth concept as an important security architecture principle that has significant application to industrial control systems (ICS), cloud services, storehouses of sensitive data, and many other areas. We claim that an ideal defense-in-depth posture is 'deep', containing many layers of security, and 'narrow', the number of node independent attack paths is minimized. Measuring and Improving the Effectiveness of Defense-in-Depth Postures | NIST

Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defenses from static, network- based perimeters to focus on users, assets, and resources. A zero-trust architecture (ZTA) uses zero trust principles to plan industrial and enterprise infrastructure and workflows. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location (i.e., local area networks versus the internet) or based on asset ownership (enterprise or personally owned). Authentication and authorization (both subject and device) are discrete functions performed before a session to an enterprise resource is established. Zero trust is a response to enterprise network trends that include remote users, bring your own device (BYOD), and cloud- based assets that are not located within an enterprise-owned network boundary. Zero trust focuses on protecting resources (assets, services, workflows, network accounts, etc.), not network segments, as the network location is no longer seen as the prime component to the security posture of the resource. This document contains an abstract definition of zero trust architecture (ZTA) and gives general deployment models and use cases where zero trust could improve an enterprises overall information technology security posture. Zero Trust Architecture | NIST

Frameworks, processes, strategies, operational SOC are elements that should be prioritized in industry and government. I provided a working checklist in a recent article in Homeland Security Today on the topic that can be found at the following link: Using SOCs and Cybersecurity Hubs to Prioritize Security Operations in a Critical Era - HS Today

A useful publication to better understand the importance of the role of SOCs that was written in 2021 is The Evolution of Security Operations and Strategies for Building an Effective SOC by Lakshmi Narayanan Kaliyaperumal. The author noted that cybersecurity threats are becoming increasingly complex, sophisticated, malicious, well organized, and well-funded. The widespread adoption of artificial intelligence (AI)-powered tools and technologies will lead to customized; high-impact cyberattacks. Addressing the complexity and sophistication of such attacks requires an empowered security operations center (SOC). And that extended detection and response (XDR) and the integration of IT/operational technology (OT)/industrial control systems (ICS) are likely the next advancements in the SOC evolution. XDR evolved from current reactive threat detection and response solutions and integrates security technologies signals to extract threat events across identity, endpoints, the cloud, and the network. XDR capabilities include identity analytics, network analysis, integrated threat intelligence, AI/ML-based detection, and automated and orchestrated investigation response.

Please see: The Evolution of Security Operations and Strategies for Building an Effective SOC (isaca.org)

The Importance of SOCs is a global issue and the importance of the SOC role is recognized in new legislation by the European Community. The proposed EU Cyber Solidarity Act, aims to strengthen cybersecurity by creating better detection, preparedness, and response to significant or large-scale incidents. This involves creating a European Cybersecurity Shield and a Cyber Emergency Mechanism, using national and cross-border state-of-the-art Security Operations Centers (SOCs) tasked with detecting and acting on cyberthreats. The EUs Cyber Solidarity Act: Security Operations Centers to the rescue! | WeLiveSecurity

In summary, innovative technologies, (some of which I have highlighted) and which are being introduced in 2023 at RSA and other venues are focused on those capabilities and will significantly assist SOC operators with cybersecurity challenges. Being aware of the resources available and operational requirements for SOC cybersecurity is a starting point for business, government, and many organizations. The cyber threats and risks are too high not to be proactive in advancing the capabilities of security operations centers.

Chuck Brooks

Top Cyber News Magazine

Chuck Brooks is a globally recognized thought leader and subject matter expert Cybersecurity and Emerging Technologies. Chuck is also an Adjunct Faculty at Georgetown Universitys Graduate Cybersecurity Risk Management Program where he teaches courses on risk management, homeland security technologies, and cybersecurity. LinkedIn named Chuck as one of The Top 5 Tech People to Follow on LinkedIn. He was named Cybersecurity Person of the Year for 2022 by The Cyber Express, and as one of the worlds 10 Best Cyber Security and Technology Experts by Best Rated, as a Top 50 Global Influencer in Risk, Compliance, by Thompson Reuters, Best of The Word in Security by CISO Platform, and by IFSEC, and Thinkers 360 as the #2 Global Cybersecurity Influencer. He was featured in the 2020, 2021, and 2022 Onalytica "Who's Who in Cybersecurity" He was also named one of the Top 5 Executives to Follow on Cybersecurity by Executive Mosaic, He is a GovCon Expert for Executive Mosaic/GovCon Wire, He is also a Cybersecurity Expert for The Network at the Washington Post, Visiting Editor at Homeland Security Today, and a Contributor to Skytop Media, and to FORBES. He has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law.

Chuck Brooks, President of Brooks Consulting International, is a globally recognized thought leader and subject matter expert Cybersecurity and Emerging Technologies. Chuck is also Adjunct Faculty at Georgetown Universitys Graduate Applied Intelligence Program and the Graduate Cybersecurity Programs where he teaches courses on risk management, homeland security, and cybersecurity.

LinkedIn named Chuck as one of The Top 5 Tech People to Follow on LinkedIn. He was named as one of the worlds 10 Best Cyber Security and Technology Experts by Best Rated, as a Top 50 Global Influencer in Risk, Compliance, by Thompson Reuters, Best of The Word in Security by CISO Platform, and by IFSEC and Thinkers 360 as the #2 Global Cybersecurity Influencer. He was featured in the 2020, 2021, and 2022 Onalytica "Who's Who in Cybersecurity" as one of the top Influencers for cybersecurity.

Chuck has served at executive levels in both government and industry. He is a two-time Presidential Appointee and was one of the group of initial people hired to helped set up the Department of Homeland Security, including the Science & Technology Directorate.

Chuck has written over 300 articles and has keynoted dozens of conferences worldwide. He has over 82,000 followers on LinkedIn and almost 18,000 followers on Twitter.

Chuck has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law.

Follow Chuck on social media:

LinkedIn:https://www.linkedin.com/in/chuckbrooks/

Twitter:@ChuckDBrooks

See the rest here:
Advancing The Security Operations Center (SOC): New Technologies and Processes Can Help Mitigate Cyber Threats - Forbes