January 2018

January 2018

Jan 302018

The Benefits of Being Blonde: A Journey to Information Technology

| Security Operations Center Director

Life seems easier with an optimistic attitude. I’ve never actually considered myself an optimist as my internal state of being is in a constant state of worry and panic – being in a security operations role within the information technology industry. But recent pondering has led me to the conclusion that I am an inadvertent […]

Holly Dale

Security Operations Center Director

Holly Dale’s two decades in cybersecurity has led her to become the SOC Director at Armor. Prior to Armor, Holly held positions contracted to Oncor Energy and National Nuclear Security Administration under the Department of Energy (NNSA/DOE), including Information System Security Officer (ISSO) cyber security Subject Matter Expert (SME), Senior Security Analyst, Sr. Forensic Investigator, and Sr. Incident Responder. Holly was a founding member of NNSA's Information Assurance Response Center (IARC), as well as a member of the Secret Services's Las Vegas Electronic Crimes Task Force (LV-ECTF) and the FBI-led Nevada Cyber Crimes Task Force (NCCTF), working with numerous city, county, state and federal agencies in each task force.

Jan 252018

Security vs. Compliance: A Love-Hate Relationship

| Chief Information Security Officer

Ever since men started crafting laws, there has been a constant conflict on how people carry out the ‘letter of the law’ such that it also achieves the ‘spirit of the law.’ The essence of this conflict is now causing problems in regulated industries and regions where businesses pour so much time, money and resources […]

Kurt Hagerman

Chief Information Security Officer

Kurt Hagerman has over twenty-five years in the field of information technology, including over 6 years as Chief Information Security Officer at Armor. He is responsible for the governance, risk and compliance side of the security mission for customer facing products. He regularly consults with Armor prospects and customers on PCI, HIPAA and financial services regulations and helps them understand how these regulations impact their business and how Armor can help them meet their regulatory responsibilities. Kurt regularly speaks and writes on information security topics in the payments and health care spaces as well as on cloud security. He holds CISA and CISSP certifications and is an active participant with local chapters of ISACA, CSA and ISSA.

Prior to joining Armor, he was a Managing Director and national PCI Practice Director for Coalfire Systems, Inc., a leading IT Security GRC company. Kurt has conducted hundreds of security reviews and audits across a number of industries including the payment space, healthcare, financial services and higher education. During his twenty-five plus years in the field of information technology, he has held a wide number of positions encompassing many IT and security disciplines including: network engineering; systems engineering; security engineering; and IT/Security auditing and compliance.

Jan 232018

Logging & Security: Solving the Analysis Challenge

| VP of Product

Logging is vital to any cybersecurity program. Combined with proper monitoring, logs can provide valuable information to security professionals that then enable them to detect malware activities, hacking attempts, configuration problems and other similar issues. It’s so important to security – that log management and monitoring are among the requirements of data protection laws and […]

Ryan Smith

VP of Product

With 10 years of experience, Ryan Smith serves as VP of Product at Armor; he is passionate about telling stories about how companies are achieving security and compliance in the cloud. Ryan regularly speaks nationwide at conferences, user groups, and special events on the topics of cloud security, compliance – PCI, HIPAA, and GDPR, and developing secure cloud architectures. Previously, he served as Director of Product Marketing and Sr. Product Manager focused on bringing Armor Anywhere (a managed, scalable security solution that protect virtual machine instances hosted on public, private, hybrid or on-premise cloud environments) and its future iterations to market; he also has been an integral part of developing Armor’s compliance matrix mappings and the industry defining cloud adoption framework for HIPAA compliance. At prior companies, he served as the Founder, Head of Product or Marketing Manager for various SaaS businesses. Ryan holds a PhD in Mass Media and Communication Studies from European Graduate School.

Jan 182018

Eliminating the Noise: A New Approach to Cybersecurity Metrics

Simply put – cybersecurity has a metrics problem. Why is it so difficult to answer, “How secure are we?” All too often security teams are left looking like a deer in the headlights when asked the question, “How secure are we?” The truth, however, is that it doesn’t have to be that way. To be […]

Guest Author Image

Guest Author

Guest authors comprise of Armor's strategic partners, technology partners, clients and experts in the cybersecurity industry.

Jan 162018

Diving into DevSecOps: Measuring Effectiveness & Success

Whether your organization is big or small, you need the right metrics to determine the effectiveness of your security, performance and overall operation. This is no less true when it comes to measuring the success of your DevSecOps approach than it is anything else. Getting developers to think like InfoSec professionals and vice versa is […]

Jan 112018

Diving into DevSecOps: Predictions for 2018

Of IT disciplines, cyber security is the only one that should never dance alone. It touches everything, from networking to application development. Yet traditionally, security has often been the last one invited to the party.  In the DevOps community, that is now starting to change. A new awareness of the threat landscape is dawning, and 2018 […]

Jan 92018

Spectre: Mitigations for Long-Term Risk

| Head of the Threat Resistance Unit

Even as updates start to trickle out, Spectre remains poised to haunt the IT industry for some time. First made public alongside the Meltdown vulnerability, Spectre is actually a class of vulnerabilities that take advantage of the side effects of speculative execution, a method used by microprocessors to speed their performance. Using Spectre, an attacker […]

Troy Dearing

Head of the Threat Resistance Unit

Troy Dearing is the Head of the Threat Resistance Unit and oversees all cyber threat intelligence & threat hunting initiatives. He initially joined Armor’s TRU as a Senior Ethical Hacker leveraging 22 years of expertise in IT and cyber security.

Before joining Armor, Troy was a Computer Network Operator for the NSA, where he was tasked with performing Computer Network Exploitation operations. He retired from the Marine Corps after 20 years of service with distinction serving as a network intelligence subject matter expert, instrumental in the creation of a service level course on network exploitation and analysis. Early in his career he was selected for an internship at the NSA’s Red Team which established his foundation in cyber security expertise. He graduated magna cum laude from the University of Maryland University College attaining his Bachelor of Science in Cybersecurity. Troy is a Certified Information Systems Security Professional (CISSP).

Jan 52018

Meltdown: How to Protect Your Company

Every once in a while, there are days those of us in IT know will require extra cups of coffee to get through. The past few days have been among them, as revelations about critical vulnerabilities in microprocessors from Intel, ARM and AMD have caused quite a stir. Dubbed Spectre and Meltdown, these vulnerabilities could […]

Jan 32018

Diving into DevSecOps: The Need for Better Cybersecurity Collaboration

DevOps, and its close cousin, DevSecOps, are transforming how quickly businesses can deploy applications. Embracing this change, with all its cultural implications, is a must for security to keep pace with the rest of IT. As we step into the new year, we will be launching a blog series to dive deeper into the DevOps […]