Security Vendor CTOs: Perspectives, Opinions, and Lessons Learned
نویسندگان
چکیده
In the classic IT realm, the CTO role was created to assist CIOs to develop viable technical solutions to existing problems. However, in the realm of the vendors and suppliers, there is considerably less agreement on what exactly the CTO needs to do, but no shortage of opinions on what makes the role difficult to fill. This panel addresses a number of challenges by some of the most well respected security tool vendor CTOs. The first panel topics center around the CTO role, and how it changes as the company grows and matures. Perhaps considerably more so than in classic IT organizations, vendor CTOs must be sensitive to the business requirements of the company and whether certain technologies can provide a reasonable return on investment. But, how do CTOs straddle the roles of being the technical purists that the outside world expects and the realistic pragmatist that their business partners demand? How do CTOs find a balance between business line responsibilities and keeping various constituencies happy, such as business partners, customers, prospective partners, and the ever dynamic and fickle analyst community? And if business doesn't prosper, how much responsibility (and blame) does the CTO bear? Another challenge for CTOs revolves around domain expertise. Often CTOs are selected for the specific knowledge of a technology area pertinent to a problem or solution. What happens when the solution migrates out of the CTOs domain expertise? How much responsibility does a CTO have for ensuring that their company's core competency doesn't inadvertently serve as an "immune system" to resist alternative solutions? Or is the CTO position merely a safe place to put technical founders? Other topics that will be covered include: How does one become a CTO, anyway? What do you think a CTO really should do? What would you say to someone who wants to be a CTO? What are the toughest lessons you learned? Will there be CTOs ten years from now? Each panelist was a co-founder and CTO of a security tool vendor, and is guaranteed to have opinions on each of these topics. Christopher W. Klaus is the Founder and Chief Technology Officer of Internet Security Systems, Inc. (ISS). ISS is a leading global provider of security management solutions for the Internet and online business operations, with market-leading software, consulting, education and remote managed security services offerings that easily and cost-effectively scale for any organization. Gene Kim is the chief technology officer and cofounder of Tripwire, Inc. In 1992, he co-authored Tripwire while at Purdue University with Dr. Gene Spafford. He is currently working with Spafford on IT safety models to explain why IT is in so much pain, and show how basic capabilities such as repeatable builds and quick remediation are the key to running IT securely. Ron Gula is VP of Intrusion Detection Products for Enterasys Networks, oversees the team that produces the Dragon line of IDS tools. He was the founder and Chief Technology Officer of Network Security Wizards (NSW), which was acquired by Enterasys Networks in August 2000. Mr. Gula also wrote the original Dragon IDS and currently specializes in extremely high speed network monitoring and IDS correlation tools. Prior to entering the commercial sector, Mr. Gula was a Captain in the US Air Force. Paul E. Proctor is currently the Director of Technology at Cybersafe Corporation. He started his career specializing in secure operating system development in 1986 as a UNIX kernel programmer on Gould’s UTX/32S C2-rated UNIX. Mr. Proctor has been involved in applied intrusion detection since 1989 when he led a study of the state-of-the-art for the U.S. Government. He developed the Computer Misuse Detection System (CMDS) technology while employed at SAIC and was founder and Chief Technology Officer of Centrax Corporation.
منابع مشابه
Hospital Management in Infectious Disease Outbreak: Lessons Learned from COVID-19
Background: Biological events including epidemics, pandemics, emerging, and reemerging infectious diseases have significant adverse consequences on health. The hospitals have a major role in the management of outbreaks and mitigation of effects. During pandemics health systems especially, hospitals may be affected. Methods: Therefore, the current study aimed to collect and analyze lessons lea...
متن کاملLessons Learned from Robotics
An extensive research and development activity of almost twenty years in two fields of Artificial Intelligence Robotics and Cognitive Vision, can bring new perspectives to Cyber Security field. At the beginning, there was a knowledge gap between the different fields that we needed to bridge. This paper is about the lessons learnt from Robotics that can be transferred into Cyber Security as wisd...
متن کاملRegionalization of the Iowa State University Extension System: Lessons Learned by Key Administrators
The cyclical economic downturn in the United States has forced many Extension administrators to rethink and adjust services and programming. The Cooperative Extension System (CES), the organization primarily responsible for governmental Extension work in the United States, at Iowa State University responded to this economic downturn by restructuring its organization from county based to a regio...
متن کاملImportant Lessons Learned From Nearly a Half-Century of Orthopedic Practice
“Those who cannot remember the past are condemned to repeat it” [1]. The famous quote from Hispanic American philosopher George Santayana reminds us of the critical importance of constantly reflecting on the most important lessons garnered from both our own personal experiences and those of our peers. In 49 years of academic orthopedic practice, I have frequently reflected on the most important...
متن کاملLessons Learned from Robotics Applied to Cyber Security
An extensive research and development activity of almost twenty years in two fields of Artificial Intelligence Robotics and Cognitive Vision, can bring new perspectives to Cyber Security field. At the beginning, there was a knowledge gap between the different fields that we needed to bridge. This paper is about the lessons learnt from Robotics that can be transferred into Cyber Security as wisd...
متن کامل