2 days ago
Devin Ertel. Image: Menlo Security
Menlo Security’s Devin Ertel talks about the growing trend of zero trust and how the threat landscape has changed.
Devin Ertel is the chief information security officer for Menlo Security, a web security vendor founded in 2013 in California.
Menlo Security has taken a zero-trust approach to security, which centres on the idea that an organisation should trust nothing inside or outside its perimeters and must instead seek verification for everything.
It’s an approach that many top experts agree is the future of cybersecurity, and several CIOs and security leaders Siliconrepublic.com has interviewed in recent years have agreed that it’s the best way forward, including Slack’s Larkin Ryder and BT’s Dónal Munnelly.
In fact, a recent IBM report found that companies that adopted a zero-trust security approach were better positioned to deal with data breaches.
Ertel is another major advocate for zero trust and sees it as a game changer for the security industry. Prior to Menlo Security, he was CISO at fintech player BlackHawk Network and head of security and IT at Guidebook, a venture-backed global SaaS company, where he built and oversaw the security programme.
He also held security positions in several Fortune 100 organisations as well as the US Federal Reserve, where he had hands-on experience mitigating large, high-profile breaches and dealing with global threat actors.
In his current role at Menlo Security, he is responsible for providing internal cybersecurity guidance and policy insights to both the company and its customers. “I’m also focused on reducing the company’s risk and security exposure,” he said.
‘Imagine not having to worry about threats because you’re able to prevent attacks from getting in’
– DEVIN ERTEL
Menlo Security is already doing a lot right. My focus is to make it even better and harden our best practices and procedures. I am, and have been since before the pandemic, very focused on zero trust.
One of the things I especially like about Menlo Security is our approach to security. It is all about prevention. How do we stop threats from getting in, rather than how do we stop and remediate threats after they’ve gotten in.
I am also focused on how to help our customers ensure that they have the best protected environment. That means reducing online threats to their users and their business.
Menlo has a security team of around 20 and still growing. We have open positions with more to come.
This change was bound to happen and only accelerated during the pandemic. This also changes the threat landscape considerably for security teams. We have more to protect, and in ways we have not seen before.
In this era of remote and hybrid work, and digital transformation, technology is not just a support for business, but the foundation of a business. It interconnects multiple local data centres, remote cloud applications, the supply chain, remote customers and all connections between them.
Without the right security posture, this can be an environment ripe for attack. Think about all the attacks we are seeing today.
I go back to zero trust as something I believe is a big game changer. Imagine not having to worry about threats because you’re able to prevent attacks from getting in.
Another trend happening is security is now a C-suite and boardroom issue. Every company is thinking about what happens if it is attacked, particularly in the wake of recent high-profile ransomware attacks we’ve all heard about.
Most work today is happening in the browser. Companies need solutions that prevent web-based threats from reaching users while protecting the organisation’s productivity.
But security should not diminish the user experience or productivity. However, experience has taught me that organisations are often under the impression that productivity or user experience must be sacrificed to achieve security. I don’t believe that is true.
I’m eager to build a security programme that not only addresses industry challenges, but also enables our customers to do the same for their respective businesses. Menlo Security provides an innovative, differentiated approach to securing work for the modern business and I’m excited to be a part of the journey.
First, if you don’t need it, don’t store it. Secondly, understand where all your data is, who has access to it and what technical controls are in place.
From there, continue to improve your processes and procedures around data governance.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
In-Depth: Five-Minute CIO
Related: breaches, security, CIO, cyberattacks, infosec, leadership
8 Oct 2021
1 Oct 2021
24 Sep 2021
18 Aug 2021
20 Aug 2021
16 Aug 2021
1 day ago
1 day ago
1 day ago
1 day ago
1 day ago
1 day ago
1 day ago
1 day ago
1 day ago
1 day ago
1 day ago
1 day ago
2 days ago
2 days ago
2 days ago
2 days ago
2 days ago
2 days ago
2 days ago
2 days ago
2 days ago
2 days ago
2 days ago
2 days ago
All content copyright 2002-2021 Silicon Republic Knowledge & Events Management Ltd. Reproduction without explicit permission is prohibited. All rights reserved.
Designed by Zero-G and Square1.io