Our guest is Earl Matthews, senior vice president and chief strategy officer at Verodin Inc. He brings a wealth of experience to the cybersecurity discussion. From an academic perspective alone, he has three master’s degrees. From a military experience, 25 years in increasing responsibility at the Air Force. He retired as a Major General, the director of Cyber Operations and the chief information security officer.
During the interview, he talks about approaches to cybersecurity that involve continuous testing of instruments that assist in preventing attacks. He talks about “unintended consequences” of upgrading equipment in one location only to have it, inadvertently, impact security in another location. The approach fostered by his company, Verodin, is called “remove assumption, prove security.”
The concept is to not assume a system is configured correctly. Assume it is not, test it, then test again on a regular basis. This way compliance can be assured and changes in moving systems in and out of, for example, the cloud, can mitigate risk.
Verodin looks at what many in the industry call the “defensive stack.” Its platform can examine implications of changing parts of this mix. The idea is to be able to deal with an attack before it takes place.