ISSA Middle Tennessee Chapter
Matt Alderman Advocates for Forward-looking Security Approach
As the opening keynote speaker at InfoSec Nashville 2019, Alderman plans to provide an update on the latest technology trends and how they will impact information security. To hear Alderman talk about his security background and his plans for the keynote address, listen to the latest episode of the InfoSec Nashville Podcast.
Alderman thinks most security experts spend time trying to figure out how to apply old methods to new technology, like deploying more endpoint solutions and adding more firewalls. He takes a different approach.
“I didn’t take a look at what security was doing, I actually stepped back and said, ‘What is technology doing? What is happening in technology?’ I have this foundational belief that security has always been an afterthought in the way technology has been deployed,” he said.
Alderman has worked in the security industry since 1996, but he’s especially passionate about his job at Security Weekly, a company that produces six podcasts each week on various security topics.
“All of us believe that doing the right thing, protecting customer data, trying to secure our environments is a noble cause,” he said. “We really enjoy what we do because we enjoy bringing the latest and greatest news and product announcements and topics to our audience.”
As technology moves toward the cloud and away from the network, Alderman believes three types of security controls will matter most in the future: Application security, user identity security and data security.
“Those three are going to be static no matter what. All the other different things are going to be variables. So if [we] can focus on those three, as an industry, I think we can actually get ahead of attackers, because we are much more integrated in attacking those three things that are going to survive transformation,” he said.
In order for the security industry to get ahead of new technology, though, its practitioners need to better understand the goals of the companies they work for, Alderman said.
“We don’t have a seat at the table. We are not working with the business units and the development teams to really understand how we can integrate and embed security into this new process and new technology,” he said.
To help combat this, security teams should focus on finding efficient ways to present security data to developers, because the integration of the two teams’ toolsets would benefit the whole company, Alderman said.
Better communication and collaboration among the different parts of a company will also help security practitioners develop specific solutions instead of just creating technology without knowing what problem it solves, he said.
“You can have the best technology in the world, but if you can’t prove that it provides value to the organization, they’re not going to buy it.”
Matt Alderman will deliver the opening keynote address at InfoSec Nashville 2019, held on Sept. 13 at the Music City Center. Register now to attend the conference.