This isn’t Belfiore’s first brush with Tanium, which Target implemented in the wake of its 2013 breach. Prior to joining Aon, Belfiore used Tanium to track software licenses at First Data and to wipe out shadow IT at JP Morgan Chase.
Mike Sherwood, CIO, City of Las Vegas
Managing IT for municipal organizations presents its own sets of challenges. Employees need to access various websites to find information that helps them complete their work. For example, law enforcement officials will often conduct searches that lead to Dark Web sites, a Wild West where criminals lurk and set traps with known and unknown malware. Such threats, along with phishing schemes, ransomware and a legion of dangerous payloads keep Las Vegas CIO Mike Sherwood on his toes. As Sherwood puts it, “I can’t always be at everyone’s desk to make sure they are clicking on the right links.”
Sherwood has one ace in the hole in the form of software from Darktrace, which he began using in his former role as the CIO of the City of Irvine, Calif. The application monitors inbound and outbound traffic on his computer network, a crucial task he couldn’t achieve with his one full-time security engineer and four contract workers.
Darktrace uses artificial intelligence and machine learning capabilities to learn more from vulnerabilities as they are discovered. His staff programmed Darktrace to watch for certain threats, alert administrators and make multiple recommendations for remediation. “It's as good as any human engineer as far as learning and adapting,” Sherwood says.
Darktrace worked well enough at Irvine that it was among the first tools Sherwood purchased when he took the CIO job in Las Vegas in 2016. He says the city’s footprint is much larger because of Las Vegas “smart city” initiative to wire downtown with sensors that monitor traffic flow and other activities. “It's coming with me no matter where I go,” Sherwood says, of Darktrace.
Vince Skinner, vice president of information security, D.A. Davidson,
As cyber attacks go, D.A. Davidson may have already experienced its worst fear. In 2007, Latvian hackers breached the financial services firm using a SQL injection attack to access the company’s database, an infiltration that cost the company $375,000 in fines. In 2008, the firm hired Vince Skinner to build out its cybersecurity program.
Skinner says that while he was given a lot of latitude and resources to shore up D.A. Davidson’s digital defenses, an open checkbook doesn’t guarantee success. “Even with money you need people, processes and technology” to adequately protect a company, Skinner says.
Sign up for CIO Asia eNewsletters.