Brian Contos

Want to Join?

Over the last two decades Brian Contos helped build some of the most successful and disruptive cybersecurity companies in the world. He is a published author and proven business leader.

After getting his start in security with the Defense Information Systems Agency (DISA) and later Bell Labs, Brian began the process of building security startups and taking multiple companies through successful IPOs and acquisitions including: Riptech, ArcSight, Imperva, McAfee and Solera Networks. Brian has worked in over 50 countries across six continents and is a fellow with the Ponemon Institute and ICIT.

This is a weblog of Brian Contos. The opinions expressed are those of Brian Contos and may not represent those of CSOonline.com.

Inadequate intelligence integration

SIEMs sometimes suck

SIEMs sometimes suck

By leveraging these capabilities your SIEM rules won’t be based on “hope” but rather empiric evidence. You will be sure you are getting the right source data and preforming the relevant correlations necessary to trigger on real...

Defensive regression in cybersecurity

Defensive regression in cybersecurity

There has been a lot of talk lately about defensive regression in cybersecurity. But what exactly is defensive regression? It's not the regression that Sigmund Freud talks about, although there are plenty of folks that don't act like...

Diversity, STEM and Ada Lovelace Day

Diversity, STEM and Ada Lovelace Day

Celebrate diversity. Get kids interested in STEM. Help them become aware of the people that are changing the world.

Man in the middle attacks on mobile apps

Man in the middle attacks on mobile apps

Man in the middle attacks (MiTM) are a popular method for hackers to get between a sender and a receiver. MiTM attacks, which are a form of session hijacking are not new. However, what might not be known is that mobile devices are...

Mobile app reversing and tampering

Mobile app reversing and tampering

Mobile applications are, well, applications. And like any application they need to be protected. I’ve been blogging about attacks on mobile like mobile malware, mobile pharming and mobile phishing and I even wrote a blog on data...

Data at rest encryption for mobile devices

Data at rest encryption for mobile devices

Data at rest encryption is about as far from a cutting-edge topic as one can get. But while encrypting inactive data that is stored digitally is regarded by most security professionals as a must have, as well as data in use and...

Mobile malware – same attacks – different pathogens

Mobile malware – same attacks – different pathogens

I’ve been blogging about mobile attacks and how they can be different than attacks on more traditional platforms. For example, I wrote about: Mobile phishing – same attacks – different hooks Mobile pharming – same attacks –...

Mobile pharming – same attacks – different seeds

Mobile pharming – same attacks – different seeds

I recently wrote a blog on mobile phishing titled: Mobile phishing – same attacks – different hooks. There was so much feedback that I’ve decided to a write a few more posts around mobile security differences. Since I’ve already...

Mobile phishing – same attacks – different hooks

Mobile phishing – same attacks – different hooks

I spent the last two weeks talking with CISOs, application developers, mobility experts and IoT thought leaders like SRI’s Dr. Ulf Lindqvist. One thing was for certain – mobile is receiving a lot of attention from the...

Mitigating insider threats - a technical perspective

Mitigating insider threats - a technical perspective

Security practitioners must always think dynamically when it comes to trying to develop solutions to counter this threat. Implementing technology solutions at different levels and overlapping functions will best cast a tight-weave...

Federal agencies continue to be lost fighting cyber threats

Federal agencies continue to be lost fighting cyber threats

It will be disappointing if the federal government doesn’t markedly improve its cyber security preparedness. While there has been a lot of attention drawn to hacking back the attackers, implementing cyber sanctions, and bolstering...

Load More