Druce MacFarlane
Want to Join?
Opinions expressed by ICN authors are their own.
Druce MacFarlane is the Director of Security Products with Gigamon. He has more than two decades of progressive product management and marketing leadership experience with network and cybersecurity organizations ranging from large corporations to smaller startups, including FireEye, Bricata, Aruba and Netscout.
Druce previously ran the products organization at Cyphort and helped McAfee transition during its spin out from Intel Corporation.
The opinions expressed in this blog are those of Druce MacFarlane and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.
Are network-based security detection tools going dark?
For years, network security and detection solutions have been able to rapidly identify threats entering your network, before they hit your infrastructure or end users. The increased adoption of network encryption technologies like TLS...
The Three Mile Island event and cybersecurity incident response
Managing the deluge of data and alerts in a SOC can be challenging for any size organization. Observing the lessons learned from the Three Mile Island nuclear facility can help drive home some best practices for how to avoid common...
The 3 hidden costs of incident response
Every business function seeks to apply finite resources to maximum benefit, and to do that effectively in security, like threats, requires a keen understanding of those costs that are known and those that are hiding.
The value of 20/20 hindsight in cybersecurity
Security will find indications of compromise revealed in public disclosures exponentially more valuable if they find a way to go back and compare historical data against the new intelligence.
Maslow’s hierarchy of needs for incident response
The advent of laterally spreading malware requires the security community to progressively build out incident response to include more thorough scoping to determine the true extent of an event and threat hunting to find those threats...
Why it’s harder for threats to hide behavior on a corporate network
If signatures in cybersecurity are like fingerprints in a criminal investigation, behavioral detection is like profiling – it’s harder to hide, but it’s not foolproof either.
Why a controversial cybersecurity prediction about IDS from 2003 is still relevant
The complicating factors that prompted a technology analyst to label the market as obsolete 14 years ago still persist today; it remains a rallying cry for greater security innovation.
The interdependency of people, policy and products amid a cybersecurity talent shortage
As the shortage of skilled security staff widens, the effects on policy and products in overall security organization must be factored into the choice to pursue alternative sources of talent.
Change management: Equifax highlighted the vulnerability gap between disclosure and patch
The Equifax breach highlighted a gap between the disclosure of a vulnerability and the implementation of a patch as a result of change management process. Adversaries seek out unpatched targets in this period of time which...
Why even smaller enterprises should consider nation-state quality cyber defenses
The modern threat landscape has evolved to the degree that even smaller enterprises may find themselves victim to a previously unthinkable attack.