Security Experts:

Danelle Au's picture

Danelle Au

Danelle is VP of Strategy and Marketing at SafeBreach. She has more than 15 years of experience bringing new technologies to market. Prior to SafeBreach, Danelle led strategy and marketing at Adallom, a cloud security company acquired by Microsoft. She was also responsible for security solutions at Palo Alto Networks, driving growth in critical IT initiatives like virtualization, network segmentation and mobility. Danelle was co-founder of a high-speed networking chipset startup, co-author of an IP Communications Book and holds 2 U.S. Patents. You can follow her at @DanelleAu.

Recent articles by Danelle Au

  • Like Ebenezer Scrooge on that fateful Christmas Eve, you may vow to make the changes necessary to un-do the burden of a kill-chain forged in life and declare as Scrooge did the next morning.
  • Attackers are thinking outside the box, using sophisticated breach methods and taking advantage of a very collaborative ecosystem. Perhaps it’s time to supplement all our security defenses with a hacker-centric security paradigm.
  • If your organization is not equipped to deal with the security of Emergent IT, it is probably not equipped to deal with the security of mainstream applications sanctioned by IT.
  • As long as companies continue to pay ransoms when attacked, we should expect cyber extortion to continue in 2015.
  • A data breach plan lays out the key steps and the key personnel to involve when a data breach happens, and needs to incorporate three elements.
  • When it comes to SaaS applications versus on-premise, there are three characteristics that define the need for a different approach to data governance, risk management and security in the cloud.
  • Cloud adoption should be a collaborative rather than prescriptive process between employees and IT. With the right mindset and strategy, what employees want and what IT wants can become a proper union in a Venn diagram.
  • The recent iCloud attack brings up very important considerations on data security, not only for consumers, but for any enterprise that uses the cloud.
  • Cloud service providers play a key role in delivering security, but as part of the shared responsibility model, they are not liable for access to and usage of the cloud application.
  • Enterprises can gain tremendous competitive advantages by having IT focus on the things that matter – users and information rather than infrastructure maintenance and building.
  • As the era of Internet of Things dawns, the amount of data and other cloud applications developed for unique industries will increase and bring a new era of privacy and security concerns.
  • As SaaS adoption grows, so do the security concerns. But there is so much confusion around SaaS security that many enterprises are focusing on the wrong problems. Here are the three biggest myths when it comes to SaaS security...
  • The protection of connected ( Internet of Things) devices is likely better performed at a network level rather than an endpoint level due to the variety of devices that may exist and the limited endpoint security functions that can be supported.
  • Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
  • Enterprises must find the right balance to deliver a mobile security environment that meets productivity and flexibility needs without putting devices, apps, or data at risk.
  • Zero Trust advocates for a segmented network, and security built into the architecture rather than an afterthought. It also advocates for some key principles built around the concept of “never trust, always verify”.
  • While there may be some interesting predictions and trends being proposed for 2014, what may be more helpful as you prepare for 2014 are the practical ways to plan for network security.
  • The most effective CISOs today can’t just be experts in security. Organizations need a versatile security leader that speaks a new language-- one that is a blend of technology and business.
  • If local, state and global governments can share critical information collaboratively among their entities and with the private sector, this can provide actionable intelligence on current and future attacks. But there continues to be significant challenges with global cybersecurity collaboration:
  • Many have opined that security is the killer app for SDN… is this true? SDN allows many security use cases to be implemented in a manner that requires fewer configuration changes, and fewer networking headaches.
  • How does network virtualization differ from software defined networking (SDN) and network functions virtualization? And, more importantly, how does it impact network security?
  • Unlocking the promise of the cloud requires a closer integration between virtualization and security elements and delivering the right security feature set.
  • Securing a hybrid cloud environment may be different from your traditional private cloud infrastructure. The security challenges include a dependency on networks that are outside your immediate control and may be accessed outside of the normal corporate access methods.
  • The next big thing for network security is automation and orchestration. It may not be sexy, but it will become the key enabler to truly realize the vision of your next-generation data center.
  • The building blocks for a robust cybersecurity strategy are not uniquely different from security requirements for a traditional enterprise...