Security Experts:

Chris Poulin's picture

Chris Poulin

Chris Poulin brings a balance of management experience and technical skills encompassing his 25 years in IT, information security, and software development to his role as Chief Security Officer at Q1 Labs. Prior to joining Q1 Labs in July 2009, Poulin spent eight years in the U.S. Air Force managing global intelligence networks and developing software. He left the Department of Defense to leverage his leadership and technical skills to found and build FireTower, Inc., an information security consulting practice.

Recent articles by Chris Poulin

  • A lesson from bee police and sewage scrutiny are what we need to figure out ways to tag or watermark data so we can detect illicit activity.
  • If I have to sit through another presentation on information security that opens with the canned two or three slides peddling FUD, I’m going to launch myself across the table and unleash my own brand of FUD on the speaker. It’s not the bad guys who are winning, it’s the alarmists.
  • Specifics are critical to understanding the threat, responding to it, and assessing impact. The expression goes, “perfect is the enemy of good”; I submit that vague is the enemy of security.
  • There’s no one size fits all disaster survival plan: a server compromise is vastly different than full scale nuclear attack, and both require situationally appropriate responses.
  • Before you join the stampede with all the organizations who have bought into the concept of unifying personal and business devices, consider that one size can risk all.
  • Security should be a fascinating, dynamic, and creative pursuit. I say have fun, be creative, be criminal in your thoughts, but not your actions. The black hats who have you in their targets are having a blast.
  • It’s appropriate that the same type of analytics that can be used to monitor health choices and diagnose medical conditions can also detect medical fraud and exposure of ePHI.
  • Part 1: Why the Star Trek Medical Tricorder Didn’t have an App Store. The future of information security is looking brilliant: by the 23rd century there will be no computer hacks—at least according to Star Trek.
  • A cloud provider will treat each of your files the same, as they will all their customers’ data. The most striking disparity in the comparison between data in the cloud and money in the bank is that the bank knows the value of what you’re depositing.
  • When it comes to security, executive management can be compared to restaurant patrons; they just want to know the perfect food and wine pairing and be assured that both are available.
  • SIEM has gotten a bad rap as difficult to deploy and maintain. Like most old wives’ tales, there is some truth at the root. Implementing early SIEMs and gaining value from them was as painful, however, all technology evolves, and today’s SIEMs have been designed to be easier to deploy and maintain.
  • While there are already taxonomies for classifying vulnerabilities, this is not the case with events. We should all tap into our inner analyst to devise and embrace new categorization models.
  • The concept of a data diode isn’t new, but it’s been adopted recently in the critical infrastructure sector, and in so doing limiting the visibility needed to protect against targeted attacks. Data diodes may help protect critical infrastructure from certain attacks, but are they really practical?
  • Information security is scads more complicated than monitoring an animal that drags its mobile home around wherever it goes. On one hand we’re concerned about tracking the activities of the bad guys, but continuous monitoring is really about ensuring your assets are prepared, and not just at a moment in time.
  • I envision data as an object composed of some sort of universal code, the data, and accompanying properties. To protect the information and code, it could only be run on a system controlled by the data's owner, perhaps using a method similar to public/private key pairs, with everything being encrypted.
  • To effectively defend yourself against an enemy, you have to think like your adversary. Put yourself in their mind, their shoes. What’s the motive? How determined are they? Will they stop at a well-hardened network perimeter or move on to other tactics, including social engineering? Once you suffer a breach, how do you share your analysis?
  • Utility companies are not used to thinking in terms of data security; they've been historically concerned with the protection of hardware like transformer stations, utility poles, and electric wires, as well as consumer fraud. But soon, they'll have to change their mindset.
  • A properly deployed SIEM can add tremendous value to an organization’s security program. This week, Chris describes how you can get the most out of an SIEM solution through proper deployment strategies.
  • SIEM vendors are all jumping on the Security Intelligence tag line, but what does it really mean? Can SIEM bring the analog of human intelligence to cyber threats and the security visibility of business intelligence to the executive boardroom?