Along with acting as Cohesive Networks COO and CFO, Dwight is now also the Treasurer of the FBI’s InfraGard National Member Alliance. This week, Dwight is in Dallas to attend the InfraGard National Congress, a meeting for all InfraGard chapters. He is officially sworn in and was even asked to impromtu moderate a session on Insurance for Cyber Security Incidents.
Dwight’s path to InfraGard leadership has been a long time in the making. He began his career post-Masters Degree as one of the founders of the Chicago Board Options Exchange (CBOE) during its early and rapid growth years. He became an EVP, learning from some of the financial and security industry greats. This was Dwight’s first exposure to the challenges of a start-up facing the inertia and monopoly power of the ‘owners’ of the securities industry.
Dwight has been a founder of several software tools and cryptography companies along the way. At O’Connor Associates, which was later acquired by The Swiss Bank Corporation, Dwight become the person responsible for infrastructure architecture, system engineering, network Engineering, and global data center operations for the company’s Trading and Markets Divisions. Dwight saw first hand how mass market retail chips (such as Intel and ADM) eventually eliminated all the expensive custom equipment in the market. The first sector to first to fall was storage, then processing, and now networking as commoditization continues to sweep established sectors.
Through Borland Software, which acquired Patrick Kerpan’s Bedouin Inc, Dwight worked more closely with our now CEO. They collaborated again when they founded CohesiveFT. From CohesiveFT, they successfully spun out Rabbit Technologies Limited (makers of RABBITMQ) to VMware. Today, Cohesive Networks focuses on software connectivity and security.
Dwight takes on many of the security compliance projects at Cohesive Networks, including his work on the NIST Cybersecurity Framework. He’s authored the NIST Cybersecurity Framework white paper, and recently presented at CircleCityCon. Dwight is also a member of the Chicago Secret Service Electronic Crimes TaskForce.
Dwight’s tips for cloud network security:
- Assume all networks are dangerous. Protect internal networks the same way you’d guard against hackers and snoops on public internet. Google’s BeyondCorp is proof that we should dump the edge protection corporate network model.
- Focus on securing all data as it travels across networks or in shared environments. Use strong encryption, network segmentation, and defense in depth to limit interactions between critical applications.
- Segment internal networks. Most enterprises focus on perimeter defenses and overlook internal network security. But, network segmentation is the best way to protect all applications, servers, systems. Even with only basic interior firewall rules and encrypted VPN tunnels, an organization can protect themselves from the east/west exploit in the Sony hack.
- Use the NIST Cybersecurity Framework to review and update corporate risk-management approaches. The Framework combines existing security assessments, regulations and guidelines into a workable reference guide – and it’s free.
By: Margaret Valtierra