Scott Dally on the SOC, breaches, insiders, risk and cybersecurity

  • January 17, 2019
 

Enterprise Times recently went to Omaha, Nebraska. While there, we talked with Scott Dally, Director of the Security Operations Centre for the Americas Region at NTT Security. Dally is responsible for the security offerings that NTT Security provides for its customers. This includes vulnerability management, threat detection services and enterprise security monitoring.

Dally’s team provide support to customers using Active Guard, NTT Security’s own SIEMsolution. One of the main roles of the security analysts in Dally’s team is to manage security alerts from customers. Many of these alerts come from rules generated by the SIEM used by the customer. To further enhance this, Dally has a team that do nothing but create new rules based on vulnerability alerts that come the National Vulnerability Database. Once deployed, the rules increase the level of security at customer sites.

Scott Dally, Director of the Security Operations Centre for the Americas Region at NTT Security
Scott Dally, Director of the Security Operations Centre for the Americas Region at NTT Security

Inevitably, companies will experience a security breach at some point. This is also where the SOC team comes into play. They work with customers to develop their Incident Response plans. They also help customers understand the challenge of forensics. This is a growing area in cybersecurity. When an incident occurs, many organisations are so focused on how to solve the problem that they inadvertently destroy evidence. Dally has security experts who can deploy to a client site to help deal with a breach while still retaining the evidence required to prosecute the bad guys.

In the podcast Dally also talks about a number of other issues that he sees enterprise customers facing. Many of these are problems that experienced SOC teams can solve for the business.

To hear what else Dally had to say listen to the podcast

Where can I get it?

obtain it, for Android devices from play.google.com/music/podcasts

use the Enterprise Times page on Stitcher

use the Enterprise Times page on Podchaser

listen to the Enterprise Times channel on Soundcloud

listen to the podcast (below) or download the podcast to your local device and then listen there

Audio Player

00:00

00:00

Use Up/Down Arrow keys to increase or decrease volume.