Hello Security Community Members,

We have had an active spring that featured our first bootcamp session, So You Want to Be a CISO, two Coffee With shorts, and some great articles on breaches, ransomware, privacy regulations, and more. Next up THIS Thursday, we are very lucky to have world-renowned expert Edna Conway, VP, Chief Security & Risk Officer, Azure at Microsoft present on mitigating third party risk. This will not be recorded and the presentation will not be shared, so make sure you register and attend live.

As we delve deeper into the summer and early fall, we are hoping to experiment with some in-person programming. To best help us gauge you comfort and interest, please complete this return-to-work/events survey.

I am excited to welcome MassTLC Security Community Sponsor, Devo. Read more about them below.

Hope to see you all in person soon!

Best regards,
Sara Fraim
Sr. Director
MassTLC


Edna Conway, Vice President, Chief Security and Risk Officer for Microsoft’s Azure, is responsible for the security, resiliency, and governance of the cloud infrastructure and supply chain upon which Microsoft’s Intelligent Cloud business operates. And she is dedicating one hour of her time to share her best practices. 

Stay Informed and Get Involved
  • MassTLC Tech Top 50: Nominations are open! This year, we will recognize 50 companies, individuals, and innovations across 8 categories along with two special individual honorees. More information and nomination forms here.

  • So You Want to be a CISO: What is the exact role of a CISO? And how do you know if this is the right path for you? Whether you are going to be leading an entire organization's security program or a piece of it, this is an important overview of what to expect and where to focus. Watch here.
 
  • Coffee With...Kevin O'Brien and Kathy Teehan: Coffee With…, a new series of short videos for our Security Community that features a security lead discussing one or two issues that are impacting them. Our first features GreatHorn CEO Kevin O’Brien asking Kathy Teehan, Senior Program Manager at Chewy, where she is spending time focusing on Chewy’s security program. Watch here.

  • Being a CISO during major transitions Co-founder and CTO of Veracode, Chris Wysopal, has been through growing a company, being acquired, spun out, and acquired again, and has been on the other side acquiring other companies. Kevin O’Brien, CEO of Great Horn and MassTLC Security Co-Chair talks with Chris about the role of a CISO during these transitions. Watch here.

  • Crisis Management & Business Resiliency: MIT’s "Crisis Management and Business Resiliency" program is comprehensive and provides up-to-date assessments and knowledge on issues that affect you and your organization — the COVID-19 Pandemic, cyber security, supply chain, leadership, data breach, communications, news media, social media — from the experts involved with these efforts. Register and learn more
Industry News and Resources
  • The Best Way to Stay Breached. Cyberattacks are hitting the headlines around the world and there seems to be no end to the noise that these attacks are making. Worse than the noise is of course the damage these attacks are causing to the impacted organisations who evidently need to change some of their behaviours and strategies to help close the gap. Read more.

  • EU Considers Significant Regulations for AI. On April 21, 2021, the European Commission released a highly-anticipated proposal for a regulation governing artificial intelligence (AI). The proposal has been drafted by the Commission and its advisers, and plays a central role in the Commission’s ambitious European Strategy for Data. Read more.

  • United Nations Working Group Approves Cybersecurity Report. On 12 March 2021, the United Nations Open-ended Working Group (“OEWG”), adopted by consensus its Final Substantive Report on cybersecurity (“Report”). The Report provides recommendations for peaceful use of information and communications technologies (“ICTs”) and has been heralded as “the first time that a process open to all countries has led to agreement on international cybersecurity.” Read more.

  • Cyber Shield Act to be re-introduced in Congress. Originally introduced in 2019 by Senator Markey (D-MA) and Congressman Lieu (D-CA), and now backed by interest from the Biden White House, the Cyber Shield Act will give consumers a seal of approval for more secure products, as well as encourage manufacturers to adopt the best cybersecurity practices so they can compete in the marketplace for safety. Read more.

  • Ransomware: How Backup and Disaster Recovery Solutions Can Help Minimize Risk of Ransomware. According to the New York Times, ransomware attacks increased by 41% in 2019. In 2021, the projected, ransomware attacks are estimated to cost $40 billion dollars worldwide—this according to a Cybersecurity Ventures study. Read more.
DEI Initiatives and Offerings
  • Juneteenth Resources Page: June 19th, or Juneteenth as it is widely known, commemorates the end of slavery in the United States. Many companies celebrate the day by recognizing it as a paid holiday, supporting community organizations focused on racial justice, holding company-wide events to promote conversations on race, or by providing resources for employees to learn more about social justice issues. Access resources here. 

  • MassTalent. This is a platform designed for hiring companies to access a directory of organizations that provide training, placement, and funding for pipeline and workforce development. The organizations and programs listed here have a core mission of helping those in underrepresented or non-traditional populations move into the tech industry. Learn more about MassTalent here
Welcome Devo
Who is Devo?
Devo is the only cloud-native logging and security analytics platform that releases the full potential of an organization's data to empower bold, confident action. With an unrivaled scale to collect all data without compromise, speed to give immediate access and answers, and clarity to focus on the signals that matter most, Devo is an ally in protecting your organization today and tomorrow. Headquartered in Cambridge, Mass., Devo is backed by Insight Partners, Georgian, and Bessemer Venture Partners.

Why are you excited to be part of the MassTLC security community?
Devo is proud to call Boston home and to be a part of one of the greatest innovation hubs across the globe. We're excited to join our peers in the security community as we come together to face one of the greatest challenges facing the world's organizations—cybersecurity. We look forward to sharing our ideas and experience with the region's leaders in security and learning from their unique sets of knowledge and expertise.

What are you hoping you can share and receive from the MassTLC security community?
Devo helps protect Global 2000 companies across industries like banking, retail, insurance, and manufacturing. In the past year we've experienced explosive growth, with more than 130% year-over-year growth, announcing a $60 million round of funding, bringing on security and logging veteran Marc van Zadelhoff—former IBM Security GM—as our new CEO, and increasing our headcount by more than 50%. We hope to share our experience during this exciting time with our peers as well as the startup community that might be earlier on in their funding. 

We also look forward to sharing our global research with the MassTLC security community, including our report on organizations shifting their security tools to the cloud. Members can attend a webinar reviewing the findings by registering here. We're also getting ready for our 3rd annual SOC Performance Report. The 2020 report can be viewed here.
Thank You to Our Co-Chairs
Thank You to Our Community Sponsors
Thank You to Our Global Sponsors