IT Life: John McLeod, AlienVault CISO

John McLeod, CISO

John McLeod, Chief Information Security Officer at AlienVault, talks about his IT career and the biggest challenges he’s facing today

What is your role and who do you work for?

I am the chief information security officer (CISO) for AlienVault, Inc. We’re in the business of simplifying security for organisations of all sizes, with crowd sourced threat intelligence and unified security management tools.

John McLeod, CISO

How long have you been in IT?

I’ve been involved with computer security for over 20 years.

What is your most interesting project to date?

Wow, there are so many. In computer security, I worked on some of the most highly publicised cyber-attacks, including: Moonlight Maze, Titian Rain, Night Dragon, TJX and Operation Aurora.

What is your biggest challenge at the moment?

Security control mapping continues to be a point of interest. There are many different security and compliance certifications with overlapping technical and administrative controls. It’s very tedious work mapping these controls to a framework suitable across many customers. There are a ton of folks that have already mapped many controls to the NIST Cybersecurity framework .

What technology were you working with ten years ago?

Wireless; I was a consultant back then, educating businesses on how easy it was to hack Wired Equivalent Privacy (WEP) protocol.

What is your favourite technology of all time?

Hands down; the smartphone!

How will the Internet of Things affect your organisation?

Cloud apps and the Internet of Things put software defined perimeter (SDP) to the top of the priority list. A SDP relies on both identity and device interrogation in order to provide access.

What smartphone do you use?

I’m an Apple fan so the iPhone 7 Plus.

What three apps could you not live without?

OneNote, Waze and Chrome – all are free and all provide great value.

What new technology are you most excited for a) your business and b) yourself?

I’m very excited to see AlienVault released a cloud version of USM. It’s the first SaaS platform that monitors security across cloud, hybrid cloud, and on-premises IT infrastructure from a single location. There are so many advantages to moving your security monitoring to the cloud that is just makes sense.

If you weren’t doing the job you do now, what would you be doing?

I love the outdoors so something in the wilderness. Now that I’m done dreaming, I would be a police officer. I have a knack proving or disproving allegations.

Quiz: What do you know about the cloud?