Organizations are increasingly prioritizing incident response capabilities by putting breach-investigation firms on retainer, or creating their own internal teams, says Patrick Morley, president and CEO of Bit9 + Carbon Black.
"Traditionally, incident response was something that was done in a very reactive way," Morley says. "You typically brought in outside parties to do it, and what we've seen over the last 12 months is a real dramatic change in the incident response market where both corporations - as well as incident response firms - are getting much more proactive in the way in which they're building out their practices."
In an interview recorded at Infosecurity Europe, Morley also details:
- The rapid rise in the number of investigations happening inside a typical organization;
- Making the business case for on-staff incident responders to proactively hunt for adversaries and breaches;
- The need to use predefined methodologies, platforms and processes for response.
Prior to serving as president and CEO of Bit9 + Carbon Black, Morley held senior leadership positions with six venture-backed software companies, including three that had successful IPOs. He came to Bit9 from software vendor Corel, where - as chief operating officer - he led the company's global sales, marketing and operations functions for the Americas, Europe, the Middle East, Africa and Asia. Morley also played a significant role in the company's turnaround, acquisition strategy and eventual IPO. Prior to Corel, Morley was CEO of Imprivata a healthcare information security company. He also held senior management positions at technology firms Macromedia, Allaire, Rational Software and SQA.