Jason Chan, a key member of the Torq Advisory Board, has spent more than 20 years working in pivotal cybersecurity roles. One of his most important positions was leading the information security organization at the video streaming behemoth Netflix for more than a decade. His Netflix team set the bar extraordinarily high, focusing on sophisticated risk assessment and management, and compliance management strategies and approaches.

“If you fail to plan, you plan to fail,” said Benjamin Franklin. These words cannot be overstated in most business fields, especially when it comes to automation. Process automation has the potential to enhance operations in most organizations, but problems can emerge when they don’t plan and strategize around their automation objectives.

MITRE is a world-renowned research organization that aims to help build a safer world. It is probably best known in the information security industry for being the organization behind the industry-standard CVE (Common Vulnerabilities and Exposures) list. Each entry on the list is supposed to include an explanation of how the vulnerability could be exploited. These attack vectors are tracked and defined in another well-known knowledge base called ATT&CK, which is also maintained by MITRE.

Torq is extremely proud to have Jason Chan on our advisory board. Jason has more than 20 years of experience working in cybersecurity. He’s one of the world’s leading experts in adopting security automation, cloud security, and enhancing security in modern software development practices. Jason’s most recent career experience was leading the information security organization at Netflix for more than a decade.

Organizations face a growing threat from cybercriminals while struggling to find qualified security professionals who can protect their infrastructure and sensitive data. This blog will explore the concept of a Security Operations Center (SOC) and the role of SOC analysts in securing your organization. We will also discuss how your organization can leverage automation to improve SOC effectiveness and fill in the gaps when you cannot support a full staff of security professionals.

A single cloud security incident can stop an enterprise in its tracks, sometimes resulting in irreparable damage to its operation, reputation, and customer loyalty. One key strategy for preventing such incidents is combining complementary cybersecurity tools to defeat threats at scale. A coherent Cyber Security Incident Response Planning (CSIRP) approach requires enterprises to select and integrate the right tools before a security incident occurs.