As part of the schedule of events for Symco’s upcoming regional Technology Showcases, SCN editor Lindsey Adler will be sitting down with cybersecurity experts for high level discussions about the issues that AV integrators and consultants are clamoring to learn more about as they increasingly face network security challenges. The first event will be held on April 5, 2016 in Philadelphia, and the second in Washington, D.C., on April 7, 2016.
In preparation, here’s a short Q&A of what attendees can expect to hear more about from Jim Meyer of Coordinated Response, at the Philadelphia showcase. But first, we’ll learn a little more about him.
Jim Meyer is the managing director at Coordinated Response, a firm focused on developing and automating cybersecurity incident response plans. He served on the executive team for Integic Corporation. Subsequently, when Integic was acquired, he served on the management team for Northrop Grumman. Working with Integic and Northrop Grumman, Meyer gained experience in cybersecurity and case management solutions, both incorporating business process management and automation. Projects included work in the public and private sectors. Prior to joining Integic Jim served on the executive team for three successful software product companies. Jim received a Graduate Certificate in Cybersecurity Policy and Strategy from UMBC and he is Certified in Risk and Information Systems Controls (CRISC).
SCN: Explain your role within your organization?
Jim Meyer: Coordinated Response is a cybersecurity incident response planning and consulting firm. When a network is hacked, a planned response is a best practice and good business. We help companies develop and test their response plan or other contingency plans, like business continuity or disaster recovery. We also help organizations with cybersecurity assessments. I am a consultant and a practitioner, but I’m also the general manager or chief executive.
SCN: What has been the most surprising shift in technology since your career began?
JM: The smartphone, because it is the culmination of advances over the past 30 years, and it is the catalyst for the shift in how we communicate and get things done. Not one of us doesn’t depend on our smartphone, yet 10 years ago, we had a cell phone, a camera, a video camera, a Walkman or maybe an iPod, a Play Station, and a landline. Most of those are gone. And it’s not over. The smartphone reflects the advances in computing power, telecommunication speeds, especially wireless telecom, and the rapid adoption of and to this technology by businesses in general and by consumer-focused companies in particular.
SCN: What do you think of when you hear “AV technology”?
JM: I’m dating myself, but my first thought is the AV club in my high school. These were the geeks and nerds that set up the auditorium for its given purpose. Microphones, speakers (some were wall mounted, but not all), maybe a movie projector or slide projector were set up and tested – “testing 1, 2, 3; testing.”
But I also think about a wall of video monitors displaying a single picture in detail. How does that get done? I think of wireless sound systems that outperform high end, wired speakers from the previous century. AV is an area where I am an avid consumer and an ignorant technologist.
SCN: What do you think is most misunderstood about cybersecurity?
JM: I’m not sure that is the question. Cybersecurity, too often, is an afterthought. It needs to be front of mind.
When you connect equipment to a network or you extend a network to incorporate additional equipment and connections what protections are necessary? How sensitive is the information? What are the needed data flows and just as importantly what are the un-needed flows? Should the network extension be in its own segment protected by a firewall?
A conference room with remote participants may be a low risk if it’s used for webinars or product training. But, if the training material is proprietary that raises the bar. And if it is used by a law firm to discuss client cases, the network and information need substantial protection.
The answers should result in a cost-benefit analysis that identifies and justifies the right security measures. So, think about information and information security from the outset.