About David Monahan

David is a senior information security executive with over 15 years of experience. He has organized and managed both physical and information security programs, including Security and Network Operations (SOCs and NOCs) for organizations ranging from Fortune 100 companies to local government and small public and private companies. He has diverse Audit and Compliance and Risk and Privacy experience – providing strategic and tactical leadership, developing, architecting and deploying assurance controls, delivering process and policy documentation and training, as well as other aspects associated with educational and technical solutions. Prior to joining Enterprise Management Associates (EMA), David spent almost 10 years at AT&T Solutions focused on the network security discipline. He operationalized AT&T’s Managed Security Services, where he ultimately supported over 700 customers globally. In 2004, he leveraged that experience to provide support to the SMB market, working internally to bolster struggling security organizations. Since then he has been sought after by public and privately held companies and local government – including Network Appliance, McData and Jefferson County Colorado – to help them manage their information security, compliance privacy and IT risk programs.

The Truth Behind the Scope of the Endpoint Problem in the Enterprise


The Evolution of the “Endpoint” Over the past few years, the perception of what an “endpoint” is, and therefore the definition, has changed. The original perception was a user workstation independent of operating system. With the expansion of functionality, data persistence, Internet connectivity, and ultimately the threats against them, that definition no longer applies. Laptops [...]



A Tribute to IoT Device Security Researchers


This blog in the Internet of Things (IoT) series comes as a tribute to security researchers everywhere. The autumn’s largest security-focused show is the Black Hat Security conference. If you are not familiar with Black Hat, it is a tech conference that started in 1997 and covers numerous security topics in various presentations that are fairly to [...]



By | January 3rd, 2017|Uncategorized|0 Comments

IoT Enterprise Risk Report


ForeScout recently released an IoT Enterprise Risk Report based on research from ethical hacker Samy Kamkar. Based on Kamkar’s findings, the report on IoT security issues could readily be renamed something like, “IoT: the bane of the enterprise environment,” or “IoT brings new meaning to the term ‘Enterprise Risk’.” The report discusses a significant number of negative findings [...]



By | December 19th, 2016|APT, Internet of Things, IoT, Malware, Persistent Threat, Security|0 Comments

The Top 5 IoT Lessons I Learned From Hollywood


In my last IoT blog, I talked about the history of IoT and the evolution of issues surrounding IoT devices. In this part of the series, we will expand on the issues around IoT and the data it collects. Research firms estimate that there will be between 20 billion and 30 billion IoT devices on Earth by 20201 and that they will [...]



Effective Security Requires a Change in Mindset and the Protection Paradigm


Nearly every day another successful breach is reported. In 2016 alone, organizations from major governmental agencies such as the IRS and Department of Defense, to major retailers including Wendy’s, have succumbed to attack. These organizations are not alone; every major business and governmental sector has been compromised. Large tech companies such as LinkedIn and Oracle, [...]



By | August 24th, 2016|APT, BYOD, IoT, Malware, Payments, Persistent Threat, Security|0 Comments

IoT Devices in the Network: Can you find them?


In the last year or so, the topic of Internet of Things (IoT) received a lot of attention. Both the concept of the topic and scope of what should be included in IoT changed dramatically in that time. The first commercialization of IoT were wearables such as GoogleGlass. Shortly thereafter came the next wave, with devices such [...]



By | August 10th, 2016|Endpoint Protection, Internet of Things, IoT, Security|0 Comments

The Desperate Need for Accuracy and Efficiency in Security for Detecting Network Intruders and Other Threat Actors Quickly


According to 2015 research reports published by Ponemon, Mandiant, and others, median intruder dwell time in a target network prior to detection ranges from just under to just over 200 days. That is a little over six months and as everyone agrees, totally unacceptable. How is it that an intruder can get into a network [...]



By | April 14th, 2016|Uncategorized|0 Comments

HEAT Software Meets the Need for Endpoint Protection Head-On


In many organizations, endpoints see virtually constant change. Users access, download, and utilize applications, data, drivers, files, toolbars, widgets, etc., introducing both new security threats and undocumented changes in systems and processes. For better or for worse, all of these activities leave their mark on the endpoint. HEAT has engaged in endpoint security at a [...]



By | December 11th, 2015|APT, Endpoint Protection, Malware, Persistent Threat|0 Comments

The Rise of Thingbots in the Internet of Things (IoT)


The Internet can be a pretty scary place. Places like the dark web exist in the form of trading houses with stolen personal information from credit cards and social security numbers, to health records and full identities being obtained for a price. Malware development and deployment and other attack services such as DDoS and botnets [...]



By | November 20th, 2015|Data Sharing, Internet of Things, IoT, Security, Uncategorized|0 Comments

EMA Research Shows that Cyber Security is Achieving Executive Visibility in a Big Way


One of the services that EMA provides to the tech industry is research. During the course of the year, numerous projects are launched to help IT consumers and vendors understand market perceptions. EMA then provides analysis and forecasts on trends based upon those perceptions. These projects have been continued in 2015. EMA has already had [...]



By | November 20th, 2015|APT, Endpoint Protection, Malware, Security|0 Comments
Load More Posts