Ep. 18 Splunk’s SURGe: How to Get Immense Value from a Small Group

Ep. 18 Splunk’s SURGe: How to get immense value from a small group

A convincing argument can be made that Splunk is a leader in analyzing machine data for enterprise systems; ninety-two of the Fortune 100 use Splunk. They apply this skill set to the federal world and help enhance security and drive resilience. Because of this wide experience, they have seen many kinds of attacks like the infamous Solar Winds incident.

There are many ways to respond to this amalgamation of knowledge. One can hold that knowledge behind a paywall and charge people. What is interesting is Spunk’s Ryan Kovar decided to get a group of veteran vulnerability specialists and share that information with the Spunk community. They call it SURge.

Their goal is to be a timely advisor and provide research into cybersecurity challenges for large federal systems. Their first free white paper was, “Detecting Supply Chain Attacks.” They also have a podcast and a video series on YouTube.

For the federal IT community, the most important member of SURge is Mick Baccio, Global Security Strategist. He began his career in the federal government and has shown his expertise over two decades, culminating in being the Branch Chief, Threat Intelligence at the Executive Office of the President.

During this interview, Mick reviews the main challenges of securing federal technology:  unifying logs standards, multifactor authentication, ubiquitous encryption, and reliable asset inventory. He suggests that a platform can assist federal agencies in reaching the much-vaunted goals.

One of the best quotes from the interview is, “Security is a data problem.”