Paul Beckman
CISO, ManTech
“Complexity is the arch enemy of cybersecurity,” said Paul Beckman. He recently helped to simplify and centralize the configuration management of decentralized cloud environments, which is not an easy task considering ManTech is in every cloud across the government and commercial spaces.
Across them all, Beckman and his team implemented a state-of-the-art cloud security posture management capability that enforces required baseline configurations across all of its cloud environments and instantly tells Security Operations team the moment any of these assets is observed deviating from them.
Essentially, Beckman and his team are enabling capabilities and innovation through the simplification of ManTech’s cloud management that better mitigate, prevent or instantly alert on vulnerabilities. This is how they are driving to get further left of boom – a misconfiguration can’t be exploited if it is not there to begin with.
Why Watch
Looking ahead, Beckman and his team are truly applying the power of AI to data lakes of logs and find that needle that’s remained hidden until now. Furthermore, the team has been strongly focused on next generation security operations center monitoring efforts. The goal was to establish a cloud-native, AI-ready, flat-rate log ingestion model that can effectively train AI for easy use and powerful threat hunting capabilities, matching the speed of online searches.
ManTech is committed to reinforcing identity as the cornerstone of its Zero Trust Architecture through dynamic authorization. The company is leading the way in demonstrating how modern and dynamic Identification, authentication and authorization can be achieved on any endpoint seeking dynamic trusted access to its network assets, based on various changing attributes.
“Keep it Simple. Above all else in cyber, master these 3 basic principles well and you will mitigate 99% of all your threats,” Beckman said. “1: Harden your equities – you cannot exploit a misconfiguration that does not exist. 2.: Be able to effectively manage (i.e. patch, push policy regarding) your equities – you cannot exploit a vulnerability that is not there; and finally, 3: Be able to closely monitor your equities for when a zero day gives you no other choice.”