Backup Anytime

Interview with Top Layer’s Security Strategist Ken Pappas.

VP of marketing and security strategist with Top Layer Security. Passionate about his company. Marine Captain (we are not talking about mild excursions on a dingy) in his spare time! Ken Pappas is not just an interesting interviewee. His Passion for what he does comes across in the detail he can provide without confusing the reader and IN his ability to maintain a reassuring level of authority without talking down to us. This is a great read about an authoritative figure in one of the worlds most important tech security companies.

Introductory detail

Name:  Ken Pappas
Company: Top Layer Security
Position: Vice President of Marketing and Security Strategist
Education / Qualifications: BS in Management, Engineering Studies at UMass.

Main interview

JON: What is your favourite past time (outside of Top layer!) which you enjoy when work is over?

KP: In my spare time I am a Marine Captain and enjoy spending time on my 43-foot ship.  I am also a member of the United States Coast Guard/Aux in Newburyport, Massachusetts; Birthplace of the United States Coast Guard.

JON: What type of car do you drive?

KP: BMW540

JON: What area of your work do you most enjoy?

KP: The areas of my work that I enjoy most are strategic partnerships, acquisitions, public speaking and marketing, among the functions I am responsible.

JON: In what way or areas do you feel Top Layer Security most excels over the competition?

KP: Top Layer Security excels beyond the competition with its Three Dimension Protection and by offering customers a 3rd generation IPS that protects against malicious content, undesired access and botnet-based attacks.  In addition, Top Layer is more customer-centric than the competition.  We truly care about our customers and defending their networks.  Our philosophy of treating customers like partners fuels our approach of being extremely hands on even after deployment of the Top Layer IPS solution, whereas the competition is often out of the door as soon as the PO is signed.

JON: Do you see competitive advantages in network security being discovery and information based or more a case of implementing known protection methods through more efficient methodologies?

KP: Both. Most IPS systems provide a signature base of protection, which in today’s environment is susceptible to blatant vulnerability as the sophistication, speed, creativity and social-engineering of today’s threats demand an advanced approach to security.  Top Layer’s IPS is more than an IPS and goes way beyond signatures. By combining content-based IPS, stateful firewall and attack mitigation algorithms alongside innovative acceptable application usage and protocol validation modules, the Top Layer IPS is able to protect against a myriad of threats, regardless of signature and associated variants that spawn from them, by examining the behavior and characteristics of the traffic – in many instances protecting against zero-day threats before they are able to wreak havoc within the network, unlike signature-dependent IPS solutions.

JON: Do you believe that data security has become overly complicated for small business or that protection options and automation have grown at a similar rate to threat levels?

KP: Every company now requires security and is very conscious of it with new breaches making headlines each day. However, there are not nearly enough security experts to go around, and thus small businesses must turn to managed service providers that will provide security protection they often are not able to provide themselves internally. In short, yes, data security has become a lot more complicated!

JON: Is there a specific percentage or percentage range of revenue which you believe companies should spend on I.T. security?

KP: A more fundamental question needs to be asked: How much is your data worth?  That’s always the question I ask companies when they speak with me about limiting security spending.  Some would even say “because we have never had a breach, we should postpone security spending.”  That’s like never buying car insurance because you never had an accident!  There should be no budget for security.  Companies should invest in the right security solutions that provide the best level of “insurance” for their assets.

JON: Would you consider data security for business to be the domain of in house I.T. admin with some outsourcing or best mainly outsourced with some in house admin?

KP: I believe both in-house IT admins and outsourced capabilities play an important role in security, rather than an either/or question.

JON: Which of the following in your experience is the biggest threat to data security? 1.The enemy within. 2. Targeted attacks from outside. 3. Random attacks from outside. 4.Human error

KP: This is a tough question. The enemy within is often really not from within but from innocent users that are unaware of the threats they bring.  Targeted attacks from the outside are my biggest concern and the issue we hear most from customers. With that said, I believe the next great war will be from a group of individuals, from multiple countries, from various religions that will all have a common goal, to attack a country and bring down its financial system, utilities and cause havoc in our society until panic strikes. Once a country’s quality of life is threatened, people will panic and governments will want to attack other countries and still not know who and where the enemy is.  Far fetched?  I don’t think so.

JON: What steps would you recommend to companies with concerns about data security?

KP: The first step to take regarding data security is to hire experts to perform a comprehensive security audit to identify vulnerabilities, holes and strengthen your data security ecosystem.  The next step would be to establish a security policy that meets your IT and corporate goals while maintaining compliance, which is of increasing important to businesses of all sizes.

JON: Where do you see the industry going from a technical viewpoint over the next three years?

KP: My vision is that we will see more security intelligence in our networks. We will see security solutions become more self-healing and self-aware, with self-remediation.  Threats of the future will be faster and more complex than humans can react to, and as such security will become the overlay of our networks.

Ed. Many thanks to Ken for participating and to Matt Flanagan of FAMA PR for facilitating this interview.