I started this month at Rapid7 as Vice President, Managed Services, responsible for the strategic vision and execution of Rapid7's managed services offerings globally. Rapid7 has a number of managed services offerings, as well as managed services partners who use Rapid7 in their solutions. My first few weeks have validated what brought me to Rapid7 and I'm thrilled about what is ahead.
For those that don't know me, I've spent most of my career in security in a wide variety of roles. Prior to Rapid7, I was VP, Business Development for Gemalto's identity and data protection business, which I joined via the SafeNet acquisition, where I led partner strategy and execution globally including strategic alliances, technology partners and OEM & service provider sales. Previously, I spent time in management consulting where I was the cyber security practice lead at PRTM (now part of PwC); in security products as VP of Products & Markets at Fidelis Security Systems (now Fidelis Cybersecurity); and as an end user at General Electric where I led the global computer security program, as well as held various positions in technology strategy and operations. I'm also a faculty member at IANS where I help provide actionable advice to information security, risk management, and compliance leaders.
So what brought me to Rapid7? Beyond a very exciting opportunity to lead the managed services business, the people and culture were key to drawing me to Rapid7. I'll admit that the first time I heard about the Moose Manifesto that I thought it was a little hokey. But as I got to spend time in the interview process, I realized how awesome it is. (tl;dr on the manifesto – Moose is the same word both singular and plural. We are all in this together to create a phenomenal company.) I was so impressed with how everyone I met was not only talented, but aligned with driving success at Rapid7 for our customers, the company and each other. I've also gotten to witness it through a number of industry friends, including Jen Ellis (Vice President, Public & Community Affairs), Josh Feinblum (Vice President, Information Security), Bob Rudis (Chief Security Data Scientist), and Lee Weiner (Chief Products Officer.)
I am also very passionate about the broader security community. I love the technology challenges we face and the continual improvement required in security due to adversary innovation. But on top of that we have a chance to work together as a community to make the world a safer place. This was always important, but with "software eating the world" and widespread adoption of the Internet of Things, working together to learn from each other's successes and mistakes is critical. Rapid7's community involvement is awesome. It's not just projects like Metasploit and conferences like Security BSides, it also includes research and public policy initiatives too. It's really embedded in the culture of the company. It was clear it was a culture I wanted to be a part of.
So what is ahead for me at Rapid7? To start, I'm inspired to be part of a company building security solutions to positively impact organizations of all sizes. As I started to think about what was next in my career, I knew I wanted to do something that delivered what I refer to as "Security for the 99%." Wendy Nather's "Living below the Security Poverty Line" research in 2011 really impacted me because she articulated what I saw when I worked as an end user, vendor and IANS faculty member with organizations struggling to budget for, attract and/or retain security talent. Yet when I walked on the exhibit floor at Black Hat in 2015, I was taken aback by the number of companies building tools pretty much solely for the "security 1%"— the largest companies and government agencies that can hire and afford to retain the limited security talent available.
What amazed me was how poorly a number of these solutions scaled downward, leaving the overwhelming majority of organizations unable to properly leverage solutions to protect themselves. This is a critical problem—so many organizations are connected either through customer relationships or supply chains, and adversaries will move to the weakest link. Security is difficult and complex, and Rapid7 has demonstrated great leadership in making it achievable with products for all sized organizations—from the largest enterprises to small companies—illustrated by 5,300 organizations in 100 countries worldwide using Rapid7 solutions. I'm elated to be part of the team to help grow this more, and make even more organizations successful.
And I'm privileged to lead Rapid7 Managed Services organization, which has an amazing team that brings our expertise and on-going management to make our solutions even more broadly adoptable. I also get to collaborate with our sales and business development teams to enable other managed service providers (leveraging some of my skills from my business development days) to enable them to enhance their customer's security insight and posture.
As I mentioned, in some ways my journey to Rapid7 started with Black Hat in 2015 (even though I didn't talk with them until a few months ago). So I'm looking forward to attending next week to engage with the security and Rapid7 communities. It would be great to see you at Black Hat, BSides Las Vegas, or DEF CON. You can also find me online at @djetue and via LinkedIn.