Welcome!

@CloudExpo Authors: Yeshim Deniz, Elizabeth White, William Schmarzo, Kevin Jackson, Liz McMillan

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Cloud Security

@CloudExpo: Article

Most Powerful Voices in Security

Who are the Top 25?

The security community has a growing number of influential and important people, especially as the industry rises to meet the need to address more advanced security threats, such as targeted attacks. But how does a company in the security industry truly identify the influential people? And then once identified, how does one use influential voices to help promote their brand? In this study, we answer the first question - how to identify the most powerful voices in your industry, focusing on the security space, and as part of this we provide you a list of people to follow for the best, most up to date information, and who have the loudest voices to help help carry some of your key messages. In a future study, we will discuss how to further exploit that knowledge to market your brand.

As executives in a fast-changing and social world, many of us struggle with the ability to have our voices heard by our target customers, especially as news in our industry is gaining more attention (e.g. a "hot space"). You would think that if you were a part of an emerging category, that people would pay attention to you. However, getting above the "noise" is a problem for some companies.

Until now we've found ourselves using traditional and often ineffective marketing and sales tools. With firms like Radian6, Eloqua, Marketo and the like, CMOs are being presented with new ways of leveraging social networks to understand, target, and reach their markets.

According to leading researchers, some individuals in your target industry have greater influence than others, holding a virtual megaphone powered by their social graph. The term "social graph," coined a few years ago by Facebook CEO, Mark Zuckerberg, is also referred to as the "open graph," and is used to describe an aggressive initiative to connect the dots between the relationships and associations built on Google+, Facebook, Twitter, Linkedin, Foursquare, other public social networking services, and emerging private enterprise social networks like Salesforce's Chatter, Yammer, and others. Emerging companies like Klout also use the open graph to measure the number of people you reach, how much those people amplify your message, and ultimately the strength of your network.

When you look at established industries like Security, more well-known people, like executives of incumbent security companies, are considered the influencers, while others who are less known exist in niches in the blogosphere or in newly formed circles. Examples of niche groups might include the Cloud Security Alliance, or U.S. congressman Mac Thornberry's Cybersecurity Task Force. You can argue that some people in these niche groups might not even be considered security "experts" or "thought leaders". However, by being associated with an area which is highly visible from a security perspective (e.g. cloud), their voices can still carry significant weight.

Our thesis is that these smaller groups in security can have the most powerful voices. Collectively; however, ALL these groups consist of a number of the most vocal, most followed and re-posted commentators in the security community today. If you are involved in security (as a new startup or an established player), there are a select number of people you need to know.

In compiling our ranking of the Most Powerful Voices ("MPV") in security, we took advantage of concepts similar to Google PageRank for people, working with researchers and thought leaders such as Mark Fidelman (see "The Most Powerful Voices in Open Source").

The metrics needed to measure both broadcast power and profundity were identified through a number of studies performed across several industry categories. Although there have been many advancements in the area of social marketing, the work presented here still requires techniques not yet offered by any single social graph tool available today.

The MPV formula is based on "reach" by examining the number of followers and buzz an individual has on sites like Google and Twitter. We then determine how much impact an individual has with their followers and subscribers. We ask questions like: If you have a twitter account, how often are you uniquely referenced, or retweeted? How much buzz is created around your blog posts, tweets, Quora answers, Linkedin groups, and other messages? How often is an individual referenced in the blogosphere?

Top Executive Voices in Security
The MPV formula illustrates how much additional broadcast power an individual has versus an average active person (defined later). For example, Eugene Kaspersky, CEO of Kaspersky Lab, has 5,035 times more broadcast power reach than the average person, while Enrique Salem, CEO of Symantec, has a respectable 855 times more broadcast power than the average person. At the surface, security executives are good targets when searching for powerful voices. However, most, if not all, powerful executives are governed or constrained on what they can say. You won't find CEOs of publicly traded companies providing transparent dialog about their opinions on controversial topics (although Leo Apotheker, CEO at HP, may prove me wrong on one or both of these points). In addition, it's quite difficult to get executives to speak on your particular topic, or about your brand. [Note: We included Ex-CEO from McAfee, David DeWalt, because we assume we'll hear of his next high-profile placement and we can update the company then].

Top Media/Blogger Voices in Security
Then there's the power of active security bloggers like Bruce Schneier ("Schneier on Security") who has a voice which is 8,252 times the average. Yes, that's more than Eugene Kaspersky! Why? Because he's willing to speak his mind on topics where people want transparent and insightful perspective. Also, a dialog can occur between the average person and a blogger. It's easier to reach even the most well known bloggers or editors of news and media properties.

Top Voices in Cloud and Security
We looked at the top 100 voices in cloud computing and searched for those discussing security. Some voices were found to be as high as 5,700 times the average person. As an example, Reuven Cohen, founder and CTO of Enomaly, may not be solely focused on the security industry, but security is the number one issue when it comes to cloud adoption. So why is Reuven's voice stronger than Eugene Kaspersky? We speculate that this is based on the fact that Reuven is a very ungoverned and vocal voice at an early-stage startup, and that the audience for these voices may assume that startups generally help define the trends and direction of the industry.

Top Government Leaders and Security
We debated whether to include government officials due to their more general public following. Government leaders have a much different audience than those following security executives. However, many government officials are actively involved in security. For example, Susan Collins, who is a ranking member of the Homeland security and Governmental Affairs Senate Committee, is a co-author of comprehensive cybersecurity legislation, which resulted in much debate in prominent media outlets such as Forbes and the Washington Post.

In addition, as we searched for people who are addressing topics in cyber security, we found people such as U.S. Representative for California's 49th congressional district, Darrell Issa and, of course, the 30th Deputy Secretary of Defense, William Lynn III, who currently maintain voices 31,195 and 25,935 times that of the average person, respectively.

Therefore, we ultimately decided to include government officials because when they communicate they generate a lot of attention.

Chief Information Security Officers
Our survey of over 100 CISOs resulted in the top 10 voices exceeding 1,300 times  that of the average person (e.g. See Mandiant CSO, Richard Bejtlich, and Facebook CISO, Joe Sullivan). CISOs or CSOs are prominent figures in the enterprise now. With the rise of advanced persistent threats (APTs), these executives are under growing pressure to lock down their company's intellectual property. In our recent discussions with several Fortune 100 CISOs, some believe there are several APTs lying dormant and undetected in their enterprise today. Look at the recent example of a highly sophisticated and targeted attack on Google's corporate infrastructure originating from China that resulted in the theft of intellectual property back in early 2010.

Therefore, when CISOs transparently talk about their findings (which may not happen often due to security reasons!), people will listen (see Yahoo! CISO, Justin Somaini's, survey on Information Security Function, Governance and Risk Management, Culture and Communication, Metrics and KPI's).

Security Analysts
Lastly, we surveyed over 75 of the top security analysts with the top 10 having voices which ranged from 347 to 710 times the average person. This is no surprise when you see analysts like Gartner's Neil MacDonald openly discussing sensitive topics like what RSA did wrong following the SecurID breach earlier this year.

The Most Powerful Voices in Security

(see the table below infographic for #1-#100)

Most Powerful Voices in Security

The Rest of the Top 100

Keep in mind the rankings are relative to the others on the list. That means everyone on the list has a much higher criteria impact than the average active person. Also, note that most of the dimensions that make up the MPV are from the past 90 days.

Rank

Most Powerful Voices In Security

MPV Score

1

Darrell Issa

1,405,336

2

William Lynn III

1,168,351

3

Bruce Schneier

371,731

4

Brian Krebs

261,450

5

Reuven Cohen

257,846

6

Eugene Kaspersky

226,808

7

Graham Cluley

224,717

8

Susan Collins

212,000

9

Werner Vogels

210,574

10

Christofer Hoff

122,306

11

Jeremiah Grossman

104,862

12

Richi Jennings

100,294

13

James Hamilton

80,600

14

Jeff Jones

75,658

15

Richard Stiennon

73,186

16

Stephen Foskett

72,678

17

Kevin Poulsen

72,158

18

Dana Gardner

67,704

19

Robert McMillan

66,140

20

Sramana Mitra

59,920

21

Richard Bejtlich

59,761

22

David Harley

57,098

23

Paul Miller

56,050

24

Dino A. Dai Zovi

53,015

25

Bret Hartman

49,820

26

Lenny Zeltser

48,171

27

Paul Henry

43,185

28

Brian Gracely

42,800

29

Alex Williams

42,105

30

Chris Wolf

41,252

31

Simon Crosby

40,124

32

Enrique Salem

38,520

33

Kim Zetter

37,496

34

Dan York

37,474

35

Krishnan Subramanian

35,901

36

Lori MacVittie

35,661

37

Todd Gebhart

35,330

38

Tyler Shields

34,912

39

David Kravets

33,481

40

Andrew Hay

33,136

41

Jay Radcliffe

32,285

42

Neil MacDonald

32,000

43

Branden Williams

31,810

44

Rich Mogull

31,131

45

Dr Anton Chuvakin

31,088

46

Dave Hansen

30,900

47

John Pescatore

29,650

48

Tim Wilson

29,430

49

David DeWalt

28,930

50

Scott Stewart

28,295

51

David Lacey

28,020

52

Bernard Golden

27,181

53

Patrick Murray

27,010

54

Dan Goodin

25,880

55

Derrick Harris

25,251

56

Avivah Litan

25,180

57

Matt Flynn

24,314

58

Abhishek Singh

23,610

59

Mac Thornberry

22,950

60

Tom Ritter

22,310

61

Scott Charney

21,850

62

Siobhan Gorman

21,120

63

Ellen Rubin

20,862

64

W. Mark Brooks

20,730

65

Greg Young

20,666

66

George Kurtz

20,615

67

Andrew Storms

19,130

68

Bob Blakley

18,540

69

Joe Sullivan

18,120

70

Mike Murray

17,922

71

Brian Babineau

17,913

72

Jessica Davis

17,790

73

Rob Rachwald

17,590

74

Dustin Amrhein

17,116

75

Mike Rothman

17,047

76

Luther Martin

16,910

77

Steve Ragan

16,790

78

Jon Oltsik

16,723

79

Tony Palmer

16,510

80

Eric Hall

16,204

81

Ian Glazer

15,884

82

Robin Wilton

15,644

83

Jim Reavis

15,584

84

Colin Watson

15,560

85

Phil Wainewright

15,551

86

Lauren Whitehouse

15,237

87

Kevin L. Jackson

15,130

88

Tom Cross

15,030

89

Earl Perkins

14,530

90

Ignacio M. Llorente

14,429

91

Mark Diodati

13,910

92

Barton George

13,898

93

Chirag Mehta

13,808

94

Eva Chen

13,600

95

Dan Blum

13,180

96

Jay Heiser

13,120

97

Mark McLaughlin

13,050

98

Byron Acohido

13,026

99

Nikolay Grebennikov

11,360

100

Kevin Kampman

9,600

Our study included over 140 security company executives, 320 bloggers and people in media, 100 of the top people in cloud computing, 30 people involved in specialized organizations like IBM's X-Force, over 20 government officials, over 130 leading CISOs, and 75 industry analysts from notable firms such as Gartner, IDC, Forrester, ESG, and others. In total we researched over 800 people.

Please note that our ranking is not the final word on the subject, but the beginning of a discussion. For example, a Director at Symantec (who will remain anonymous) assisted us in double-checking our work, and couldn't help but be of the opinion that Enrique Salem, Steve Trilling, and Rowan Trollope belong as 1-3 on every list (lol). So why isn't Michael DeCesare or George Kurtz from McAfee on the list? Eva Chen from Trend Micro? Harriet P. Pearson, Nick Coleman, or Phil Neray from IBM? Did we miss anyone? You maybe? What did we get wrong? Please give us your thoughts by commenting below.

Other MPV Criteria

Must be an active social media individual now (Buzz metrics were taken from last 90 days).

We included corporate twitter accounts only when it was clear that it represents the voice of the individual.

They are known to speak on topics within the security community.

We removed irrelevant hits where necessary such as those for similarly-named individuals.

We're defining the average active person as an active Internet user with an average level of impact, influence and use of social tools.

Next Steps

Are you wondering why some people made it on the Top 100 when they have less to do with security than others who didn't make the list? We hypothesize that a strong voice (who may not be a security expert) can actually speak to an audience who does care about security. In this case, they may be more useful than a week voice (who is an expert). Sure, we want to follow the experts and thought leaders to gather further domain knowledge, trends, and vision. But lets take the use case where you would like to challenge the status quo on a security topic....say, in the cloud computing space. Do you engage Eugene Kaspersky on the topic? Maybe.  But maybe you also engage Paul Miller. In a future study, we will discuss how to further leverage your network of influencers.

Be Proud If You Are In a Top Category

Are you one of the "Most Powerful Voices in Security"?

Add a note or a badge (below) to your website or blog to let people know that you are one of the most powerful voices in the security community.

Follow some of the more vocal security voices by automatically adding our twitter list here.

 

More Stories By Jim Kaskade

Jim Kaskade currently leads Janrain, the category creator of Consumer Identity & Access Management (CIAM). We believe that your identity is the most important thing you own, and that your identity should not only be easy to use, but it should be safe to use when accessing your digital world. Janrain is an Identity Cloud servicing Global 3000 enterprises providing a consistent, seamless, and safe experience for end-users when they access their digital applications (web, mobile, or IoT).

Prior to Janrain, Jim was the VP & GM of Digital Applications at CSC. This line of business was over $1B in commercial revenue, including both consulting and delivery organizations and is focused on serving Fortune 1000 companies in the United States, Canada, Mexico, Peru, Chile, Argentina, and Brazil. Prior to this, Jim was the VP & GM of Big Data & Analytics at CSC. In his role, he led the fastest growing business at CSC, overseeing the development and implementation of innovative offerings that help clients convert data into revenue. Jim was also the CEO of Infochimps; Entrepreneur-in-Residence at PARC, a Xerox company; SVP, General Manager and Chief of Cloud at SIOS Technology; CEO at StackIQ; CEO of Eyespot; CEO of Integral Semi; and CEO of INCEP Technologies. Jim started his career at Teradata where he spent ten years in enterprise data warehousing, analytical applications, and business intelligence services designed to maximize the intrinsic value of data, servicing fortune 1000 companies in telecom, retail, and financial markets.

Comments (4) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Most Recent Comments
JimKaskade 09/14/11 03:43:00 PM EDT

MATT FLYNN comments, ...."[This is a list] based on reach and not knowledge, usefulness of analysis, or trustworthiness."....and that "the word 'influencers' brought me right back to Gladwell's book The Tipping Point and made me wonder if this is really a list written for marketers rather than for security decision makers. Even if that is the case, then it's probably a good idea to follow the people on the list as they might identify emerging trends - perhaps by analysis, but as Gladwell points out, perhaps by causation (whether intentional or not)." http://goo.gl/oyiuw

JimKaskade 09/14/11 10:45:00 AM EDT

Kim Zetter says that aside from Bejtlich, most people on the list are people she doesn't listen to at all, and that some of the smartest and most influential people are the ones who don't have a public persona at all.

I can't argue with Kim. I think the security space is inherently low-key. I recently met with a security expert who works a lot with the government. He purposely has NO presence on the web...no social graph.

So there are maybe three camps here...the unspoken, but influential (which Kim refers to), the very vocal (who generally are less of an expert), and then there are those who are well-known in security and vocal.

JimKaskade 09/13/11 10:05:56 AM EDT

Justin Somaini, Yahoo! CISO, had a great point yesterday. "It is interesting that people who actually "do" security are much lower than those who just talk about it. That begs the question if the industry is a self fulfilled prophecy of self exploitation. Unless the conversation is based on substance then we end up with an over discussed and incorrect problem. ala APT's."

The analogy...it's like asking a Hollywood rock star to wear your new brand of jeans. Do they know about style, fit, organic denim material? No. But they do understand the value, and they like to talk about their fashion, and they have a loud VOICE.

So, if you have a new product in the Security space, or a new perspective, and you would like to have an open dialog about it, does it make sense to have that conversation with the "Hollywood Rock Star" who has the loud voice? It might help you get some attention around your topic, your product.

I don't know....it's the question I'm curious to answer, and the strategy, as a CEO, that is new to high-tech companies trying to get "above the noise"....without creating more noise.

JimKaskade 09/09/11 11:44:00 AM EDT

Just heard from Mikko H. Hypponen, Chief Research Officer from F-secure.

Mikko has a powerful voice in the security industry - an obvious oversight.

We will have to add him into the next iteration ;-)

@CloudExpo Stories
Amazon started as an online bookseller 20 years ago. Since then, it has evolved into a technology juggernaut that has disrupted multiple markets and industries and touches many aspects of our lives. It is a relentless technology and business model innovator driving disruption throughout numerous ecosystems. Amazon’s AWS revenues alone are approaching $16B a year making it one of the largest IT companies in the world. With dominant offerings in Cloud, IoT, eCommerce, Big Data, AI, Digital Assista...
Artificial intelligence, machine learning, neural networks. We’re in the midst of a wave of excitement around AI such as hasn’t been seen for a few decades. But those previous periods of inflated expectations led to troughs of disappointment. Will this time be different? Most likely. Applications of AI such as predictive analytics are already decreasing costs and improving reliability of industrial machinery. Furthermore, the funding and research going into AI now comes from a wide range of com...
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
We build IoT infrastructure products - when you have to integrate different devices, different systems and cloud you have to build an application to do that but we eliminate the need to build an application. Our products can integrate any device, any system, any cloud regardless of protocol," explained Peter Jung, Chief Product Officer at Pulzze Systems, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
SYS-CON Events announced today that Ayehu will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on October 31 - November 2, 2017 at the Santa Clara Convention Center in Santa Clara California. Ayehu provides IT Process Automation & Orchestration solutions for IT and Security professionals to identify and resolve critical incidents and enable rapid containment, eradication, and recovery from cyber security breaches. Ayehu provides customers greater control over IT infras...
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex software systems for startups and enterprises. Since 2009 it has grown from a small group of passionate engineers and business...
SYS-CON Events announced today that GrapeUp, the leading provider of rapid product development at the speed of business, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company, specialized in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market acr...
"We are a monitoring company. We work with Salesforce, BBC, and quite a few other big logos. We basically provide monitoring for them, structure for their cloud services and we fit into the DevOps world" explained David Gildeh, Co-founder and CEO of Outlyer, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
SYS-CON Events announced today that Enzu will exhibit at SYS-CON's 21st Int\ernational Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive advantage. By offering a suite of proven hosting and management services, Enzu wants companies to focus on the core of their ...
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists examined how DevOps helps to meet the de...
Cloud Expo, Inc. has announced today that Andi Mann and Aruna Ravichandran have been named Co-Chairs of @DevOpsSummit at Cloud Expo Silicon Valley which will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. "DevOps is at the intersection of technology and business-optimizing tools, organizations and processes to bring measurable improvements in productivity and profitability," said Aruna Ravichandran, vice president, DevOps product and solutions marketing...
Automation is enabling enterprises to design, deploy, and manage more complex, hybrid cloud environments. Yet the people who manage these environments must be trained in and understanding these environments better than ever before. A new era of analytics and cognitive computing is adding intelligence, but also more complexity, to these cloud environments. How smart is your cloud? How smart should it be? In this power panel at 20th Cloud Expo, moderated by Conference Chair Roger Strukhoff, pane...
SYS-CON Events announced today that Cloud Academy named "Bronze Sponsor" of 21st International Cloud Expo which will take place October 31 - November 2, 2017 at the Santa Clara Convention Center in Santa Clara, CA. Cloud Academy is the industry’s most innovative, vendor-neutral cloud technology training platform. Cloud Academy provides continuous learning solutions for individuals and enterprise teams for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and the most popular cloud com...
What's the role of an IT self-service portal when you get to continuous delivery and Infrastructure as Code? This general session showed how to create the continuous delivery culture and eight accelerators for leading the change. Don Demcsak is a DevOps and Cloud Native Modernization Principal for Dell EMC based out of New Jersey. He is a former, long time, Microsoft Most Valuable Professional, specializing in building and architecting Application Delivery Pipelines for hybrid legacy, and cloud ...
SYS-CON Events announced today that IBM has been named “Diamond Sponsor” of SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California.
In his session at Cloud Expo, Alan Winters, an entertainment executive/TV producer turned serial entrepreneur, presented a success story of an entrepreneur who has both suffered through and benefited from offshore development across multiple businesses: The smart choice, or how to select the right offshore development partner Warning signs, or how to minimize chances of making the wrong choice Collaboration, or how to establish the most effective work processes Budget control, or how to ma...