Welcome!

@CloudExpo Authors: Liz McMillan, APM Blog, Elizabeth White, Xenia von Wedel, Mauro Carniel

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Cloud Security

@CloudExpo: Article

Most Powerful Voices in Security

Who are the Top 25?

The security community has a growing number of influential and important people, especially as the industry rises to meet the need to address more advanced security threats, such as targeted attacks. But how does a company in the security industry truly identify the influential people? And then once identified, how does one use influential voices to help promote their brand? In this study, we answer the first question - how to identify the most powerful voices in your industry, focusing on the security space, and as part of this we provide you a list of people to follow for the best, most up to date information, and who have the loudest voices to help help carry some of your key messages. In a future study, we will discuss how to further exploit that knowledge to market your brand.

As executives in a fast-changing and social world, many of us struggle with the ability to have our voices heard by our target customers, especially as news in our industry is gaining more attention (e.g. a "hot space"). You would think that if you were a part of an emerging category, that people would pay attention to you. However, getting above the "noise" is a problem for some companies.

Until now we've found ourselves using traditional and often ineffective marketing and sales tools. With firms like Radian6, Eloqua, Marketo and the like, CMOs are being presented with new ways of leveraging social networks to understand, target, and reach their markets.

According to leading researchers, some individuals in your target industry have greater influence than others, holding a virtual megaphone powered by their social graph. The term "social graph," coined a few years ago by Facebook CEO, Mark Zuckerberg, is also referred to as the "open graph," and is used to describe an aggressive initiative to connect the dots between the relationships and associations built on Google+, Facebook, Twitter, Linkedin, Foursquare, other public social networking services, and emerging private enterprise social networks like Salesforce's Chatter, Yammer, and others. Emerging companies like Klout also use the open graph to measure the number of people you reach, how much those people amplify your message, and ultimately the strength of your network.

When you look at established industries like Security, more well-known people, like executives of incumbent security companies, are considered the influencers, while others who are less known exist in niches in the blogosphere or in newly formed circles. Examples of niche groups might include the Cloud Security Alliance, or U.S. congressman Mac Thornberry's Cybersecurity Task Force. You can argue that some people in these niche groups might not even be considered security "experts" or "thought leaders". However, by being associated with an area which is highly visible from a security perspective (e.g. cloud), their voices can still carry significant weight.

Our thesis is that these smaller groups in security can have the most powerful voices. Collectively; however, ALL these groups consist of a number of the most vocal, most followed and re-posted commentators in the security community today. If you are involved in security (as a new startup or an established player), there are a select number of people you need to know.

In compiling our ranking of the Most Powerful Voices ("MPV") in security, we took advantage of concepts similar to Google PageRank for people, working with researchers and thought leaders such as Mark Fidelman (see "The Most Powerful Voices in Open Source").

The metrics needed to measure both broadcast power and profundity were identified through a number of studies performed across several industry categories. Although there have been many advancements in the area of social marketing, the work presented here still requires techniques not yet offered by any single social graph tool available today.

The MPV formula is based on "reach" by examining the number of followers and buzz an individual has on sites like Google and Twitter. We then determine how much impact an individual has with their followers and subscribers. We ask questions like: If you have a twitter account, how often are you uniquely referenced, or retweeted? How much buzz is created around your blog posts, tweets, Quora answers, Linkedin groups, and other messages? How often is an individual referenced in the blogosphere?

Top Executive Voices in Security
The MPV formula illustrates how much additional broadcast power an individual has versus an average active person (defined later). For example, Eugene Kaspersky, CEO of Kaspersky Lab, has 5,035 times more broadcast power reach than the average person, while Enrique Salem, CEO of Symantec, has a respectable 855 times more broadcast power than the average person. At the surface, security executives are good targets when searching for powerful voices. However, most, if not all, powerful executives are governed or constrained on what they can say. You won't find CEOs of publicly traded companies providing transparent dialog about their opinions on controversial topics (although Leo Apotheker, CEO at HP, may prove me wrong on one or both of these points). In addition, it's quite difficult to get executives to speak on your particular topic, or about your brand. [Note: We included Ex-CEO from McAfee, David DeWalt, because we assume we'll hear of his next high-profile placement and we can update the company then].

Top Media/Blogger Voices in Security
Then there's the power of active security bloggers like Bruce Schneier ("Schneier on Security") who has a voice which is 8,252 times the average. Yes, that's more than Eugene Kaspersky! Why? Because he's willing to speak his mind on topics where people want transparent and insightful perspective. Also, a dialog can occur between the average person and a blogger. It's easier to reach even the most well known bloggers or editors of news and media properties.

Top Voices in Cloud and Security
We looked at the top 100 voices in cloud computing and searched for those discussing security. Some voices were found to be as high as 5,700 times the average person. As an example, Reuven Cohen, founder and CTO of Enomaly, may not be solely focused on the security industry, but security is the number one issue when it comes to cloud adoption. So why is Reuven's voice stronger than Eugene Kaspersky? We speculate that this is based on the fact that Reuven is a very ungoverned and vocal voice at an early-stage startup, and that the audience for these voices may assume that startups generally help define the trends and direction of the industry.

Top Government Leaders and Security
We debated whether to include government officials due to their more general public following. Government leaders have a much different audience than those following security executives. However, many government officials are actively involved in security. For example, Susan Collins, who is a ranking member of the Homeland security and Governmental Affairs Senate Committee, is a co-author of comprehensive cybersecurity legislation, which resulted in much debate in prominent media outlets such as Forbes and the Washington Post.

In addition, as we searched for people who are addressing topics in cyber security, we found people such as U.S. Representative for California's 49th congressional district, Darrell Issa and, of course, the 30th Deputy Secretary of Defense, William Lynn III, who currently maintain voices 31,195 and 25,935 times that of the average person, respectively.

Therefore, we ultimately decided to include government officials because when they communicate they generate a lot of attention.

Chief Information Security Officers
Our survey of over 100 CISOs resulted in the top 10 voices exceeding 1,300 times  that of the average person (e.g. See Mandiant CSO, Richard Bejtlich, and Facebook CISO, Joe Sullivan). CISOs or CSOs are prominent figures in the enterprise now. With the rise of advanced persistent threats (APTs), these executives are under growing pressure to lock down their company's intellectual property. In our recent discussions with several Fortune 100 CISOs, some believe there are several APTs lying dormant and undetected in their enterprise today. Look at the recent example of a highly sophisticated and targeted attack on Google's corporate infrastructure originating from China that resulted in the theft of intellectual property back in early 2010.

Therefore, when CISOs transparently talk about their findings (which may not happen often due to security reasons!), people will listen (see Yahoo! CISO, Justin Somaini's, survey on Information Security Function, Governance and Risk Management, Culture and Communication, Metrics and KPI's).

Security Analysts
Lastly, we surveyed over 75 of the top security analysts with the top 10 having voices which ranged from 347 to 710 times the average person. This is no surprise when you see analysts like Gartner's Neil MacDonald openly discussing sensitive topics like what RSA did wrong following the SecurID breach earlier this year.

The Most Powerful Voices in Security

(see the table below infographic for #1-#100)

Most Powerful Voices in Security

The Rest of the Top 100

Keep in mind the rankings are relative to the others on the list. That means everyone on the list has a much higher criteria impact than the average active person. Also, note that most of the dimensions that make up the MPV are from the past 90 days.

Rank

Most Powerful Voices In Security

MPV Score

1

Darrell Issa

1,405,336

2

William Lynn III

1,168,351

3

Bruce Schneier

371,731

4

Brian Krebs

261,450

5

Reuven Cohen

257,846

6

Eugene Kaspersky

226,808

7

Graham Cluley

224,717

8

Susan Collins

212,000

9

Werner Vogels

210,574

10

Christofer Hoff

122,306

11

Jeremiah Grossman

104,862

12

Richi Jennings

100,294

13

James Hamilton

80,600

14

Jeff Jones

75,658

15

Richard Stiennon

73,186

16

Stephen Foskett

72,678

17

Kevin Poulsen

72,158

18

Dana Gardner

67,704

19

Robert McMillan

66,140

20

Sramana Mitra

59,920

21

Richard Bejtlich

59,761

22

David Harley

57,098

23

Paul Miller

56,050

24

Dino A. Dai Zovi

53,015

25

Bret Hartman

49,820

26

Lenny Zeltser

48,171

27

Paul Henry

43,185

28

Brian Gracely

42,800

29

Alex Williams

42,105

30

Chris Wolf

41,252

31

Simon Crosby

40,124

32

Enrique Salem

38,520

33

Kim Zetter

37,496

34

Dan York

37,474

35

Krishnan Subramanian

35,901

36

Lori MacVittie

35,661

37

Todd Gebhart

35,330

38

Tyler Shields

34,912

39

David Kravets

33,481

40

Andrew Hay

33,136

41

Jay Radcliffe

32,285

42

Neil MacDonald

32,000

43

Branden Williams

31,810

44

Rich Mogull

31,131

45

Dr Anton Chuvakin

31,088

46

Dave Hansen

30,900

47

John Pescatore

29,650

48

Tim Wilson

29,430

49

David DeWalt

28,930

50

Scott Stewart

28,295

51

David Lacey

28,020

52

Bernard Golden

27,181

53

Patrick Murray

27,010

54

Dan Goodin

25,880

55

Derrick Harris

25,251

56

Avivah Litan

25,180

57

Matt Flynn

24,314

58

Abhishek Singh

23,610

59

Mac Thornberry

22,950

60

Tom Ritter

22,310

61

Scott Charney

21,850

62

Siobhan Gorman

21,120

63

Ellen Rubin

20,862

64

W. Mark Brooks

20,730

65

Greg Young

20,666

66

George Kurtz

20,615

67

Andrew Storms

19,130

68

Bob Blakley

18,540

69

Joe Sullivan

18,120

70

Mike Murray

17,922

71

Brian Babineau

17,913

72

Jessica Davis

17,790

73

Rob Rachwald

17,590

74

Dustin Amrhein

17,116

75

Mike Rothman

17,047

76

Luther Martin

16,910

77

Steve Ragan

16,790

78

Jon Oltsik

16,723

79

Tony Palmer

16,510

80

Eric Hall

16,204

81

Ian Glazer

15,884

82

Robin Wilton

15,644

83

Jim Reavis

15,584

84

Colin Watson

15,560

85

Phil Wainewright

15,551

86

Lauren Whitehouse

15,237

87

Kevin L. Jackson

15,130

88

Tom Cross

15,030

89

Earl Perkins

14,530

90

Ignacio M. Llorente

14,429

91

Mark Diodati

13,910

92

Barton George

13,898

93

Chirag Mehta

13,808

94

Eva Chen

13,600

95

Dan Blum

13,180

96

Jay Heiser

13,120

97

Mark McLaughlin

13,050

98

Byron Acohido

13,026

99

Nikolay Grebennikov

11,360

100

Kevin Kampman

9,600

Our study included over 140 security company executives, 320 bloggers and people in media, 100 of the top people in cloud computing, 30 people involved in specialized organizations like IBM's X-Force, over 20 government officials, over 130 leading CISOs, and 75 industry analysts from notable firms such as Gartner, IDC, Forrester, ESG, and others. In total we researched over 800 people.

Please note that our ranking is not the final word on the subject, but the beginning of a discussion. For example, a Director at Symantec (who will remain anonymous) assisted us in double-checking our work, and couldn't help but be of the opinion that Enrique Salem, Steve Trilling, and Rowan Trollope belong as 1-3 on every list (lol). So why isn't Michael DeCesare or George Kurtz from McAfee on the list? Eva Chen from Trend Micro? Harriet P. Pearson, Nick Coleman, or Phil Neray from IBM? Did we miss anyone? You maybe? What did we get wrong? Please give us your thoughts by commenting below.

Other MPV Criteria

Must be an active social media individual now (Buzz metrics were taken from last 90 days).

We included corporate twitter accounts only when it was clear that it represents the voice of the individual.

They are known to speak on topics within the security community.

We removed irrelevant hits where necessary such as those for similarly-named individuals.

We're defining the average active person as an active Internet user with an average level of impact, influence and use of social tools.

Next Steps

Are you wondering why some people made it on the Top 100 when they have less to do with security than others who didn't make the list? We hypothesize that a strong voice (who may not be a security expert) can actually speak to an audience who does care about security. In this case, they may be more useful than a week voice (who is an expert). Sure, we want to follow the experts and thought leaders to gather further domain knowledge, trends, and vision. But lets take the use case where you would like to challenge the status quo on a security topic....say, in the cloud computing space. Do you engage Eugene Kaspersky on the topic? Maybe.  But maybe you also engage Paul Miller. In a future study, we will discuss how to further leverage your network of influencers.

Be Proud If You Are In a Top Category

Are you one of the "Most Powerful Voices in Security"?

Add a note or a badge (below) to your website or blog to let people know that you are one of the most powerful voices in the security community.

Follow some of the more vocal security voices by automatically adding our twitter list here.

 

More Stories By Jim Kaskade

Jim Kaskade currently leads Janrain, the category creator of Consumer Identity & Access Management (CIAM). We believe that your identity is the most important thing you own, and that your identity should not only be easy to use, but it should be safe to use when accessing your digital world. Janrain is an Identity Cloud servicing Global 3000 enterprises providing a consistent, seamless, and safe experience for end-users when they access their digital applications (web, mobile, or IoT).

Prior to Janrain, Jim was the VP & GM of Digital Applications at CSC. This line of business was over $1B in commercial revenue, including both consulting and delivery organizations and is focused on serving Fortune 1000 companies in the United States, Canada, Mexico, Peru, Chile, Argentina, and Brazil. Prior to this, Jim was the VP & GM of Big Data & Analytics at CSC. In his role, he led the fastest growing business at CSC, overseeing the development and implementation of innovative offerings that help clients convert data into revenue. Jim was also the CEO of Infochimps; Entrepreneur-in-Residence at PARC, a Xerox company; SVP, General Manager and Chief of Cloud at SIOS Technology; CEO at StackIQ; CEO of Eyespot; CEO of Integral Semi; and CEO of INCEP Technologies. Jim started his career at Teradata where he spent ten years in enterprise data warehousing, analytical applications, and business intelligence services designed to maximize the intrinsic value of data, servicing fortune 1000 companies in telecom, retail, and financial markets.

Comments (4) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Most Recent Comments
JimKaskade 09/14/11 03:43:00 PM EDT

MATT FLYNN comments, ...."[This is a list] based on reach and not knowledge, usefulness of analysis, or trustworthiness."....and that "the word 'influencers' brought me right back to Gladwell's book The Tipping Point and made me wonder if this is really a list written for marketers rather than for security decision makers. Even if that is the case, then it's probably a good idea to follow the people on the list as they might identify emerging trends - perhaps by analysis, but as Gladwell points out, perhaps by causation (whether intentional or not)." http://goo.gl/oyiuw

JimKaskade 09/14/11 10:45:00 AM EDT

Kim Zetter says that aside from Bejtlich, most people on the list are people she doesn't listen to at all, and that some of the smartest and most influential people are the ones who don't have a public persona at all.

I can't argue with Kim. I think the security space is inherently low-key. I recently met with a security expert who works a lot with the government. He purposely has NO presence on the web...no social graph.

So there are maybe three camps here...the unspoken, but influential (which Kim refers to), the very vocal (who generally are less of an expert), and then there are those who are well-known in security and vocal.

JimKaskade 09/13/11 10:05:56 AM EDT

Justin Somaini, Yahoo! CISO, had a great point yesterday. "It is interesting that people who actually "do" security are much lower than those who just talk about it. That begs the question if the industry is a self fulfilled prophecy of self exploitation. Unless the conversation is based on substance then we end up with an over discussed and incorrect problem. ala APT's."

The analogy...it's like asking a Hollywood rock star to wear your new brand of jeans. Do they know about style, fit, organic denim material? No. But they do understand the value, and they like to talk about their fashion, and they have a loud VOICE.

So, if you have a new product in the Security space, or a new perspective, and you would like to have an open dialog about it, does it make sense to have that conversation with the "Hollywood Rock Star" who has the loud voice? It might help you get some attention around your topic, your product.

I don't know....it's the question I'm curious to answer, and the strategy, as a CEO, that is new to high-tech companies trying to get "above the noise"....without creating more noise.

JimKaskade 09/09/11 11:44:00 AM EDT

Just heard from Mikko H. Hypponen, Chief Research Officer from F-secure.

Mikko has a powerful voice in the security industry - an obvious oversight.

We will have to add him into the next iteration ;-)

@CloudExpo Stories
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, discussed how from store operations and ...
"There's plenty of bandwidth out there but it's never in the right place. So what Cedexis does is uses data to work out the best pathways to get data from the origin to the person who wants to get it," explained Simon Jones, Evangelist and Head of Marketing at Cedexis, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
In his session at 21st Cloud Expo, Carl J. Levine, Senior Technical Evangelist for NS1, will objectively discuss how DNS is used to solve Digital Transformation challenges in large SaaS applications, CDNs, AdTech platforms, and other demanding use cases. Carl J. Levine is the Senior Technical Evangelist for NS1. A veteran of the Internet Infrastructure space, he has over a decade of experience with startups, networking protocols and Internet infrastructure, combined with the unique ability to it...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the conn...
Enterprises are moving to the cloud faster than most of us in security expected. CIOs are going from 0 to 100 in cloud adoption and leaving security teams in the dust. Once cloud is part of an enterprise stack, it’s unclear who has responsibility for the protection of applications, services, and data. When cloud breaches occur, whether active compromise or a publicly accessible database, the blame must fall on both service providers and users. In his session at 21st Cloud Expo, Ben Johnson, C...
"We're developing a software that is based on the cloud environment and we are providing those services to corporations and the general public," explained Seungmin Kim, CEO/CTO of SM Systems Inc., in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...
"MobiDev is a software development company and we do complex, custom software development for everybody from entrepreneurs to large enterprises," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Telecom Reseller has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
Data scientists must access high-performance computing resources across a wide-area network. To achieve cloud-based HPC visualization, researchers must transfer datasets and visualization results efficiently. HPC clusters now compute GPU-accelerated visualization in the cloud cluster. To efficiently display results remotely, a high-performance, low-latency protocol transfers the display from the cluster to a remote desktop. Further, tools to easily mount remote datasets and efficiently transfer...
"Codigm is based on the cloud and we are here to explore marketing opportunities in America. Our mission is to make an ecosystem of the SW environment that anyone can understand, learn, teach, and develop the SW on the cloud," explained Sung Tae Ryu, CEO of Codigm, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
WebRTC is great technology to build your own communication tools. It will be even more exciting experience it with advanced devices, such as a 360 Camera, 360 microphone, and a depth sensor camera. In his session at @ThingsExpo, Masashi Ganeko, a manager at INFOCOM Corporation, introduced two experimental projects from his team and what they learned from them. "Shotoku Tamago" uses the robot audition software HARK to track speakers in 360 video of a remote party. "Virtual Teleport" uses a multip...
In his session at 21st Cloud Expo, James Henry, Co-CEO/CTO of Calgary Scientific Inc., introduced you to the challenges, solutions and benefits of training AI systems to solve visual problems with an emphasis on improving AIs with continuous training in the field. He explored applications in several industries and discussed technologies that allow the deployment of advanced visualization solutions to the cloud.
"Infoblox does DNS, DHCP and IP address management for not only enterprise networks but cloud networks as well. Customers are looking for a single platform that can extend not only in their private enterprise environment but private cloud, public cloud, tracking all the IP space and everything that is going on in that environment," explained Steve Salo, Principal Systems Engineer at Infoblox, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventio...
"We're focused on how to get some of the attributes that you would expect from an Amazon, Azure, Google, and doing that on-prem. We believe today that you can actually get those types of things done with certain architectures available in the market today," explained Steve Conner, VP of Sales at Cloudistics, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"NetApp is known as a data management leader but we do a lot more than just data management on-prem with the data centers of our customers. We're also big in the hybrid cloud," explained Wes Talbert, Principal Architect at NetApp, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Gemini is Yahoo’s native and search advertising platform. To ensure the quality of a complex distributed system that spans multiple products and components and across various desktop websites and mobile app and web experiences – both Yahoo owned and operated and third-party syndication (supply), with complex interaction with more than a billion users and numerous advertisers globally (demand) – it becomes imperative to automate a set of end-to-end tests 24x7 to detect bugs and regression. In th...
The question before companies today is not whether to become intelligent, it’s a question of how and how fast. The key is to adopt and deploy an intelligent application strategy while simultaneously preparing to scale that intelligence. In her session at 21st Cloud Expo, Sangeeta Chakraborty, Chief Customer Officer at Ayasdi, provided a tactical framework to become a truly intelligent enterprise, including how to identify the right applications for AI, how to build a Center of Excellence to oper...