“I tend to think of the blue team as the entire security organization within a company, from the trenches to the CISO.”
Dave Venable is a former intelligence professional with the U.S. National Security Agency with extensive experience in computer network exploitation, information operations, and cryptography. Dave has developed and managed several U.S. national-level projects in support of global anti-terrorism operations and the Global War on Terror, in addition to providing security advisory services to Global 500 companies.
Dave is a regular speaker and author on information security and is the vice president of cybersecurity at Masergy. Dave also serves on the Cyber Security Advisory Council of Southern Methodist University, where he also teaches security.
How do you define a blue team?
I tend to think of the blue team as the entire security organization within a company, from the trenches to the CISO. Granted, the IR team is probably the forefront of the blue team in most people's minds, but as long as you're focused on the company's security, you're on the blue team.
That said, I distinguish between security roles and IT roles, even if those IT roles might some security functions. In fact, I don't view cybersecurity as an IT specialization but rather as a security specialization. Coming from ...