Assessing the performance of your security team is critical to both knowing your current posture, as well as planning ahead.

'The Ultimate 2019 Security Team Assessment Template' is the first attempt to capture all the main KPIs of the security team main pillars, saving CIOs and CISOs the time and effort of creating such an assessment from scratch and providing them with a simple and easy-to-use tool to measure how their teams are operated in 2019, while setting up performance targets for 2020.

Building such a template is challenging because security teams vary greatly in size and internal responsibility distribution.

Additionally, there is little consistency in the terms used to designate the various positions across the industry – security analyst, for example, could have one meaning in a certain company and different one in another. The same goes for architects, managers, and directors.

The Security Team Assessment Template (download here) addresses this challenge by focusing on functionality. The two main pillars of the security team are A) ensuring that sufficient security products are deployed and B) making the best out of these products to maximize prevention, detection, and response capability.

The template covers the following security roles and responsibilities:

1) Security Architect ⁠— responsible for designing, building, testing, and implementing security systems within an organization's IT network for the protection of both business and customer data.

A Security Architect is expected to have a thorough understanding of complex IT systems and stay up-to-date on the latest security standards, systems, and authentication protocols, as well as best practice security products.

2) Security Analyst Tier 1 ⁠— The Tier 1 Security Analyst is tasked with the initial triage and classification of security events at the ground level, supporting a 24x7x365 Security Operations Center.
The role follows standard operating procedures for detecting, classifying, and reporting incidents under the supervision of the SOC Manager and in partnership with Tier 2 SOC Analysts.

3) Security Analyst Tier 2 ⁠— tasked with conducting the technical aspects of response operation for critical events, escalated by the tier 1 analyst.

This includes immediate containment, investigation, management of remediation actions, as well and enhancing defenses, with the new knowledge acquired throughout the response process.

4) Security Analyst Tier 3 ⁠— tasked with the proactive discovery of undetected threats through ongoing monitoring of the environment for vulnerabilities and searching for the threats that can abuse it.

Additionally, the tier 3 analyst conducts Threat Hunting based on IOCs from threat intelligence feeds and delivers real-time visibility into the environment's actual security posture with proactive penetration tests.

5) SOC Manager ⁠— responsible for establishing and overseeing the workflows of security event monitoring, management, and response.

Additionally, they are also responsible for ensuring compliance with SLA, process adherence, and process improvisation to achieve operational objectives.

6) Director of Security ⁠— oversees all the security-related functionalities within the organization, covering compliance with relevant frameworks, purchase, deployment, and maintenance of security products, and breach protection workflows.

The Director of Security reports to the CIO and acts as the source of information for all cybersecurity-related aspects of the organization.


Drone maker DJI has demonstrated a way to quickly identify a nearby drone, and pinpoint the location of its pilot, via a smartphone.

The technique makes use of a protocol called “Wi-Fi Aware”, with which the drone essentially broadcasts information about itself.

The company said it would help prevent security threats and disruption, and give members of the public peace of mind.

But experts believe sophisticated criminals would still be able to circumvent detection.

“It’s going to be very useful against rogue drones,” said Ulrike Franke, a policy fellow at the European Council on Foreign Relations, who studies the impacts of the drone industry.

“But it's not going to be enough to fight people with real bad intentions, because these are going to be the first people to hack this system."

DJI told the BBC it could add the functionality to drones already on the market via a software update.

The firm explained: "Using a simple app, anyone within radio range of the drone can receive that signal and learn the location, altitude, speed and direction of the drone, as well as an identification number for the drone and the location of the pilot."


While there’s a tiny risk that public charging station is booby-trapped, it’s easy to keep your phone or tablet safe.

The L.A. County District Attorney’s office put out a scary warning this week: That USB charger provided at airports, hotels, or other public locations could be loaded with malware that will hack your charging phone or tablet, reports ZDNet.

While that sounds scary, it may be nothing to worry about. Back in 2013, security researchers showed that a minicomputer disguised as a USB charging brick could install data-stealing malware on iPhones, which at the time were running iOS 6 or earlier. Apple took notice and promptly closed the loophole in iOS 7.

In another attack, called video jacking, what looks like a USB port is actually equipped to pull HDMI video from devices, allowing hackers to copy everything you do on the screen, such as enter passwords. This kind of attack has been shown to work but has never been seen in the wild. In discussing the theoretical hack in 2016, security guru Brian Krebs wrote that it might be worth using on specific people possessing highly valuable information. But, he said, “it doesn’t strike me as very likely that most mere mortals would have reason to worry about video jacking.”

All that said, why take chances? The best advice, provided by the DA’s office, is to simply bring your own USB charging brick and plug into an AC outlet, rather than a public USB port. What if you forget your charger? If you have a laptop with you, plug into its USB port. You can also stock up on charge-only USB cables that disable data transfer and only carry power. (If you lose cables like I do, you’ll have to buy more from time to time, anyway.)

One thing you should definitely not do is use any old USB cable you see lying around in public. With chips being so small these days, hackers have been able to hide circuitry in the cable that can pull data off your phone.

Should you plug into a USB port without protection, and you have an iOS device, do keep an eye out for a giant red flag. When you plug into anything that can access data, such as a computer, iOS will ask you if you want to “trust” the device. If you see that alert, unplug immediately, because you are connected to something other than an innocuous charger.


As casual dining chains have declined in popularity, many have experimented with surveillance technology designed to maximize employee efficiency and performance. Earlier this week, one Outback Steakhouse franchise announced it would begin testing such a tool, a computer vision program called Presto Vision, at a single outpost in the Portland, Oregon area. Your Bloomin' Onion now comes with a side of Big Brother.

According to Presto CEO Rajat Suri, Presto Vision takes advantage of preexisting surveillance cameras that many restaurants already have installed. The system uses machine learning to analyze footage of restaurant staff at work and interacting with guests. It aims to track metrics like how often a server tends to their tables or how long it takes for food to come out. At the end of a shift, managers receive an email of the compiled statistics, which they can then use to identify problems and infer whether servers, hostesses, and kitchen staff are adequately doing their jobs.

“It’s not that different from a Fitbit or something like that,” says Suri. “It’s basically the same, we would just present the metrics to the managers after the shift.” Presto says it's testing the technology at multiple restaurants across the country, but declined to name any other than Outback. 

The Outback Steakhouse pilot will use Presto Vision specifically to analyze footage from the lobby of a franchise operated by Evergreen Restaurant Group, which manages nearly 40 Outback Steakhouse locations across the United States. It will monitor factors like how crowded the lobby is and how many customers decide to leave rather than wait for a table. Suri says Presto Vision could be used not only to evaluate employee performance after the fact, but also course-correct in the moment. For instance, managers could be sent text messages when the number of people waiting for a table reaches a certain threshold.

For now, workers on the ground don't know much about how the technology will be used. "I don't know anything about it," one worker at the Portland Outback location said over the phone. "We have zero interaction with that. I'm pretty sure that's just still in the developmental phase."