Next >>

darkreading.com

OCTOBER 2013

Could big data be the key to identifyingsophisticated threats? Security experts areon the case. >>

By Robert Lemos

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

PLUS Secure the perimeter, but analyze the data >>

COVER STORYBig Data DetectivesCompanies are using data analytics to improve security but they’re challenged by immature technology and a scarcity of expertise. p5

DARK DOMINIONBolster Perimeter ProtectionSecurity analytics is the next generation of defense. p4

CONTACTSEditorial and Business Contacts p14

Detect Business ThreatsDark Reading’s Security Monitoring Tech Center is a single community dedicated to the tools and tech-niques used to analyze security activity and detect potential threats to the business.darkreading.com/monitoring

How Do You Handle Big Data?The Big Data Conference provides three days of comprehensive content for business and technology pros seeking to capitalize on the boom in data volume. In Chicago, Oct. 21-23.darkreading.com/2013bigdataconf

Navigate The CloudCloud Connect’s summits, panels and boot camps draw fellow IT pros wrestling with cloud challenges. In Chicago, Oct. 21-23.darkreading.com/2013cc

PREVIOUS ISSUEThe Changing Face Of APTsAdvanced persistent threats are evolving in motivation, malice and sophistication. Are you ready to stop the madness? darkreading.com/issue/aptaugust2013

FOLLOW US ON TWITTER AND FACEBOOK

@DarkReading darkreading.com/facebook

darkreading.com

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

October 2013 2

CONTENTSOctober 2013 Issue 13 More From Dark Reading

Copyright © 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, and Norton are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other trademarks may be trademarks of their respective owners.

Symantec™ Website Security Solutions include industry-leading SSL, certificate management, vulnerability assessment and malware scanning, Express Renewal, and 24x7 support. The Norton™ Secured Seal and Symantec Seal-in-Search assure your customers that they are safe to search, to browse, to buy. With 100 percent uptime since 2004, military-grade data centers, and industry-leading SSL, Symantec is the leading provider of website security for your business. Please call (866) 893-6565 or visit us at www.symantec.com/ssl-certificates to learn more about Symantec Website Security Solutions.

Not all SSL certificates are the same.We have the Internet’s most trusted mark.

Previous Next

@darkreadingtim

A few years ago, my pest control company started a service called “perimeter defense.” Instead of bringing a technician inside and spraying each room, my exterminators said they would treat the house from the outside, effectively creating a safe “wall” that vermin couldn’t penetrate.

Sorry, I had to stop typing for a moment and wipe another bug off my screen. I won-der why the spider in the corner doesn’t ever catch those things?

Like most IT security professionals, I no lon-ger believe that perimeter defense will stop all the intruders. Yes, it helps a lot. But I’ve ac-cepted the fact that no matter how good my outside defense is, the most sophisticated pests will find their way in. As a result, I keep flyswatters and bug spray handy. I have my own strategies for finding and killing what evades my external defenses.

In the enterprise, this process for detect-ing and eliminating the attacks that bypass the perimeter — sometimes called incident response — is becoming an increasingly im-

portant part of enterprise defense. Assume you will be hacked, the logic goes, and be ready with your backup plan. It’s the virtual equivalent of my flyswatter and bug spray.

Unlike pesky bugs, though, a sophisticated enterprise compromise can result in very big problems — loss of customer data, loss of service and even loss of business. One fierce attack could cost your company mil-lions of dollars and, if it’s properly hidden, could suck the data out of your systems for months, or even years.

To help reduce this risk, many big com-panies are relying on forensic tools and ex-perts to detect these sophisticated threats and root them out before they can damage the business. “Incident response” has be-come “data forensics,” in which the goal is to identify evasive attacks through detailed analysis of digital evidence found in system log files and security event management systems that track security-related data and flag anomalous activity.

The problem is that there’s so much secu-

rity-related information that finding and cor-relating the few bits of data needed to iden-tify an attack can be nearly impossible for a single human. To quote one expert, “it’s like trying to find a needle in a stack of needles.”

The forensics problem has given rise to a new class of tools and best practices being called “security analytics.” The detailed study of security data increasingly embraces big data analysis tools and techniques used by other parts of the business, and it’s becom-ing the next generation of defense. This spe-cial digital issue of Dark Reading offers a look at this new trend.

Like me and my exterminators, enterprises haven’t given up on perimeter defense, but they acknowledge it can’t stop everything. For today’s business, security doesn’t just mean developing an effective screen against attack, it means an effective strategy for wip-ing out the bugs that get through the holes.

Tim Wilson is editor of DarkReading.com. Write to him at timothy.wilson@ubm.com.

Table of Contents

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

October 2013 4darkreading.com

DARK DOMINIONTIM WILSONSecure The Perimeter, Then Add Big Data

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

Cloud Expertise

Cloud Connect, Oct. 21-23 in Chicago, offers in-depth boot camps, panel discussions and peer networking to help you weigh your cloud options.

October 2013 5

F or Vigilant, it started in 2009. And as with most companies, it started small.

The security services startup, now part of audit and consulting firm Deloitte, wanted a way to bring information about exter-nal threats to clients that were using SIEM (security information and event manage-ment) systems to monitor their own en-vironments. The Vigilant team knew that the combination of external threat data with internal security event data could be a powerful way to improve enterprise de-fenses, but crunching all that data would be a monumental task.

Vigilant began combining threat intel-ligence feeds, filtering the data to pull out the most important information for each client, and then transmitting the data to their clients’ SIEM systems. The company started with two threat lists: domains serv-

COVER STORY

Table of Contents

@roblemosPrevious Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

Could big data be the key to identifying sophisticated threats? Security experts are on the case.Big Data

darkreading.com

By Robert Lemos

Detectives

October 2013 6

ing malware, and domains compromised by the Trojans SpyEye and Zeus. To reduce false alarms and aid in analysis, the company be-gan adding more data feeds.

Vigilant’s analysts quickly became addicted to the analysis. Each new source of data gave them the ability to tease out additional infor-mation on threats. By 2011, the company was processing about 50 to 100 GBs per day. But the company’s systems couldn’t keep up with the flow of data, and it started missing perfor-mance deadlines, says Joe Magee, co-founder and former CTO of Vigilant, who is now a di-rector at Deloitte.

“We were not able to catch up,” Magee says. “We were not able to process the information and push it out fast enough, and that’s when it became a big data issue for us. We needed to be able to rip through this data in Google-like fashion.”

The volume of data and rate of change caused the problem, because most of the

data came in the form of feeds updated daily with gigabytes of data. It overwhelmed the company’s initial database built on top of Postgres. In 2011, Vigilant moved to Hadoop and became one of many companies — both vendors and enterprises — that are advocat-ing the use of big data analytics to improve the response to security threats.

Big Data Still Just A PromiseFor security teams, the use of analytics on

massive quantities of security data — from de-vice and application logs to collections of cap-tured network packets and operational busi-ness data — promises better visibility into the security threats that elude current defenses.

Big data analytics can be more complex than the log collection and analysis conducted by most SIEM systems, so automating the num-ber crunching is often needed to let security pros more easily use statistical correlations to discover trends and anomalies. Tracking

days or weeks of business activity allows the system to find outliers — a user who accesses far more data on a daily basis than the average employee, or a system that has a sudden spike

in resource consumption. Analysts then can dig deeper into the large data sets of security information for any flagged events.

“Big data is not just about gaining insights, it’s about helping remediate issues faster,” says Jason Corbin, director of security intelligence strategy for IBM Security Systems. “The big problem is that [security teams] are over-whelmed with information they have. All

COVER STORYBIG DATA

Table of Contents

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

darkreading.com

“A company can have so much

data and try to do so much with

it, and there are no SIEM solutions

that can handle it.”

—Lucas Zaichkowsky, AccessData

Click HereClick Here

Get Smart

Our Threat Intelligence Tech Center provides in-depth information on collecting and analyzing data on emerging cybersecurity threats.

October 2013 7

that information goes to some guy who has to sift through tons of incidents or vulner-ability reports and decide what they need to patch or virtually patch or fix. Security teams fall behind, and that’s how companies suffer breaches based on known but unpatched vulnerabilities.”

But for many companies, the promise of big data in security is just that — a promise. While security teams hope to gain more awareness of what is going on in their networks by col-lecting and analyzing more of their data, the technology is still in its adolescence. “Hadoop has been around for a while, but it is still fig-uring out what it is and what is wants to be,” says Adrian Lane, CTO for security consul-tancy Securosis.

Still, the potential is huge, Lane adds. Com-panies that kick off a big data project for se-curity can collect an immense volume of data and have a security analyst poke through the information, ask queries of the data and make important discoveries.

How Big Is Big?Big data itself isn’t a technology or a method

of analysis. It’s a concept that involves collect-ing, managing and making sense of more and new data sources. It’s about analyzing the

“dark data” (data that is collected but rarely used) created by business devices and sys-tems. For companies, that means collecting orders of magnitude more data.

Business projects aimed at using big data to support security typically follow two paths. In the first, security teams gain ac-cess to a company’s operational data and

run an analysis against that data to highlight events that may indicate a security threat. Alternatively, the team can store data from security devices and other related systems and analyze the secu rity-specific data for correlations that flag a potential attack.

Which types of data should be analyzed? Opinions vary. Many SIEM vendors argue that the proliferation of device log data creates a big data problem. Other companies, such as RSA, use a more strict definition. For them, big data means monitoring all of the information that crosses the enterprise network — per-haps an unsurprising opinion for a company

owned by storage system maker EMC.“People think that any time you collect se-

curity information, that is big data,” says Eddie Schwartz, chief information security officer for RSA. “No, it ‘s a new way of looking at in-formation. Big data means that we’re looking

COVER STORYBIG DATA

Table of Contents

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

darkreading.com

Data: Ponemon Institute’s “Big Data Analytics In Cyber Defense” report, surveying 706 IT security practitioners, February 2013

No plans

Within 9 months

Using now

Within 3 months

Within 6 months

12%

39%

When Will You Use Big Data Analytics For Cyber Defense?

23%

17%

9%

at transactional information, we’re looking at the full context and content of network traffic.”

For large companies, the creation of a big data store of security information may result as the by-product of normal business, or it may be a goal.

But some big data advocates urge companies to search for more data sources under a “more is better” mantra. “One of the tenets of big data is that if I have a larger data set, I may see correlations that I might not have seen before,” says Samuel Harris, director of enterprise risk management for Teradata.

Yet deriving security intelligence from a large col-lection of business data requires hard work. Many enterprises have tried to merge additional analytics capabilities into SIEM systems, but that has caused more headaches than hits, says Lucas Zaichkowsky, enterprise defense architect for AccessData, a com-puter forensics and security consulting firm.

“A company can have so much data and try to do so much with it, and there are no SIEM solutions that can handle it,” he says. “There are a lot of failed SIEM projects.”

In fact, growth in the types and volume of data produced by networking hardware creates the great-est challenge for companies trying to mine network data. In a study of companies’ attitudes toward using big data analytics for security, half of 706 respon-dents had trouble handling the growth of network data, the Ponemon Institute found. Only 5% of IT

COVER STORYBIG DATA

Table of Contents

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

darkreading.com

October 2013 9

security respondents believed the growth in data is an opportunity.

From Big Data To Bad GuysNevertheless, there are success stories in

combining big data and security. In 2009, IT security firm BeyondTrust embarked on its own big data project. To help security managers focus on the most pressing vul-nerabilities, the company pulled together

frequently updated internal information — such as the configuration of every machine in a 100,000-client network — with information on the latest vulnerabilities, exploit kits and attacks.

Combining external and internal sets of data can help companies focus on the few vulnerabilities that really make a difference — situations where the company has sys-tems using vulnerable software, and attack-

ers know about the software flaws and are actively exploiting them.

“As a customer, it lets me determine what do I have to do this week and what do I have to do next week to prevent my company from being hacked,” says Marc Maiffret, CTO for BeyondTrust.

Another benefit is that BeyondTrust cus-tomers can see where they are vulnerable and also query the data for more specific informa-tion. “We know there is no way that we have thought of every scenario of how people will use this data, so we give them the tools and let them work with the data,” Maiffret says.

Another success story: At the RSA Confer-ence in 2012, Preston Wood, chief security of-ficer at Salt Lake City-based Zions Bancorpo-ration, outlined the bank’s use of analytics to mine security events. Zions used open source Hadoop coupled with Google’s MapReduce and business intelligence tools to correlate logs from antivirus, databases, firewalls, in-trusion-detection systems and financial-in-dustry-specific sources of information, such as credit applications and data. Using these methods, Zions has been able to collect and take action on security information in min-utes when it used to take hours, Wood said.

In most cases, big data techniques are used

COVER STORYBIG DATA

Table of Contents

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

darkreading.com

Protecting Big Data

Using big data could be a boon to secu-rity, but enterprises should not forget about protecting the big data itself.

Because big data can be a complete re-cord of a business’s operations, it’s impor-tant to lock it down, says Erik Jarlstrom, VP of technology solutions at Dataguise. Com-panies need to secure big data stores early to avoid delaying the project.

Big data resides in highly distributed clus-ters of computers, so securing the entire systems is a challenge, according to Adrian Lane, CTO of security consultancy Securo-sis, which recently released a research pa-per on big data security. Because data is

distributed among the nodes and distrib-uted in multiple copies, it’s difficult to know where your data resides. In most cases, there is no generally available encryption for repositories, and no role-based admin-istrative controls.

Lane advises that companies should use the Kerberos protocol to authenticate big data nodes and add file encryption.

“We hear [from security architects] the most popular security model is to just hide the entire cluster within their infrastructure,” Lane writes. “But those repositories are now Web accessible and very attractive targets.” —Robert Lemos

October 2013 10

to detect compromises that have already occurred, rather than to prevent them. Be-cause companies are living in a state of com-promise, they need to gather as much infor-mation as possible on what is happening in their network, says AccessData’s Zaichkowsky. “They are accepting that there always will be a Victim Zero, and instead focus on spotting the activity.”

Using statistical techniques such as linear regression, general linear models and ma-chine learning, a security analyst looking at data can find odd behavior, suspicious events and other anomalies indicative of a compromise. While some events — such as an internal system accessed from Russia at night — are easy to identify as suspi-cious, more subtle transactions are missed because an analyst hasn’t created a rule to watch for the activity. Mapping access attempts from each system, for example, could help security teams pinpoint when a

compromised computer is trying every sys-tem on a network.

“If I ask a business person what ‘bad’ looks like, it’s not an easy question,” says RSA’s

Schwartz. “But mathematically, these types of anomalous transactions are much more obvi-ous when you do statistical analysis.”

RSA, for example, regularly explores differ-ent data sets within its own business to find new sources of data that can be mined for security information, Schwartz says.

Unlike log data, which resembles the sum-mary information on a phone bill, big data systems collect detailed records, network

COVER STORYBIG DATA

Table of Contents

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

darkreading.com

Data: Enterprise Strategy Group’s “The Big Data Security Analytics Era Is Here” report, surveying 257 security professionals, January 2013

Don’t know

No, but it will be in 24 months

No, but it will be in 12 months

Yes

No

30%

14%

Is Your Security Data Considered Big Data?

44%

11%2%

October 2013 11

packet data, and other data and metadata that are important to enterprise security.

For instance, a SIEM system may note that an EXE file had been downloaded to a desk-top, and that the domain it came from was not on any blacklist. However, using other data, a different picture can emerge: The pro-gram was packed and obfuscated, down-loaded from a nonstandard port and sent from a domain that was only 3 days old.

“Using full-packet capture solutions and big data analytics, we see everything,” says John Vecchi, VP of product strategy for Solera Networks, a security analytics firm acquired by Blue Coat in May. “We are going to be able to see things and derive information that you would never be able to know from looking at log data.”

In addition to allowing security analysts a deeper look, scrutinizing big data gives them more flexibility to find indicators of compromise that may not be immediately evident. One problem with current SIEM systems is that they typically define their searches and analyses performed on the log files, giving the user less flexibility, says Mark Seward, a senior director at Splunk, which offers tools for searching and analyz-ing security data.

“If I let my vendor determine in advance what data I am going to see, then I am already essentially compromised,” Seward says.

Waiting For MaturityWhile big data analysis holds promise for

security, a number of factors have slowed its adoption. First, most enterprises don’t have a line item in the budget for big data security

projects. “Big data is about solving business problems, and security is generally, in the be-ginning, not one of those business problems,” says Hadi Nahari, chief security architect for graphics chipmaker Nvidia. Some companies

are also concerned that big data projects might introduce risk by forcing changes to the way security systems collect and report data, he notes.

Another major obstacle is the shortage of experts with the skills to mine large security databases for information. In addition to hav-ing the abilities of a data scientist, any big data security project leader also needs secu-

rity expertise and a focus on usability, says Teradata’s Harris.

The lack of skilled personnel was the third most significant barrier to a strong security posture among enterprises, according to the

COVER STORYBIG DATA

Table of Contents

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

darkreading.com

Which Of These Big Data Tools Are In Use At Your Company?Microsoft Excel

Microsoft SQL PDW

Enterprise search system (any brand)

Oracle Exadata

IBM DB2 Smart Analytics System

Hadoop/MapReduce

Data: InformationWeek 2013 Big Data Survey of 257 business technology professionals at organizations with 50 or more employees, September 2012

R5561012/15

65%

38%

26%

21%

16%

14%

R5561012_BigData_Chart15

65

60

55

50

45

40

35

30

25

20

15

10

5

0

Data: InformationWeek Analytics Survey

This is a dummy text this is a dummy text this is a dummy textThis Is A Dummy Head This Is A Dummy Head This Is A Dummy Head

This is a dummy text this is a dummy text

This is dummy text

This is a dummy test 00%

Ponemon Institute’s “Big Data Analytics In Cyber De-fense” report, commissioned by Teradata.

The top two barriers, according to the report, were a lack of effective security technology and an insuffi-cient view into business processes — chosen by 43% and 42% of respondents, respectively. During its RSA 2012 presentation, Zions Bancorporation introduced

a team of three employees, including a data scientist, who created and run the company’s big data project. But most companies can’t afford to hire so many people for a big data security project.

Another hurdle to using big data in security is the relative immaturity of the market. While a number of security products now tout some tie-in with big data analytics, they require a great deal of expertise to use and maintain. “Big data has been around for a while, but it’s only in its second generation,” Se-curosis’s Lane says. “It’s not ready for prime time for many companies.”

The easiest way for a company to get started in

COVER STORYBIG DATA

Table of Contents

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

darkreading.com

“Big data is about solving

business problems, and security

is generally not one of those

business problems.”

—Hadi Nahari, chief security architect, Nvidia

analyzing its security data is to buy a large server and start collecting information, says Vigilant’s Magee. Many Vigilant clients are considering buying a large 32- or 64-CPU server and a fast data store, and some of them work with business teams that are already familiar with Hadoop.

“We can leverage Moore’s Law to get out in front of this problem. We can start putting data into it and analyze it,” Magee says. “While that may seem like a very simple or mundane version of SIEM, com-panies want that ability. They want to ask questions of their data.”

For small and midsize businesses that don’t have the resources to start up their own big data project, the only likely solution is to settle for services that in-corporate external feeds and security analytics, says Jon Oltsik, senior principal analyst with the Enter-prise Strategy Group. While big data analytics can be more effective than SIEM, it isn’t easy to incorporate into a business.

“Easy is the key word,” Oltsik says. “Big data is too complex and too costly for most midsize busi-nesses, so the question is who can deliver the in-telligence of big data at a lower cost than doing it themselves. For most smaller companies, that will be a service provider.”

Robert Lemos is a veteran technology journalist and former research engineer. Write to us at editors@darkreading.com.

COVER STORYBIG DATA

Table of Contents

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

darkreading.com

new!

23 rdAPRIL

Make a Big Impact with Big Data. Join an exclusive group of 100 big data decision makers at The Big Data Conference Oct. 21-23, 2013 and define your big data strategy.

Topics will include:

Large enterprise case studies The big picture: A lifecycle for big data management Structuring the organization to take advantage of big data Setting a big data strategy Data visualization & interfaces Domain-specific data types centered on people, money, time, and location Hadoop and other big data platforms & architectures

Learn more at www.big-data-conference.com

A new event from UBM Tech Co-Located with

SPECIAL OFFER: SAVE $200 with code PAIWEEK

www.big-data-conference.com

October 2013 14darkreading.com

Table of Contents

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

Online, Newsletters, Events, ResearchREADER SERVICESDarkReading.com The destination for the latest news on IT security threats, technology, and best practices

Electronic Newsletters Subscribe to Dark Reading’s daily newsletter and other newsletters at darkreading.com/newsletters/subscribe

Events Get the latest on our live events and Net events at informationweek.com/events

Reports reports.informationweek.com for original research and strategic advice

How to Contact Us darkreading.com/aboutus/editorial

Editorial Calendar informationweek.com/edcal

Back Issues E-mail: customerservice@informationweek.com Phone: 888-664-3332 (U.S.) 847-763-9588 (Outside U.S.)

Reprints Wright’s Media, 1-877-652-5295 Web: wrightsmedia.com/reprints/?magid=2196 E-mail: ubmreprints@wrightsmedia.com

List Rentals Specialists Marketing Services Inc. E-mail: PeterCan@SMS-Inc.com Phone: (631) 787-3008 x30203

Media Kits and Advertising Contacts createyournextcustomer.com/contact-us

Letters to the Editor E-mail editors@darkreading.com. Include name, title, company, city, and daytime phone number.

Subscriptions E-mail: customerservice@informationweek.com Phone: 888-664-3332 (U.S.) 847-763-9588 (Outside U.S.)

Tim Wilson Dark Reading Site Editor timothy.wilson@ubm.com 703-262-0680

Kelly Jackson-Higgins Dark Reading Senior Editor kelly.jackson.higgins@ubm.com 434-960-9899

SALES CONTACTS—WEST Western U.S. (Pacific and Mountain states) and Western Canada (British Columbia, Alberta)

Western Regional Sales Director, Sandra Kupiec (415) 947-6922, sandra.kupiec@ubm.com

District Sales Manager, Vanessa Tormey

Account Manager, Ashley Cohen (415) 947-6349, ashley.i.cohen@ubm.com

Account Manager, Vesna Beso (415) 947-6104, vesna.beso@ubm.com

SALES CONTACTS—EAST Midwest, South, Northeast U.S. and Eastern Canada (Saskatchewan, Ontario, Quebec, New Brunswick)

Eastern Regional Sales Director, Michael Greenhut (516) 562-5044, michael.greenhut@ubm.com

District Manager, Jenny Hanna (516) 562-5116, jenny.hanna@ubm.com

District Manager, Cori Gordon (516) 562-5181, cori.gordon@ubm.com

STRATEGIC ACCOUNTS District Manager, Mary Hyland (516) 562-5120, mary.hyland@ubm.com

Strategic Account Manager, Amanda Oliveri (212) 600-3106, amanda.oliveri@ubm.com

SALES CONTACTS—MARKETING AS A SERVICE Director of Client Marketing Strategy, Jonathan Vlock (212) 600-3019, jonathan.vlock@ubm.com

SALES CONTACTS—EVENTS Senior Director, InformationWeek Events, Robyn Duda (212) 600-3046, robyn.duda@ubm.com

MARKETING VP, Marketing, Winnie Ng-Schuchman (631) 406-6507, winnie.ng@ubm.com

Director of Marketing, Monique Luttrell (415) 947-6958, monique.luttrell@ubm.com

Marketing Assistant, Hilary Jansen (415) 947-6205, hilary.jansen@ubm.com

UBM TECH Paul Miller CEO

Marco Pardi President, Events

Scott Mozarsky President, Media and Partner Solutions

Kelley Damore Chief Community Officer

David Michael CIO

Simon Carless Exec. VP, Game & App Development and Black Hat

Lenny Heymann Exec. VP, New Markets

Angela Scalpello Sr. VP, People & Culture

Copyright 2013 UBM LLC. All rights reserved.

Rob Preston VP and Editor In Chief rob.preston@ubm.com 516-562-5692

Jim Donahue Managing Editor james.donahue@ubm.com 516-562-7980

Chris Murphy Editor chris.murphy@ubm.com 414-906-5331

Shane O’Neill Managing Editor shane.oneill@ubm.com 617-202-3710

Lorna Garey Content Director, Reports lorna.garey@ubm.com 978-694-1681

Mary Ellen Forte Senior Art Director maryellen.forte@ubm.com

Business Contacts

(805) 284-6023, vanessa.tormey@ubm.com