Raffael is currently VP Security Analytics at Sophos and a strategic advisor for Respond Software. Before his current roles, he held positions at Splunk, ArcSight, IBM and was the founder of PixlCloud. He is also the author of Applied Security Visualization, the first book on security visualization. The Respond Software team wanted to get Raffy’s expert perspective on visual communication in information security, what measures are necessary to advance security analytics, and thoughts on analytical vs. subject matter expertise.
Analysts in enterprise Security Operations Centers (SOCs) are a lot like drivers on a long journey. They stare at screens or through windshields for hours on end, trying to identify and respond to any potential threats or hazards. Even the best of them struggle with boredom, fatigue, and frustration. And their own biases and expectations influence the way they interpret the information that comes at them.