Office Hours with David Girvin
Weekly office hours with David Girvin. Check out recent feature releases and updates, watch a quick live demo, and ask any questions with live Q&A.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
The latest News and Information on Security Incident and Event Management.
FERC and NERC: Cyber Security Monitoring for The Energy Sector
As cyber threats targeting critical infrastructure continue to evolve, the energy sector remains a prime target for malicious actors. Protecting the electric grid requires a strong regulatory framework and robust cybersecurity monitoring practices. In the United States, the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corporation (NERC) play key roles in safeguarding the power system against cyber risks.
Making Waves: Elastic named a Strong Performer in The Forrester Wave: Extended Detection And Response Platforms, Q2 2026
Elastic has been named a Strong Performer in The Forrester Wave: Extended Detection And Response Platforms, Q2 2026 report. The report recognized our SIEM-replacement capabilities, open data architecture, AI innovation, and endpoint protection. Here's what Forrester found and why we believe it reflects what we've been building.
Real Time Threat Detection
Weekly cyberattacks now average 1,968 per week, up 18% year over year and 70% since 2023, while security teams still take an average of 277 days to identify and contain a breach, according to SentinelOne's cybersecurity statistics roundup. That combination changes the meaning of “real time” in security. It no longer means a dashboard that updates quickly. It means building detection and response so attackers don't get months of freedom between first access and containment.
Stop building security dashboards nobody reads
On this episode of Masters of Data, we dig into one of data's most contested formats: the dashboard. We explore why so many dashboards get built and never opened, tracing the shift from in-person SOC culture (big screens, shared visibility, immediate feedback) to the remote-work era of folders full of charts no one reviews. The conversation covers North Star metrics, the tension between practitioner and leadership dashboards, and the uniquely tricky problem of security metrics that can look green while a threat actor has quiet dwell time in your environment.
Beyond the Budget: What CISOs Need to Understand About Their CFO Relationship
Every CISO has prepared for a budget conversation by building the strongest possible business case. The right data, the right framing, the right numbers. But the security leaders who consistently earn CFO support are not necessarily the ones with the most polished decks. They are the ones who built the relationship that made the ask credible before it ever landed on the table. That distinction came through clearly in a recent conversation between Exabeam CISO Kevin Kirkwood and Exabeam CFO Mike Byron.
Build Effective Incident Response Playbooks a How-To Guide
The alert hits after hours. A suspicious sign-in turns into endpoint detections, then someone in leadership asks whether customer data is involved, and within minutes the team is juggling Slack threads, ticket updates, legal questions, and a half-dozen console tabs. Most organizations don't fail here because people don't care. They fail because the response lives in people's heads, scattered docs, and outdated runbooks.
Ransomware Detection: Master Modern Strategies 2026
In 2024, ransomware was publicly disclosed in more than 5,600 attacks worldwide, with over 2,600 victims in the United States alone. The same reporting says the FBI's 2024 IC3 report logged 3,156 ransomware complaints, an 11.7% increase from the prior year, which is a useful reminder that this isn't a niche malware problem. It's a persistent operational risk that keeps showing up across sectors and environments (Fortinet's ransomware statistics summary).
Security Incident Response: A Guide for SOCs & CISOs
A breach doesn't become expensive only when systems go down. It becomes expensive when an organization spends months discovering what happened, who needs to decide, what evidence was lost, and which business services can't wait. According to IBM's 2024 Cost of a Data Breach Report, the global average cost of a data breach reached $4.88 million in 2024, while the average time to identify a breach was 194 days.
Cloud Security Monitoring: A Complete Guide for 2026
Your cloud footprint probably grew faster than your monitoring program did. That's the normal path. A team starts with one cloud account, one logging service, and a few dashboards. Then come managed databases, containers, serverless functions, SaaS integrations, new identities, and temporary workloads that appear and disappear before anyone documents them. Security ends up with a pile of logs, a backlog of alerts, and a nagging suspicion that the dangerous activity isn't the stuff already visible.