Arthur Braunstein

Arthur Braunstein is Morphisec’s Vice President of US Sales. Arthur has more than 25 years of executive management and sales leadership experience, including over 10 years in the data and cyber security industry. Before joining Morphisec, he was Vice President at Big Belly, leading their industry sector expansion. Prior to Big Belly, he served as VP Strategic Accounts at CloudLock, a cloud cybersecurity company, where he focused on large enterprise customers. Prior to that, Arthur built the major accounts strategy and portfolio for Verdasys (now known as Digital Guardian). Previously, he held executive level roles at Escort Inc., ArchiText, Polaroid and AT&T.
Find me on:

Recent Posts

Malware Is a Symptom – Don’t Treat Symptoms

Posted by Arthur Braunstein on Mar 30, 2017 3:00:29 AM

Imagine this. You are in charge of public health and must deal with an unrelenting epidemic. You have two options for protecting the population.

The first option is to monitor each person for symptoms of infection. You buy analytical technology and infrastructure, hire staff and build hospitals. You send forth specialists to monitor everyone. When they notice symptoms, more tests are performed. The symptoms are
subtle (fatigue, headache, stiffness), and healthy and sick people look a lot alike, so to be on the safe side you test far more people than are truly ill. Once you suspect infection, you quarantine the person and start a course of treatment. Sometimes the people are cured. Sometimes they are not. You can’t guarantee that you will find everyone who is infected. Or that everyone you treat is ill. The monitoring and mandatory quarantine intrude on civil liberties, disrupt lives and interfere with the economy. To compound matters, the disease mutates, so you have to continually design new screening tests and retrain the specialists.

Read More

Topics: 0-day exploits, Moving Target Defense, Advanced Persistent Threats, Endpoint Security

Reflections on Black Hat USA

Posted by Arthur Braunstein on Aug 17, 2016 6:49:53 PM

 

This year’s Black Hat USA conference was bigger and badder than ever, with attendance up nearly 30% according to show organizers. Of all the security conferences, Black Hat has the most clear divide between the technical practitioner side and the security vendors, and the main themes varied depending on which side of the divide you were standing.  From the practitioner side, these ranged from enhancing technical skills (excellent training) to strategies and threats, to leadership and alignment with the business. The instructors and presenters were world class, the content was superb, and thoughtfulness and creativity were everywhere.

All good for the practitioners and kudos to the organizers. On the vendor side, things were a little more nuanced.

Read More

Topics: Exploits, Moving Target Defense, Endpoint Security

There’s a Madness to the Method - Surreal Logic in Cybersecurity

Posted by Arthur Braunstein on Jun 15, 2016 1:23:26 AM

 

Imagine a conversation like this.

ASPIRING VIOLINIST:  Maestro, what should I do to be a violin virtuoso?

MAESTRO: You must practice 48 hours every day on the tuba. I will sell you a tuba.

ASPIRING VIOLINIST:  But there are only 24 hours in a day. Did you say tuba?

MAESTRO: If you won’t follow my advice, I can’t help you.

More Madness than Method

It sounds absurd, but conversations like this unfold daily when enterprise cyber practitioners meet with industry vendors and security consultants. The industry tells them that they are not doing enough. They must install more security technology, hire more analysts, and patch more frequently. This may seem simple; merely a matter of budget and execution. But the technology is not up to the task and the cost of following this advice to the letter would force enterprises to spend themselves out of existence. And it still wouldn’t work. Not enough hours, wrong instrument.

Read More

Topics: Exploits, Moving Target Defense

Socrates and Cyber Security

Posted by Arthur Braunstein on May 25, 2016 11:40:10 PM

The ancients’ experience of modern computing was limited to say the least, but they gave us a nice framework, the Socratic Method , that moderns can use for dealing with the problem of cyber security. The Socratic Method is a process of question and response, designed to challenge and eliminate bad ideas, refine good ideas, and arrive at sound conclusions. If it worked for Socrates, maybe it will work for us. Here is dialogue that unfolds between Socrates and the Security Architect of, for the purposes of this exercise, the Bank of The Peloponnese.

Read More

Topics: Patching, Endpoint Security, cybersecurity

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....