Top 25 Voices in Security

Reprinted from Sys-Con Media and

The Security community has a growing number of influential and important people, especially as the industry rises to meet the need to address more advanced security threats, such as targeted attacks. But how does a company in the security industry truly identify the influential people? And then once identified, how does one use influential voices to help promote their brand? In this study, we answer the first question – how to identify the most powerful voices in your industry, focusing on the security space, and as part of this we provide you a list of people to follow for the best, most up to date information, and who have the loudest voices to help help carry some of your key messages. In a future study, we will discuss how to further exploit that knowledge to market your brand.

As executives in a fast-changing and social world, many of us struggle with the ability to have our voices heard by our target customers, especially as news in our industry is gaining more attention (e.g. a “hot space”). You would think that if you were a part of an emerging category, that people would pay attention to you. However, getting above the “noise” is a problem for some companies.

Until now we’ve found ourselves using traditional and often ineffective marketing and sales tools. With firms like Radian6, Eloqua, Marketo and the like, CMOs are being presented with new ways of leveraging social networks to understand, target, and reach their markets.

According to leading researchers, some individuals in your target industry have greater influence than others, holding a virtual megaphone powered by their social graph. The term “social graph,” coined a few years ago by Facebook CEO, Mark Zuckerberg, is also referred to as the “open graph,” and is used to describe an aggressive initiative to connect the dots between the relationships and associations built on Google+, Facebook, Twitter, Linkedin, Foursquare, other public social networking services, and emerging private enterprise social networks like Salesforce’s Chatter, Yammer, and others. Emerging companies like Klout also use the open graph to measure the number of people you reach, how much those people amplify your message, and ultimately the strength of your network.

When you look at established industries like Security, more well-known people, like executives of incumbent security companies, are considered the influencers, while others who are less known exist in niches in the blogosphere or in newly formed circles. Examples of niche groups might include the Cloud Security Alliance, or U.S. congressman Mac Thornberry’s Cybersecurity Task Force. You can argue that some people in these niche groups might not even be considered security “experts” or “thought leaders”. However, by being associated with an area which is highly visible from a security perspective (e.g. cloud), their voices can still carry significant weight.

Our thesis is that these smaller groups in security can have the most powerful voices. Collectively; however, ALL these groups consist of a number of the most vocal, most followed and re-posted commentators in the security community today. If you are involved in security (as a new startup or an established player), there are a select number of people you need to know.

In compiling our ranking of the Most Powerful Voices (“MPV”) in security, we took advantage of concepts similar to Google PageRank for people, working with researchers and thought leaders such as Mark Fidelman (see “The Most Powerful Voices in Open Source”).

The metrics needed to measure both broadcast power and profundity were identified through a number of studies performed across several industry categories. Although there have been many advancements in the area of social marketing, the work presented here still requires techniques not yet offered by any single social graph tool available today.

The MPV formula is based on “reach” by examining the number of followers and buzz an individual has on sites like Google and Twitter. We then determine how much impact an individual has with their followers and subscribers. We ask questions like: If you have a twitter account, how often are you uniquely referenced, or retweeted? How much buzz is created around your blog posts, tweets, Quora answers, Linkedin groups, and other messages? How often is an individual referenced in the blogosphere?

Top Executive Voices in Security

The MPV formula illustrates how much additional broadcast power an individual has versus an average active person (defined later). For example, Eugene Kaspersky, CEO of Kaspersky Lab, has 5,035 times more broadcast power reach than the average person, while Enrique Salem, CEO of Symantec, has a respectable 855 times more broadcast power than the average person. At the surface, security executives are good targets when searching for powerful voices. However, most, if not all, powerful executives are governed or constrained on what they can say. You won’t find CEOs of publicly traded companies providing transparent dialog about their opinions on controversial topics (although Leo Apotheker, CEO at HP, may prove me wrong on one or both of these points). In addition, it’s quite difficult to get executives to speak on your particular topic, or about your brand. [Note: We included Ex-CEO from McAfee, David DeWalt, because we assume we’ll hear of his next high-profile placement and we can update the company then].

Top Media/Blogger Voices in Security

Then there’s the power of active security bloggers like Bruce Schneier (“Schneier on Security”) who has a voice which is 8,252 times the average. Yes, that’s more than Eugene Kaspersky! Why? Because he’s willing to speak his mind on topics where people want transparent and insightful perspective. Also, a dialog can occur between the average person and a blogger. It’s easier to reach even the most well known bloggers or editors of news and media properties.

Top Voices in Cloud and Security

We looked at the top 100 voices in cloud computing and searched for those discussing security. Some voices were found to be as high as 5,700 times the average person. As an example, Reuven Cohen, founder and CTO of Enomaly, may not be solely focused on the security industry, but security is the number one issue when it comes to cloud adoption. So why is Reuven’s voice stronger than Eugene Kaspersky? We speculate that this is based on the fact that Reuven is a very ungoverned and vocal voice at an early-stage startup, and that the audience for these voices may assume that startups generally help define the trends and direction of the industry.

Top Government Leaders and Security

We debated whether to include government officials due to their more general public following. Government leaders have a much different audience than those following security executives. However, many government officials are actively involved in security. For example, Susan Collins, who is a ranking member of the Homeland security and Governmental Affairs Senate Committee, is a co-author of comprehensive cybersecurity legislation, which resulted in much debate in prominent media outlets such as Forbes and the Washington Post.

In addition, as we searched for people who are addressing topics in cyber security, we found people such as U.S. Representative for California’s 49th congressional district, Darrell Issa and, of course, the 30th Deputy Secretary of Defense, William Lynn III, who currently maintain voices 31,195 and 25,935 times that of the average person, respectively!

Therefore, we ultimately decided to include government officials because when they communicate they generate a lot of attention.

Chief Information Security Officers

Our survey of over 100 CISOs resulted in the top 10 voices exceeding 1,300 times  that of the average person (e.g. See Mandiant CSO, Richard Bejtlich, and Facebook CISO, Joe Sullivan). CISOs or CSOs are prominent figures in the enterprise now. With the rise of advanced persistent threats (APTs), these executives are under growing pressure to lock down their company’s intellectual property. In our recent discussions with several Fortune 100 CISOs, some believe there are several APTs lying dormant and undetected in their enterprise today. Look at the recent example of a highly sophisticated and targeted attack on Google’s corporate infrastructure originating from China that resulted in the theft of intellectual property back in early 2010.

Therefore, when CISOs transparently talk about their findings (which may not happen often due to security reasons!), people will listen (see Yahoo! CISO, Justin Somaini’s, survey on Information Security Function, Governance and Risk Management, Culture and Communication, Metrics and KPI’s).

Security Analysts

Lastly, we surveyed over 75 of the top security analysts with the top 10 having voices which ranged from 347 to 710 times the average person. This is no surprise when you see analysts like Gartner’s Neil MacDonald openly discussing sensitive topics like what RSA did wrong following the SecurID breach earlier this year.

The Most Powerful Voices in Security

(see the table below infographic for #1 – #100)


The Rest of the Top 100

Keep in mind the rankings are relative to the others on the list. That means everyone on the list has a much higher criteria impact than the average active person. Also, note that most of the dimensions that make up the MPV are from the past 90 days.

Rank Most Powerful Voices In Security MPV Score
1 Darrell Issa 1,405,336
2 William Lynn III 1,168,351
3 Bruce Schneier 371,731
4 Brian Krebs 261,450
5 Reuven Cohen 257,846
6 Eugene Kaspersky 226,808
7 Graham Cluley 224,717
8 Susan Collins 212,000
9 Werner Vogels 210,574
10 Christofer Hoff 122,306
11 Jeremiah Grossman 104,862
12 Richi Jennings 100,294
13 James Hamilton 80,600
14 Jeff Jones 75,658
15 Richard Stiennon 73,186
16 Stephen Foskett 72,678
17 Kevin Poulsen 72,158
18 Dana Gardner 67,704
19 Robert McMillan 66,140
20 Sramana Mitra 59,920
21 Richard Bejtlich 59,761
22 David Harley 57,098
23 Paul Miller 56,050
24 Dino A. Dai Zovi 53,015
25 Bret Hartman 49,820
26 Lenny Zeltser 48,171
27 Paul Henry 43,185
28 Brian Gracely 42,800
29 Alex Williams 42,105
30 Chris Wolf 41,252
31 Simon Crosby 40,124
32 Enrique Salem 38,520
33 Kim Zetter 37,496
34 Dan York 37,474
35 Krishnan Subramanian 35,901
36 Lori MacVittie 35,661
37 Todd Gebhart 35,330
38 Tyler Shields 34,912
39 David Kravets 33,481
40 Andrew Hay 33,136
41 Jay Radcliffe 32,285
42 Neil MacDonald 32,000
43 Branden Williams 31,810
44 Rich Mogull 31,131
45 Dr Anton Chuvakin 31,088
46 Dave Hansen 30,900
47 John Pescatore 29,650
48 Tim Wilson 29,430
49 David DeWalt 28,930
50 Scott Stewart 28,295
51 David Lacey 28,020
52 Bernard Golden 27,181
53 Patrick Murray 27,010
54 Dan Goodin 25,880
55 Derrick Harris 25,251
56 Avivah Litan 25,180
57 Matt Flynn 24,314
58 Abhishek Singh 23,610
59 Mac Thornberry 22,950
60 Tom Ritter 22,310
61 Scott Charney 21,850
62 Siobhan Gorman 21,120
63 Ellen Rubin 20,862
64 W. Mark Brooks 20,730
65 Greg Young 20,666
66 George Kurtz 20,615
67 Andrew Storms 19,130
68 Bob Blakley 18,540
69 Joe Sullivan 18,120
70 Mike Murray 17,922
71 Brian Babineau 17,913
72 Jessica Davis 17,790
73 Rob Rachwald 17,590
74 Dustin Amrhein 17,116
75 Mike Rothman 17,047
76 Luther Martin 16,910
77 Steve Ragan 16,790
78 Jon Oltsik 16,723
79 Tony Palmer 16,510
80 Eric Hall 16,204
81 Ian Glazer 15,884
82 Robin Wilton 15,644
83 Jim Reavis 15,584
84 Colin Watson 15,560
85 Phil Wainewright 15,551
86 Lauren Whitehouse 15,237
87 Kevin L. Jackson 15,130
88 Tom Cross 15,030
89 Earl Perkins 14,530
90 Ignacio M. Llorente 14,429
91 Mark Diodati 13,910
92 Barton George 13,898
93 Chirag Mehta 13,808
94 Eva Chen 13,600
95 Dan Blum 13,180
96 Jay Heiser 13,120
97 Mark McLaughlin 13,050
98 Byron Acohido 13,026
99 Nikolay Grebennikov 11,360
100 Kevin Kampman 9,600


Our study included over 140 security company executives, 320 bloggers and people in media, 100 of the top people in cloud computing, 30 people involved in specialized organizations like IBM’s X-Force, over 20 government officials, over 130 leading CISOs, and 75 industry analysts from notable firms such as Gartner, IDC, Forrester, ESG, and others. In total we researched over 800 people.

Please note that our ranking is not the final word on the subject, but the beginning of a discussion. For example, a Director at Symantec (who will remain anonymous) assisted us in double-checking our work, and couldn’t help but be of the opinion that Enrique Salem, Steve Trilling, and Rowan Trollope belong as 1-3 on every list (lol). So why isn’t Michael DeCesare or George Kurtz from McAfee on the list? Eva Chen from Trend Micro? Harriet P. Pearson, Nick Coleman, or Phil Neray from IBM? Did we miss anyone? You maybe? What did we get wrong? Please give us your thoughts by commenting below.

Other MPV Criteria

Must be an active social media individual now (Buzz metrics were taken from last 90 days).

We included corporate twitter accounts only when it was clear that it represents the voice of the individual.

They are known to speak on topics within the security community.

We removed irrelevant hits where necessary such as those for similarly-named individuals.

We’re defining the average active person as an active Internet user with an average level of impact, influence and use of social tools.

Next Steps

Are you wondering why some people made it on the Top 100 when they have less to do with security than others who didn’t? We hypothesize that a strong voice (who is not a security expert) can actually speak to an audience who does care about security. In this case, they could be more useful than a week voice (who is an expert). Sure, we want to follow the experts and thought leaders to gather further domain knowledge, trends, and vision. But lets say that we would like to challenge the status quo on a security topic in the cloud computing space. Do we engage Eugene Kaspersky on the topic? Maybe, or maybe we engage Paul Miller. In a future study, we will discuss how to further leverage your network of the influencers.

Be Proud If You Are In a Top Category

Are you one of the “Most Powerful Voices in Security”?

Add a note or badge (see below) to your website or blog to let people know that you are one of the most powerful voices in the security community.

Follow some of the more vocal security voices by automatically adding our twitter list here.

About The Author

Jim Kaskade is a CEO of ten years. Most recently serving as SVP and General Manager at SIOS Technology, a publicly traded firm in Japan, where he led a business unit focused on developing private cloud Platform as a Service targeted for Fortune 500 enterprises. Jim has been heavily involved in all aspects of security as it applies to the cloud, meeting with prominent CIOs and CISOs of Fortune 100 companies to better understand their cloud security needs. He also has direct security domain knowledge from his experience as founder and CEO of a SaaS company, which secured the digital media assets of over 10,000 businesses including Fortune 100 customers such as Lucasfilm, the NBA, Sony BMG, News Corp, Viacom, and IAC. Jim is also one of the Top 100 bloggers on Cloud Computing selected by the Cloud Computing Journal.

Jim Kaskade

Jim Kaskade is a serial entrepreneur & enterprise software executive of over 36 years. He is the CEO of Conversica, a leader in Augmented Workforce solutions that help clients attract, acquire, and grow end-customers. He most recently successfully exited a PE-backed SaaS company, Janrain, in the digital identity security space. Prior to identity, he led a digital application business of over 7,000 people ($1B). Prior to that he led a big data & analytics business of over 1,000 ($250M). He was the CEO of a Big Data Cloud company ($50M); was an EIR at PARC (the Bell Labs of Silicon Valley) which resulted in a spinout of an AML AI company; led two separate private cloud software startups; founded of one of the most advanced digital video SaaS companies delivering online and wireless solutions to over 10,000 enterprises; and was involved with three semiconductor startups (two of which he founded, one of which he sold). He started his career engineering massively parallel processing datacenter applications. Jim has an Electrical and Computer Science Engineering degree from University of California, Santa Barbara, with an emphasis in semiconductor design and computer science; and an MBA from the University of San Diego with an emphasis in entrepreneurship and finance.

One thought on “Top 25 Voices in Security

Comments are closed.