Damien’s Substack

Share this post

Damien’s Substack
Damien’s Substack
"Resilience isn’t just about systems bouncing back—it’s about your team having the capacity to tackle tomorrow’s crisis after solving today’s."
Copy link
Facebook
Email
Notes
More

"Resilience isn’t just about systems bouncing back—it’s about your team having the capacity to tackle tomorrow’s crisis after solving today’s."

Signal to Noise with Paul Drapeau

Damien Lewke
Dec 10, 2024
6

Share this post

Damien’s Substack
Damien’s Substack
"Resilience isn’t just about systems bouncing back—it’s about your team having the capacity to tackle tomorrow’s crisis after solving today’s."
Copy link
Facebook
Email
Notes
More
5
Share

In this edition of Signal to Noise, I had the pleasure of sitting down with Paul Drapeau, a seasoned cybersecurity leader whose experience spans startups, consulting, and major enterprise security programs. Paul’s unique background, including his time at Carbon Black and his current role leading security for New Balance, provided valuable insights into the evolving challenges of cybersecurity.

Our discussion centered on finding signal in the noise, balancing risk, and the human element of security. Below are the key takeaways, summarized to help security teams navigate today’s complex landscape.

Paul’s Journey: A Perspective Shaped by Varied Experience

Paul’s cybersecurity career has been shaped by a diverse set of experiences. Starting in IT and networking and more recently with incident response consulting, he has helped organizations build robust security programs and optimize their technology stacks. His time at Carbon Black gave him early exposure to the EDR space, where he played a key role in advancing endpoint detection and response capabilities.

“I’ve seen the industry from multiple angles—consulting, product development, and now leading security at a major enterprise. Each perspective informs how I approach risk and resilience,” Paul noted.

This multifaceted experience has given Paul a unique understanding of the challenges organizations face when managing security across diverse environments.

Defining Signal to Noise: The Balance Between Insight and Overload

Paul’s take on “signal to noise” is rooted in both technology and human interaction. On the technical side, he emphasized the importance of calibrating systems to surface actionable insights without overwhelming teams with low-value alerts.

But Paul also highlighted the non-technical side, focusing on understanding the real concerns of business leaders:

“Security isn’t just about monitoring dashboards. It’s about teasing out what people really mean when they talk about risk. What keeps them up at night? That’s where the real signal lies.”

He warned against the tendency to collect every possible data point, which can flood systems with noise and make it harder to identify critical threats. Effective signal management, he argued, is about aligning detection strategies with the business’s risk tolerance and critical assets.

An abstract and artistic depiction of a person surrounded by a chaotic swirl of bright, overlapping text, symbols, and fragmented logos representing vendor messaging and noise. The figure is at the center, with a puzzled and overwhelmed expression, while the background features a storm of colorful, disorganized shapes and digital artifacts symbolizing confusion and information overload. The scene conveys a sense of chaos and disarray.

FUD and AI Marketing: The Double-Edged Sword

The conversation turned to the role of fear, uncertainty, and doubt (FUD) in cybersecurity marketing. Paul acknowledged that FUD, when used responsibly, can be an effective tool for educating organizations about emerging risks.

“Sometimes, organizations need a wake-up call. If you’re showing me risks I haven’t considered and offering actionable solutions, that’s valuable. But FUD crosses the line when it’s just scare tactics without substance,” Paul explained.

He also touched on the growing prevalence of AI in security products, cautioning against overhyping its capabilities. “AI can add value, but slapping ‘AI-powered’ on your product raises questions. Customers worry about data privacy, model transparency, and real-world effectiveness.”

Paul encouraged vendors to focus on transparency and concrete use cases rather than leaning on buzzwords.

Investing in Security: Aligning Resources with Business Goals

When it comes to prioritizing security investments, Paul is a pragmatist. He advocates for a risk-based approach, where investments are guided by both the business’s critical assets and the current threat landscape.

“It’s not about buying every shiny tool or having the most controls. It’s about understanding what’s truly critical to your organization and focusing your resources there,” Paul said.

He described a simple yet effective process for aligning security investments:

  1. Assess Current Capabilities: Understand where your organization stands regarding security maturity.

  2. Map to Business Needs: Identify the assets and processes that are most critical to the business.

  3. Prioritize Based on Risk and Impact: Invest in areas that reduce the most significant risks with the least friction to the business.

Paul emphasized that this approach helps avoid underinvestment and the pitfalls of overinvesting in areas that don’t provide real value.

Resilience: The Human Factor

For Paul, resilience isn’t just about systems bouncing back after an incident. It’s about the people who keep those systems running.

“The biggest challenge isn’t just fighting fires—it’s ensuring your team can fight the next fire tomorrow,” Paul remarked. He highlighted the need to invest in the well-being and capacity of security teams, ensuring they aren’t burned out by constant alert fatigue or high-pressure incidents.

Paul also stressed the importance of having the right partners to augment internal capabilities, especially during high-stress periods. “No team can do it all. Having trusted partners who understand your environment and can step in when needed.”

Advice for Security Vendors: Start with Value

Paul offered candid advice for vendors looking to stand out in a crowded market. The key is understanding your target customers' unique challenges and delivering solutions that provide real value.

“The worst pitch I get is, ‘Can I have 30 seconds of your time?’ That’s not value. Show me how your solution addresses a problem I care about. Better yet, engage with my team on the ground—those in the trenches almost always know the gaps better than I do.”

Paul emphasized that the most successful vendors position themselves as partners, not just product providers. Building long-term relationships based on trust and mutual benefit is how to earn a spot in any organization’s security stack.

Conclusion: A Practical Blueprint for Security Success

My conversation with Paul Drapeau highlighted the importance of balancing technology, processes, and people in building effective security programs. His insights offer a roadmap for cutting through the noise and focusing on what truly matters: aligning security efforts with business goals, managing risk effectively, and ensuring the resilience of both systems and teams.

From refining detection strategies to fostering trust-based vendor relationships, Paul’s approach underscores the importance of pragmatism and adaptability in today’s cybersecurity landscape.

Stay tuned for more Signal to Noise conversations, stay secure, and stay curious, my friends!

Damien

6

Share this post

Damien’s Substack
Damien’s Substack
"Resilience isn’t just about systems bouncing back—it’s about your team having the capacity to tackle tomorrow’s crisis after solving today’s."
Copy link
Facebook
Email
Notes
More
5
Share

Discussion about this post

No posts

Ready for more?

© 2025 Damien Lewke
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More