Stephen Kho
Managing Principal, Enterprise Consulting Services
Hewlett Packard Enterprise


Stephen is currently the Managing Principal within HP Enterprise Consulting Services for the Australia, New Zealand and SE Asia regions where his team delivers professional services across several technologies and security capabilities including SIEM, data encryption, application security and Security Intelligence Operations (people & process).

Prior to joining HPE, he was CISO Program Manager and Researcher at KPN in Netherlands.  He assisted the CISO in the creation of the Chief Information Security Office at KPN. Acts as deputy to the CISO to create, lead and motivate a 35 person team to address cyber security and business continuity issues at KPN, comprising of strategy and policy, ethical hacking, Computer Emergency Response Team (CERT), and business security representatives.

He is a security professional with over 15 years of security industry experience across multiple business sectors including the financial and telecommunications.  Specifically, he has extensive knowledge in the areas of security architecture, security assurance/vulnerability assessment, & security technologies; arising from his network engineering, security consultancy and hands on penetration testing background.  Stephen’s recent research was focused on the area of GPRS Roaming eXchange network security. He recently presented at the Hack In The Box Security Conference in Amsterdam. https://www.linkedin.com/in/stephenkho


State of Security Operations Maturity Today


Organisations around the globe are investing heavily in information technology (IT) cyber defense capabilities to protect their critical assets. Whether protecting a brand, intellectual capital, and customer information or providing controls for critical infrastructure, the means for incident detection and response to protect organisational interests have common elements: people, processes, and technology.

The maturity of these elements varies greatly across individual enterprises and industries. In the State of Security Operations Maturity report, Hewlett Packard Enterprise provides updates to the capabilities, lessons learned, and performance levels of security operations based upon maturity assessments performed on worldwide organisations.

Hewlett Packard Enterprise has over a decade of experience in supplying information security technology to world’s most advanced cyber defense and enterprise SOCs. We have worked with more of the world’s top cyber defense teams than any other IT security organisation, so we are uniquely qualified to publish this report.