WEBVTT 1 00:00:02.100 --> 00:00:05.130 Anna Delaney: Welcome to the ISMG Editors' Panel live at RSA 2 00:00:05.130 --> 00:00:09.630 Conference 2023 in sunny San Francisco. I'm Anna Delaney, and 3 00:00:09.630 --> 00:00:12.480 I'm joined by my colleagues, Tom Field, Mathew Schwartz and 4 00:00:12.480 --> 00:00:15.270 Michael Novinson. Gentlemen, hello, we're back. 5 00:00:15.750 --> 00:00:16.320 Tom Field: We're here. 6 00:00:16.350 --> 00:00:17.520 Mathew Schwartz: Great to be here, live. 7 00:00:17.550 --> 00:00:18.090 Tom Field: Good to be back. 8 00:00:18.240 --> 00:00:19.320 Michael Novinson: Good to be with you, Anna. 9 00:00:19.380 --> 00:00:21.960 Anna Delaney: Very good. Well, we are presenting coverage from 10 00:00:21.960 --> 00:00:26.340 the event on a daily basis. What are highlights for you today? 11 00:00:26.660 --> 00:00:28.730 Tom Field: Anna, I'm thrilled. First of all, we've got probably 12 00:00:28.820 --> 00:00:32.060 well over 150 interviews booked in our two studios over the 13 00:00:32.060 --> 00:00:35.660 course of four days, and it is the "who's who" of global 14 00:00:35.660 --> 00:00:38.180 cybersecurity industry. Personally, I'm excited that 15 00:00:38.180 --> 00:00:41.810 we're going to start our day with Alberto Yepez, who is the 16 00:00:41.810 --> 00:00:45.080 managing director, co-founder of Forgepoint Capital and he'll be 17 00:00:45.080 --> 00:00:48.320 in here talking about the state of the cybersecurity community 18 00:00:48.320 --> 00:00:50.150 and investments. I know Michael's got a ton of 19 00:00:50.150 --> 00:00:52.970 interviews going on with venture capitalists over the course of 20 00:00:53.330 --> 00:00:56.810 the week. Eric Goldstein from CISA will be in here today, and 21 00:00:56.810 --> 00:01:00.470 we will have Jamil Farshchi, the CISO of Equifax. Excited to talk 22 00:01:00.470 --> 00:01:03.320 about his topics and his leadership in this community. So 23 00:01:03.530 --> 00:01:04.520 it all starts now. 24 00:01:04.580 --> 00:01:07.250 Anna Delaney: Yeah, exactly. Michael, lots of interviews 25 00:01:07.250 --> 00:01:08.840 planned. So what are you looking forward to? 26 00:01:08.990 --> 00:01:11.060 Michael Novinson: Of course, I'm excited. Today, we have Nikesh 27 00:01:11.060 --> 00:01:13.460 Arora, chairman and CEO of Palo Alto Networks coming in. We're 28 00:01:13.460 --> 00:01:16.130 going to be talking about the role of artificial intelligence 29 00:01:16.130 --> 00:01:19.340 in the SOC. Also, we're going to be speaking to Mary O'Brien, GM 30 00:01:19.340 --> 00:01:22.580 of IBM Security, about evolutions and threat detection 31 00:01:22.580 --> 00:01:26.390 and response and streamlining that process. Out in the main 32 00:01:26.390 --> 00:01:29.780 stages, we have Lisa Monaco, from the U.S. Attorney General's 33 00:01:29.780 --> 00:01:33.710 Office giving a keynote about doing near-term disruption to 34 00:01:33.710 --> 00:01:37.730 cyberthreats and really taking the offense. So I think there'll 35 00:01:37.730 --> 00:01:40.250 be a lot of content on the stages in our studios that I'll 36 00:01:40.250 --> 00:01:40.940 be watching for. 37 00:01:41.180 --> 00:01:43.580 Anna Delaney: Michael, earlier on, we were having a discussion 38 00:01:43.580 --> 00:01:46.100 about what to look forward to. There's a lot of interviews 39 00:01:46.100 --> 00:01:48.050 around generative AI. 40 00:01:48.080 --> 00:01:50.510 Michael Novinson: Yes, generative AI. We are five 41 00:01:50.510 --> 00:01:53.060 months into the ChatGPT conversation. 42 00:01:53.000 --> 00:01:54.260 Tom Field: Took three minutes for ChatGPT. 43 00:01:54.000 --> 00:01:58.980 Michael Novinson: Certainly from the venture capital community, 44 00:01:58.980 --> 00:02:01.260 they're really trying to figure out how to monetize this. What's 45 00:02:01.260 --> 00:02:04.200 interesting is this is kind of phase 2.0 of AI, that if you 46 00:02:04.200 --> 00:02:07.140 think of AI 1.0 and security was really about embedding AI into 47 00:02:07.140 --> 00:02:10.170 technology to speed up that detection response process, 48 00:02:10.170 --> 00:02:13.140 companies like CrowdStrike that really pioneered that. Now 49 00:02:13.140 --> 00:02:15.360 people are really thinking about how to secure AI models and 50 00:02:15.360 --> 00:02:18.510 algorithms itself, what does it look like to ensure that the 51 00:02:18.510 --> 00:02:21.360 data in them is accurate that they can't be tampered with? And 52 00:02:21.360 --> 00:02:23.430 we're going to see a lot of startups trying to figure out 53 00:02:23.430 --> 00:02:26.910 how do we actually go about doing that? That's definitely on 54 00:02:26.940 --> 00:02:29.070 top of mind for a lot of the VC folks who I'm going to be 55 00:02:29.070 --> 00:02:29.610 speaking with. 56 00:02:29.840 --> 00:02:31.850 Mathew Schwartz: I want to pick up on that as well, because one 57 00:02:31.850 --> 00:02:34.490 of the big themes, while the big theme this year is Stronger 58 00:02:34.490 --> 00:02:37.610 Together, I love a good theme. Okay, great. I can work with 59 00:02:37.610 --> 00:02:40.310 that, especially as a journalist, but Rohit Ghai, the 60 00:02:40.310 --> 00:02:44.150 CEO of RSA, is going to be speaking with us later this 61 00:02:44.150 --> 00:02:46.370 week, actually, I'm going to be interviewing him. And "The 62 00:02:46.430 --> 00:02:50.540 Looming Identity Crisis" is the name of his keynote. Obviously, 63 00:02:50.540 --> 00:02:53.180 identity, I think we can say it's a slightly abused word over 64 00:02:53.180 --> 00:02:56.750 the years. It means everything to so many people. But identity 65 00:02:56.750 --> 00:03:00.530 in AI is huge. And he's going to be talking about how we secure 66 00:03:00.530 --> 00:03:05.450 identity as AI looms, and we have all of these evolving 67 00:03:05.480 --> 00:03:09.650 security challenges. Obviously, just one of the themes, I'm 68 00:03:09.650 --> 00:03:12.590 really excited to be hearing, as usual, the latest threat 69 00:03:12.590 --> 00:03:16.580 intelligence, ransomware types of activity. So that's big on my 70 00:03:16.580 --> 00:03:17.390 agenda for this week. 71 00:03:17.420 --> 00:03:19.220 Anna Delaney: Any sessions in particular that you're looking 72 00:03:19.000 --> 00:03:19.870 Mathew Schwartz: While the cryptographers panel is one of 73 00:03:19.220 --> 00:03:19.940 forward to covering? 74 00:03:19.870 --> 00:03:20.650 my favorites, on Tuesday, because you have world-class 75 00:03:20.650 --> 00:03:23.320 panel of cryptography experts, including Adi Shamir, very 76 00:03:23.320 --> 00:03:34.060 outspoken. They're going to - if history is any guide, they will 77 00:03:34.060 --> 00:03:37.870 be holding back in terms of what they actually think about things 78 00:03:37.960 --> 00:03:42.220 in the past that's included blockchain, mass surveillance, 79 00:03:42.310 --> 00:03:46.360 privacy. This year, I am sure, we're going to be hearing a 80 00:03:46.360 --> 00:03:50.110 little bit about ChatGPT. And I'm really interested to hear 81 00:03:50.110 --> 00:03:53.590 what they think the use cases might be. Because they never 82 00:03:53.590 --> 00:03:58.990 hesitate to disabuse the industry of having too much love 83 00:03:58.990 --> 00:04:02.830 for something that isn't yet proven, you know, the latest 84 00:04:02.830 --> 00:04:06.370 shiny, flashy object. And I think we know what that is this 85 00:04:06.370 --> 00:04:11.680 year. So it'd be great to hear what they have to think about 86 00:04:11.680 --> 00:04:16.660 that, but with a bit of nuance, and with their incredible, rich 87 00:04:16.810 --> 00:04:19.810 background and history in cryptography that they all bring 88 00:04:19.810 --> 00:04:20.200 to that. 89 00:04:21.230 --> 00:04:25.520 Anna Delaney: Last year, the Ukraine crisis was a big issue 90 00:04:25.520 --> 00:04:30.380 and a big topic of discussion. Certainly in your interviews 91 00:04:30.380 --> 00:04:34.640 around cyber warfare, maybe less so this year. Who knows? Maybe 92 00:04:34.640 --> 00:04:37.580 that continues. I don't know what you're planning to discuss 93 00:04:37.580 --> 00:04:40.280 with your interviewees, but can that come up quite a bit? 94 00:04:40.330 --> 00:04:41.650 Mathew Schwartz: Definitely. We're going to be talking about 95 00:04:41.650 --> 00:04:44.440 cyber operations. So there's a really interesting degree of 96 00:04:44.440 --> 00:04:47.410 nuance that's come into this discussion, because there were a 97 00:04:47.410 --> 00:04:51.520 number of people before Russia intensified its invasion of 98 00:04:51.550 --> 00:04:55.960 Ukraine, February 24, 2022. Before that happens, a lot of 99 00:04:55.960 --> 00:04:58.210 people thought we were looking at all that cyber war, we 100 00:04:58.210 --> 00:05:01.420 thought there would be reprisals against the West for the 101 00:05:01.420 --> 00:05:05.140 audacity to support Ukraine in Russia's eyes. And what we have 102 00:05:05.140 --> 00:05:07.930 seen is nothing of the sort. There is a huge increase in 103 00:05:07.930 --> 00:05:12.160 wiper malware that went away. We've seen ongoing cyber 104 00:05:12.160 --> 00:05:14.800 operations, but not in coordination, pretty much with 105 00:05:14.800 --> 00:05:18.820 what's happening militarily from a kinetic perspective. Missile 106 00:05:18.820 --> 00:05:21.970 strikes are still the quickest way to disrupt infrastructure. 107 00:05:22.360 --> 00:05:24.970 The really great hacking seems to be reserved, maybe for 108 00:05:24.970 --> 00:05:28.390 espionage and things that maybe we don't know about yet, because 109 00:05:28.420 --> 00:05:30.640 that is very useful from an intelligence gathering 110 00:05:30.640 --> 00:05:33.760 perspective for Russia. So I look forward to getting into 111 00:05:33.760 --> 00:05:33.880 that. 112 00:05:33.880 --> 00:05:36.490 Tom Field: Don't discount the impact of disinformation as 113 00:05:36.490 --> 00:05:39.340 well, because we certainly have seen that and continue to, and I 114 00:05:39.340 --> 00:05:42.040 know, I've done a lot of the pre-discussions with people 115 00:05:42.040 --> 00:05:46.090 we're going to talk to, The impact of Russia and Ukraine is 116 00:05:46.090 --> 00:05:49.540 a topic of discussion throughout our four days, and certainly 117 00:05:49.540 --> 00:05:51.400 critical infrastructure protection, including the 118 00:05:51.400 --> 00:05:53.680 government people that we're bringing in here who want to 119 00:05:53.680 --> 00:05:55.990 talk about the new national cybersecurity strategy. 120 00:05:55.000 --> 00:05:58.480 Mathew Schwartz: I was going to say, wonderful. It's wonderful 121 00:05:58.960 --> 00:06:02.170 from an emphasis standpoint that the war has allowed us. We've 122 00:06:02.170 --> 00:06:04.810 been talking about critical infrastructure since 9/11. It's 123 00:06:04.810 --> 00:06:07.870 allowed us to finally get ... I think, organizations like CISA, 124 00:06:07.900 --> 00:06:10.360 up and running, and getting their perspective on things to 125 00:06:10.360 --> 00:06:12.730 help strengthen it. And we're seeing that in Britain as well. 126 00:06:12.000 --> 00:06:14.820 Michael Novinson: I think from a critical infrastructure 127 00:06:14.820 --> 00:06:17.160 perspective, something that's come up for some of the 128 00:06:17.160 --> 00:06:19.230 conversations I had is how to bring that protection to 129 00:06:19.230 --> 00:06:21.120 resource constrained organizations, at least in the 130 00:06:21.120 --> 00:06:23.520 United States. You have a lot of water districts who are 131 00:06:23.520 --> 00:06:26.340 districts that are just municipal run. And it's one 132 00:06:26.340 --> 00:06:28.380 thing if you're talking about a state that they have the 133 00:06:28.380 --> 00:06:30.570 resources and they have the personnel to secure it. But when 134 00:06:30.570 --> 00:06:33.450 you're talking about tampering with water systems or tampering 135 00:06:33.450 --> 00:06:36.270 with electric grids. If you have a new municipal run electric 136 00:06:36.270 --> 00:06:38.280 system, how do you bring protection to those 137 00:06:38.280 --> 00:06:41.070 organizations? It's something that's I'm excited to talk about 138 00:06:41.100 --> 00:06:44.610 with multiple executives in the critical infrastructure board 139 00:06:44.610 --> 00:06:45.120 space. 140 00:06:45.000 --> 00:06:48.000 Tom Field: And OT will come up certainly. And as you're 141 00:06:48.000 --> 00:06:51.450 alluding to, what about the small to midsize organization 142 00:06:51.450 --> 00:06:53.100 whether it's an enterprise or an agency? 143 00:06:53.970 --> 00:06:55.590 Anna Delaney: One word that hasn't come out yet - 144 00:06:55.680 --> 00:06:59.760 ransomware. How do you see the conversation, perhaps, just by 145 00:06:59.760 --> 00:07:03.540 looking at the agenda? How has the conversation changed? And 146 00:07:03.600 --> 00:07:06.660 certainly by your interviews, what are people looking forward 147 00:07:06.660 --> 00:07:08.340 to discussing when it comes to ransomware? 148 00:07:09.240 --> 00:07:11.640 Tom Field: I've had some people actually want to come and talk 149 00:07:11.640 --> 00:07:15.960 about ransomware and it hasn't gone away. There's a theme I'm 150 00:07:15.960 --> 00:07:19.740 hearing about with some individuals or organizations 151 00:07:19.740 --> 00:07:22.140 wanting to say we've got ransomware taken care of when 152 00:07:22.170 --> 00:07:25.170 really we don't and it hasn't gone away. So I've had some 153 00:07:25.170 --> 00:07:27.600 people come to me and say we want to talk about why this is 154 00:07:27.600 --> 00:07:28.860 still a top level concern. 155 00:07:29.410 --> 00:07:31.570 Mathew Schwartz: It hasn't gone away, and it won't go away. And 156 00:07:31.570 --> 00:07:33.670 if you have something that's working today, the criminals are 157 00:07:33.670 --> 00:07:35.470 going to try to find a way to make sure it doesn't work 158 00:07:35.500 --> 00:07:38.800 tomorrow. So we've got that constant innovation, which is 159 00:07:38.800 --> 00:07:41.290 always one of the great things about sitting down with the 160 00:07:41.290 --> 00:07:44.440 experts here at RSA is what are you seeing, where do you think 161 00:07:44.440 --> 00:07:46.660 things are headed? Because a lot of the people we're talking to 162 00:07:46.660 --> 00:07:49.330 have got their ear to the ground, threat intelligence, 163 00:07:49.360 --> 00:07:51.550 monitoring of cybercrime underground sort of stuff. 164 00:07:51.970 --> 00:07:54.340 There's a huge amount of innovation and creativity 165 00:07:54.370 --> 00:07:57.340 amongst the criminals. And so it's useful and important to 166 00:07:57.340 --> 00:07:59.230 track what's happening. 167 00:07:59.320 --> 00:08:00.730 Tom Field: It's real! This is our opportunity to find out 168 00:08:00.730 --> 00:08:01.240 what's real. 169 00:08:02.710 --> 00:08:04.510 Anna Delaney: We have been talking a lot about the 170 00:08:04.510 --> 00:08:07.540 turbulent economic times recently and the impact on the 171 00:08:07.570 --> 00:08:11.950 cybersecurity industry. Are you expecting to have conversations 172 00:08:11.950 --> 00:08:15.190 along these lines? Or is there a more positive tone in the room? 173 00:08:15.870 --> 00:08:17.804 Michael Novinson: 30,000 foot view, it's a very interesting 174 00:08:17.851 --> 00:08:20.776 time, because last year, we were really heading into the abyss 175 00:08:20.824 --> 00:08:23.419 and there was a lot of uncertainty. I think things have 176 00:08:23.466 --> 00:08:26.344 evened out, certainly for the public companies that pessimism 177 00:08:26.391 --> 00:08:29.127 has been baked in. And I think things are pretty stable in 178 00:08:29.175 --> 00:08:31.722 terms of stock prices and personnel - for the publicly 179 00:08:31.770 --> 00:08:34.506 traded companies. I think there's still some rationalizing 180 00:08:34.553 --> 00:08:37.337 going on in the private sector. We're certainly seeing some 181 00:08:37.384 --> 00:08:40.074 late-stage jobs growing quite a lot of folks like Wiz and 182 00:08:40.121 --> 00:08:42.857 Netskope and will be in our studios, but some of the other 183 00:08:42.904 --> 00:08:45.924 late stage startups have had to look toward layoffs. And they've 184 00:08:45.971 --> 00:08:48.897 had to bring in new CEOs, maybe with the eye toward finding an 185 00:08:48.944 --> 00:08:51.775 exit finding a buyer. And that if the early stage world that 186 00:08:51.822 --> 00:08:54.747 there's questions about trying not necessarily the seat in the 187 00:08:54.794 --> 00:08:57.719 A rounds, but getting that B and a C round, that investors are 188 00:08:57.767 --> 00:09:00.598 trying to think what are the things look like a couple years 189 00:09:00.645 --> 00:09:03.381 down for now? How do I make money on my investment? That's 190 00:09:03.428 --> 00:09:06.023 been tough. We had a company that was in the innovation 191 00:09:06.071 --> 00:09:09.043 sandbox here last year who just got acquired a few weeks ago at 192 00:09:09.090 --> 00:09:11.827 a pretty modest price. So I think trying to figure out how 193 00:09:11.874 --> 00:09:14.516 to get from that early stage, that mid stage. Late stage 194 00:09:14.563 --> 00:09:17.394 startup is tough along with the late stage startup having to 195 00:09:17.441 --> 00:09:20.178 think about what is the IPO market going to open and if an 196 00:09:20.225 --> 00:09:23.150 IPO is realistic for us, given our balance sheet. What are all 197 00:09:23.197 --> 00:09:24.000 our alternatives? 198 00:09:25.230 --> 00:09:31.320 Anna Delaney: This year reminds me more of 2018 - my first RSA. 199 00:09:31.500 --> 00:09:35.820 The last year, I felt there was a buzz and an energy and lots 200 00:09:35.820 --> 00:09:39.600 and lots of people. Already this year I feel there are more 201 00:09:39.600 --> 00:09:44.400 handshakes, fewer masks, we're promised maybe 40,000 people 202 00:09:45.150 --> 00:09:47.880 throughout the course of the week. So it just reminds you, 203 00:09:47.880 --> 00:09:51.510 this Stronger Together theme. What do you think it means for 204 00:09:51.510 --> 00:09:53.310 the industry? A bit of corny question. 205 00:09:55.800 --> 00:09:58.890 Mathew Schwartz: I think it's a wonderful energy. I think I 206 00:09:58.890 --> 00:10:02.160 already feel that and I think there is a level of optimism 207 00:10:02.160 --> 00:10:06.600 perhaps in terms of where we're going now. I think last year, it 208 00:10:06.600 --> 00:10:09.930 was a little shell shocked. And you really felt that and saw 209 00:10:09.930 --> 00:10:13.320 that in terms of ... when you just looked around you. I think 210 00:10:13.320 --> 00:10:15.960 it felt that way. We all felt that way. And so I do think 211 00:10:15.960 --> 00:10:18.840 maybe we're coming out of the winter. And maybe hopefully it's 212 00:10:18.840 --> 00:10:20.520 springtime, again for cybersecurity. 213 00:10:20.000 --> 00:10:21.080 Michael Novinson: I'll say from a technology standpoint, that I 214 00:10:21.080 --> 00:10:22.610 think there is a lot of focus on partnership and integration that 215 00:10:22.610 --> 00:10:23.780 if you look at the evolution of single-vendor SASE, which was 216 00:10:23.780 --> 00:10:24.980 really 12 months ago, so a lot of debate about do you purchase 217 00:10:25.070 --> 00:10:27.890 the piece parts separately, or do you purchase it together. 218 00:10:28.220 --> 00:10:33.770 We've seen M&A activity, we've seen partnerships, really 219 00:10:37.040 --> 00:10:39.710 driving, getting that SD-WAN and SSE from a single vendor. We're 220 00:10:39.710 --> 00:10:42.950 seeing that a lot around XDR, and building that open up XDR 221 00:10:42.950 --> 00:10:46.250 network. So I think there's a lot of focus on trying to get 222 00:10:46.400 --> 00:10:49.730 more under one roof so that customers are having to manage 223 00:10:49.730 --> 00:10:52.430 fewer vendor relationships, both from a security standpoint, as 224 00:10:52.430 --> 00:10:54.380 well as from an economic standpoint. 225 00:10:54.740 --> 00:10:57.620 Tom Field: For me, it's the idea, from ISMG perspective, we 226 00:10:57.620 --> 00:11:01.640 have got the largest team we've ever had here at RSA, covering 227 00:11:01.670 --> 00:11:05.090 every one of our business units. We've got individuals here from 228 00:11:05.090 --> 00:11:08.660 North America, from the U.K., from Europe, from India, from 229 00:11:08.660 --> 00:11:12.080 Israel, and we've got the opportunity to speak to more 230 00:11:12.080 --> 00:11:15.320 people than we ever have before. And to bring this back to our 231 00:11:15.320 --> 00:11:18.170 audience. So I think to me stronger together is a group 232 00:11:18.170 --> 00:11:20.300 that we brought here from ISMG and I'm proud to work with you 233 00:11:20.300 --> 00:11:22.220 all. We got a week ahead of us. 234 00:11:22.250 --> 00:11:23.900 Anna Delaney: Well said! It's going to be an excellent week. 235 00:11:25.490 --> 00:11:27.890 Thank you very much. Thanks for watching and stay tuned for our 236 00:11:27.890 --> 00:11:30.530 daily updates. For ISMG, I'm Anna Delaney.