>> ANNOUNCER: Please welcome
Chief Executive Officer Trellex Brian Palmer. >> BRIAN PALMER: Let's face
it, we're in a different era. So much has changed
in the past 30 years. We've gone from small audiences,
nobody would listen to us. Nobody felt we were important. Nobody believed we mattered. And then all of a sudden, we
reached a point where we are the most important figure, arguably
in an entire industry. They say things magically
changed overnight, but it is not true. Hearts and minds shifted one
era at a time, thanks to incredible dedication, stubborn
persistence, a commitment to a craft, and a unique, if
not heroic, ability to build a community. You might even say an army. I am talking, of course,
about Taylor Swift. Now, I don't know how many of
you have kids, but while I may be the CEO of an amazing
company, being a dad is without question the
role I am most proud of. One of the greatest parts about
being a dad is learning new things from your kids,
developing an appreciation for the things they love. For years now, I have been
listening to and developing an appreciation for Taylor's
music, thanks to my daughter. Taylor really does deserve every
ounce of the fame she's earned. She's incredible. So, not too long ago, I was
in the car with my wife and daughter, heading to a hike
out in Utah, when they decided to quiz me on
Taylor's different eras. We had a blast. The long drive went
by much faster. I held my own, put up a
respectable number of right answers for a Swifty dad, but it
got the wheels spinning about what I wanted to say here
at the RSA Conference. Because, if you think
about it, a CISO is a role with its own eras. When Steve Katz, who we recently
lost, he was a trailblazer, mentor to many, and
all-around great guy. He will be missed. When Steve was hired by
Citigroup in 1995, the role of CISO was very
much in its debut era. Nobody had a clue who we were. Nobody cared. One, maybe two folks in your
entire company knew your name. Your office was probably
somewhere near the computers, and if you walked into the
C-suite, people thought you were there to fix the printer. And I was one of those
early CISOs, for PepsiCo, in the early 2000s. I felt that invisibility, but I
also felt the pressure, albeit working with much less
sophisticated tools compared to those we have today. Before I joined PepsiCo in the
late 90s, I was a special agent with the Secret Service. I was on the job when the first
email threats against the president started happening. And talk about less
sophisticated tools. I was the guy who had to
drive out to AOL headquarters to figure out the
source of the threat. I remember sitting in the
waiting room, thinking it was taking as long to get in
the AOL building as it did to get online. Everybody remember that? But it really was the
dawn of a new era, really the first era. The CISO role was born. Then, around 2002,
things changed. It was no longer
the debut era. CISOs had demonstrated some
value, but nobody knew what to do with us. It is like Taylor's Red era. Is she country, or is she pop? With cybersecurity, the
questions were, who should the CISO report to? Where do we belong? Are we IT? Are we corporate security? Nobody really knew. This was also when we first
started to see CISOs becoming risk-focused, because this was
when the era of regulatory compliance really began. Think back to how
dramatically things shifted when Sarbanes-Oxley
was passed in 2002. All of a sudden, companies
started talking about controls and compliance. SOX is a classic example of
government regulation working. It pulled cybersecurity
professionals out of irrelevance and into the spotlight. Not quite center stage, but
definitely no longer invisible. Remember, this is on the
heels of the I love you virus and the Melissa virus. The world of cybersecurity
shifted, and the CISO role morphed in response. And a lot continued to change
during the mid-to-late 2000s. Attacks became more frequent. They became more complex. Nation-state actors started
playing a more central role. And attacks became
more expensive. All of which meant, if you
were a CISO, your phone started to ring a lot. And look, by the time Taylor
reached her reputation era, she was fully on the scene,
no different than CISOs. And who better to kick off our
reputation era than my good buddy, Kevin Mandia, who found
himself on the cover of Fortune. And, Kevin, please connect me to
whoever your photographer is. But in less than 20 years,
we went from invisible IT guy to magazine covers. It is pretty impressive. Cybersecurity professionals
are fully in the spotlight, for better or worse. Which brings us to today. Look how much has changed. I am of the opinion, or heck, I
really know for a fact, a CISO is one of the most important
roles within an organization. And I'm not just saying this
because I tell people I was an invisible star way back in the
debut era, but I like to think about Trellix as the official
sponsor of the CISO. In anticipation of coming to
the RSA conference, I asked my team to conduct another
edition of our research, The Mind of the CISO. We surveyed 500 CISOs and
got some incredible data. 96% said they set strategy and
have overall responsibility for their company's
cybersecurity program. Frankly, there is a bit of an
imbalance between the amount of responsibility and the amount
of organizational authority. We know that CISOs generally
have few direct reports, but routinely present to their
company's board of directors. In other words, incredibly
limited resources pitted against incredibly high visibility. You think about Taylor Swift. The Eras tour led to a 20%
uptick in concert sales and contributed $5.7 billion to the
U.S. economy in 2023 alone. She is somebody who
plays an outsized role in the music industry. But the same can be
said about CISOs today. They have a disproportionate
impact on their organization. They play a much bigger role. And so I think what we
are seeing now is a shift into a new era. It is why I believe this
conference is a watershed moment in the history of cybersecurity. Because a new era is upon us. Taylor is moving into her new
Tortured Poets department era, and we get to name ours too. The team here at the
RSA conference nailed it with possibility. I think this is the era
of possibility, and let me tell you why. More than 80% of the leaders
we spoke with experienced an increase in the number of
cyberattacks they faced in the past six months. I mean, how often have
we been hearing this? It is staggering, and
it keeps getting worse. You think to yourself,
does it ever end? So we asked point blank,
what would most improve your organization's capabilities
to defend against this new wave of cyberattacks? It wasn't LLM models,
algorithms, or machine learning. You might be surprised
by the answer. The number one answer was
industry peers sharing insight and best practice. I've been ringing this
bell for a few years now. There is a need for
a more collaborative approach to cybersecurity. I talked about it here at
the RSA conference in 2023 with the SecOps revolution. The year before in 2022, I spoke
about soulful work and the value of community and recruiting
great people to join our effort on behalf of the good. I think we in the cybersecurity
community need to do a better job of listening to what
our customers are saying. Some of us seem obsessed with
debating the merits of each other's platform, but we forget
it would be better to operate as one open ecosystem because that
is what our customers repeatedly tell us they want, and
that is what our customers need to be successful. This is the era of
possibility because the work we all do will dramatically
shift moving forward. So because of this shift, we
are going to be the first to do what you ask, to share
insight and best practices. It is why I am so proud to
introduce our CISO to CISO initiative, a crowd-sourced
channel for collaborating with peers, fostering discussions,
and sharing best practice. And to launch the initiative, I
would like to bring out one of the vanguards of our profession,
our CISO at Trellix, Harold Rebus, to chat about
where things are headed. Harold? >> HAROLD REBUS: Thank you. Thanks, Brian. >> BRIAN PALMER: So,
Harold, you are one of the best CISOs out there. I mean, you are in it every day. You live and breathe this
stuff day in, day out. You are in the perfect
position to talk about the future of the CISO role. What are you seeing out there? >> HAROLD REBUS: Well, our
role continues to evolve. We are charged with managing a
risk that is still ill-defined. And in this new era, we
take on an even larger role as cyber titans. Let me explain. You see, NATO has recognized
five domains of warfare, air, land, sea, space, and cyber. But in the last year or
so, a sixth has emerged. And that sixth domain, which is
considered to be the private sector, exists largely
at the intersection of critical infrastructure and
information, or, in other words, where cybersecurity
professionals live. >> BRIAN PALMER: A cyber titan. I love that. It's a fusion between being
a titan of industry and a cybersecurity specialist. But if I hear you correctly,
Harold, the private sector, especially cybersecurity
professionals, will be playing an increasingly larger role in
the future of global conflicts? >> HAROLD REBUS:
That is correct. And that's why when I'm asked
what is it going to take to be the best CISO in the future,
it's through this lens. Everyone in this room
is a cyber titan. >> BRIAN PALMER: Excellent,
can you tell me what it means to be a cyber titan? >> HAROLD REBUS: Well, I think
about this in two parts. I think about the future in
terms of landscape, and I think about the future in
terms of archetypes. So, in other words, what does
the battlefield of the future look like, and what
are the skills you'll need to be successful? >> BRIAN PALMER: All
right, so let's talk about the battlefield. What do we need to think about? >> HAROLD REBUS: Well,
nation-state actors need to be top of mind. We're going to see an increased
use of cyber tactics, timed with kinetic warfare, like we've
seen in the case of wiper malware, targeting satellites
and telecommunications infrastructure in Ukraine. >> BRIAN PALMER: Interesting you
mentioned satellites, because one domain starting to get a
lot of attention is space. How important is the space
domain today and in the future? >> HAROLD REBUS: That's
definitely an increasing part of the future landscape. The idea that space assets
will require protection. The attacks of the past will be
nothing compared to what we will face in the next 10
years and beyond. For example, I think about the
potential of a wiper malware attack against a Mars-based
colony that could isolate humans far away in our solar system. Almost all organizations
are reliant on space assets in some way. Most current research says that
the attack surface isn't well protected, and CISOs have
limited knowledge of the domain. But these are issues someone in
this room will face one day. It's not sci-fi anymore. It's real. >> BRIAN PALMER: Talking about
sci-fi, Gen AI kept popping up all throughout our
research, but you're going to hear so much about it
across this conference, we're not going to pile on. But definitely check out a copy
of our Mind of the CISO research to understand how cybersecurity
leaders are tackling the emergence of Gen AI. But when it comes to Gen AI, the
piece we're all forgetting is if people are doing less work in
the age of AI, it means the work they are doing is so much
more important, Harold. >> HAROLD REBUS: To your point,
and this gets to another key element of the future landscape,
we can't forget about people. We have to make sure
it's all hands on deck. The battle for talent is
ongoing, and organizations need help to attract top talent. But I do think we're making
good progress, and I think the future is bright. >> BRIAN PALMER: There are some
great initiatives, like CISO's 50% by 2030 and our
Soulful Work campaign. The partnerships we have with
the World Economic Forum, ASEI, Gotera, and the National
Cybersecurity Alliance that all aim to bring more diverse
talent into the industry. There is no doubt we need
everyone we can get. And more importantly,
you can do what I truly believe is purposeful
and mission-driven work. Our industry is not a cliche. You are making a difference in
the world when you join us. So, Harold, talking about
people, what skills do you think we need to focus on
in order to be successful? What will separate the
best CISO's from the rest? >> HAROLD REBUS: Well, I think
about the future, I think there are really three key skills
that we need to keep in mind. The first is being an architect. Being an architect
means deep domain knowledge, technology skills,
and the ability to fuse business and technology priorities. >> BRIAN PALMER: Okay, got it. What else? >> HAROLD REBUS: Second,
you'll need to be an operator. Being an effective operator
means a couple of things. First, you'll need to speak
the language of your business. You'll need to understand
business operations, the revenue sources, the industry norms. To be a skilled operator
also means you need to know the lay of the land. That is to say, you need to know
what's going on in the world. I read at least five
publications every morning. I look at international affairs,
global politics, conflicts, elections, anything that
could rock the boat. I try to stay as
informed as possible. >> BRIAN PALMER: Okay, so
architects one, operators second, what's third? >> HAROLD REBUS: Third and most
important, if you want to be successful in this new era,
you need to be a connector. Being a connector means being
independent, yet credible member of the executive team. It means being an agent of
change, somebody that is able to effectively communicate the
story of risk and be able to use risk to your advantage. You have to be able to
communicate outside the organization, often with
regulators, policymakers, and customers, or on a huge stage
like the RSA Conference. Lastly, I would recommend that
we all crowdsource our defense and response strategy. For example, I have a dozen
other CISOs on speed dial in case I ever have a problem. I strongly encourage everyone
here to do the same. So let's build our community,
and let's start sharing. >> BRIAN PALMER:
Absolutely, Harold. We know from our research that
as threats become more complex, the need for collaboration goes
up, and CISOs can't rely on their experience alone anymore. We all face firsts in this role. We can learn from our
collective knowledge. Thanks for joining me, Harold,
and thanks for everything you do for Trellis. >> HAROLD REBUS: It's been
my pleasure, Brian. Thank you. Take care. >> BRIAN PALMER: Look, as
CEO, I just hope other CEOs understand how important
Harold's role is. I am thankful every day for the
work his team does, and I tell executives all the time, the
next time you're in a meeting with your CISO,
just say, thank you. Because Harold's right. If we're heading into this
new reality, we need CISOs to talk with other CISOs. We need more community in
the world of cybersecurity. The bad guys are ahead
of us on this one. There were always clear lines
of demarcation between them. For years, hacktivists, criminal
gangs, and nation-states stayed in their respective lanes. But those lanes
recently became blurred. At Trellix, we call this
phenomenon shadow syndicates. Sure, it may be a den of
thieves, but these shadow syndicates have obvious economic
incentives, and the bad guys have quickly morphed into a
single mercenary force when it serves their interests. Why is it the case that the bad
guys figured out community works to their advantage
long before we did? And I want to leave
you with an image. If you watch the Eras tour,
which, after this talk, I'm sure everyone is going to do on the
flight home, there is a moment where Taylor switches into
her Evermore set and a forest grows out of the stage. Well, remember how I told you I
was driving in the car with my family, listening to Taylor on
the way to a hike out in Utah? We were on the way to
Fish Lake National Forest. If you ever go, you will find
what is called the Trembling Giant, or sometimes Pando. Pando is Latin for eye spread. When you first see it, it looks
like a forest of Quaking Aspen trees, beautiful shades of
green and yellow and white. But in reality, those 47,000
trees are not individual trees. They are all part of
one shared root system. Pando is, in fact, the
world's largest single tree. We are one organism in
cybersecurity, and we are heading into a new reality
of being cyber titans. Taylor has her army, and
so we need to build ours. But you have to
remember how she did it. Taylor is a figure of outsized
influence in her industry, and as we now know,
so too are CISOs. But Taylor's success
comes from her incredible ability to connect with
the world around her. All of her fans
say the same thing. Taylor says what I am thinking. To be a CISO of the future, to
be the best, you have to be in the mind of the people
you are protecting. You have to anticipate your
adversary's attacks, and you have to be a cyber titan. Thank you, and let's
enjoy the conference.
