WEBVTT 1 00:00:00.300 --> 00:00:03.180 Anna Delaney: Hello, and welcome to the final ISMG Editors' Panel 2 00:00:03.180 --> 00:00:06.960 of 2022. I'm Anna Delaney. And this is a special end of year 3 00:00:06.960 --> 00:00:10.320 episode where we reflect on some of the best and most memorable 4 00:00:10.320 --> 00:00:13.770 conversations of the year. And to do that, I'm joined by Tom 5 00:00:13.770 --> 00:00:16.920 Field, senior vice president of editorial; Mathew Schwartz, 6 00:00:16.920 --> 00:00:19.650 executive editor of DataBreachToday and Europe; and 7 00:00:19.650 --> 00:00:23.280 Michael Novinson, who leads our business coverage. Lovely to end 8 00:00:23.280 --> 00:00:24.360 the year with you all. 9 00:00:24.900 --> 00:00:25.530 Tom Field: Happy New Year! 10 00:00:26.250 --> 00:00:27.330 Anna Delaney: Happy New Year, indeed. 11 00:00:27.390 --> 00:00:29.010 Mathew Schwartz: What a year! What a year it's been! 12 00:00:29.100 --> 00:00:32.040 Anna Delaney: What a year! Can you believe this is episode 94 13 00:00:32.220 --> 00:00:33.750 since we first started. 14 00:00:34.050 --> 00:00:36.450 Tom Field: Isn't there a big celebration coming then. 15 00:00:36.870 --> 00:00:39.960 Anna Delaney: Yes, indeed. What are we going to do for 100th we 16 00:00:39.960 --> 00:00:44.100 should discuss that a bit later. But where are you, Tom, in these 17 00:00:44.100 --> 00:00:45.990 final moments of 2022? 18 00:00:45.000 --> 00:00:50.190 Tom Field: Oh, my! At my home. Snowed in without power. There 19 00:00:50.190 --> 00:00:52.320 was quite a storm over the weekend, got over a foot of 20 00:00:52.440 --> 00:00:56.010 heavy snow. So it took down, branches which took down power 21 00:00:56.010 --> 00:00:59.400 lines, and all I can say is thank you wood heat. 22 00:00:59.040 --> 00:01:03.066 Anna Delaney: Absolutely! Yes. Don't envy that. But it's a 23 00:01:03.157 --> 00:01:08.465 beautiful picture to look at. That's the thing about snow. 24 00:01:08.557 --> 00:01:11.760 Matt, another beautiful snow scene. 25 00:01:12.470 --> 00:01:14.900 Mathew Schwartz: Thank you. Yep, Scotland. We've gotten some snow 26 00:01:14.900 --> 00:01:18.050 this year. It's sporadic. But it's lovely when it happens, 27 00:01:18.290 --> 00:01:22.760 especially without the attendant issues that they've had near 28 00:01:22.760 --> 00:01:25.370 Tom's house. So we didn't lose power or anything. It was just 29 00:01:25.370 --> 00:01:28.820 pretty to look at but it slipped slightly but we made it through. 30 00:01:29.450 --> 00:01:32.450 Anna Delaney: Very good. Michael, a bit more of a family 31 00:01:32.000 --> 00:01:39.560 Michael Novinson: Yes, exactly. We're closer to home here. This 32 00:01:32.450 --> 00:01:32.900 scene. 33 00:01:39.560 --> 00:01:46.040 is 265 days ago, celebrating Hanukkah with my daughter. Doing 34 00:01:46.040 --> 00:01:49.580 it again this year and definitely more opinionated on 35 00:01:49.580 --> 00:01:50.060 everything. 36 00:01:52.260 --> 00:01:54.360 Anna Delaney: Absolutely. Happy Hanukkah, that must be said. 37 00:01:54.900 --> 00:01:55.770 Michael Novinson: Thank you. 38 00:01:56.160 --> 00:01:59.550 Anna Delaney: Well, I am ending on this highlight of 2022. You 39 00:01:59.550 --> 00:02:04.590 will recognize this diner, perhaps? Memories of pre-game 40 00:02:04.620 --> 00:02:08.220 breakfast very early in the morning. Too early, I must say. 41 00:02:08.430 --> 00:02:10.980 But Tom, we missed you this year. But hopefully we'll be 42 00:02:10.980 --> 00:02:12.300 there altogether next year. 43 00:02:12.000 --> 00:02:13.980 Tom Field: Too early. It's lunchtime for you. 44 00:02:16.270 --> 00:02:18.640 Anna Delaney: Well, Tom, this was of course, a very special 45 00:02:18.640 --> 00:02:21.220 year because this is the year we met in person as well. It all 46 00:02:21.220 --> 00:02:22.450 began in Chicago, didn't it? 47 00:02:22.840 --> 00:02:23.680 Tom Field: Indeed it did. Yes. 48 00:02:24.460 --> 00:02:26.530 Anna Delaney: So that was definitely a highlight of 2022. 49 00:02:26.860 --> 00:02:29.470 But of all the conversations you've had with security leaders 50 00:02:29.470 --> 00:02:31.840 this year, which was the one that stood out for you. 51 00:02:31.000 --> 00:02:35.140 Tom Field: That was a hard one to narrow down. I got down to a 52 00:02:35.140 --> 00:02:38.470 shortlist of about three after spending some time on it. And I 53 00:02:38.470 --> 00:02:42.790 finally decided to go with Marene Allison, the outgoing 54 00:02:42.820 --> 00:02:46.600 CISO of Johnson & Johnson, and I don't mean outgoing just because 55 00:02:46.600 --> 00:02:50.530 she's energetic, but she is. But because she's retiring early in 56 00:02:50.530 --> 00:02:56.260 2023 and had a brilliant career. You know, she was in the first 57 00:02:56.260 --> 00:03:00.400 class of women at West Point Academy, military academy in the 58 00:03:00.400 --> 00:03:04.810 U.S. She has gone on to work in the FBI, worked undercover and 59 00:03:04.810 --> 00:03:09.580 drug busts. She's worked for the old A&P supermarket work for med 60 00:03:09.580 --> 00:03:13.540 club. And now with Johnson & Johnson, a fabulous career. And 61 00:03:13.540 --> 00:03:16.600 I talked with her about her career earlier in the year and 62 00:03:16.600 --> 00:03:21.190 reflected on what it was like to get into cybersecurity before 63 00:03:21.190 --> 00:03:24.310 cybersecurity was a career. So if you don't mind, I'm going to 64 00:03:24.310 --> 00:03:26.560 share an excerpt of our conversation where she talks 65 00:03:26.560 --> 00:03:30.250 about getting into cybersecurity kind of by happenstance. 66 00:03:30.810 --> 00:03:33.570 Marene Allison: Well, first of all, we're of the tender age 67 00:03:33.600 --> 00:03:39.210 that there was no cyber. So you couldn't aspire at 21 that, oh, 68 00:03:39.210 --> 00:03:43.170 I'll be the CISO of a company, because there was no such thing 69 00:03:43.170 --> 00:03:48.450 as the CISO. So I think there is a generation of CISOs that 70 00:03:50.250 --> 00:03:54.720 either we're tumbleweeds, or we're good at adapting at what 71 00:03:54.720 --> 00:04:00.180 is thrown at us. I tell people, you throw me a lemon, I'm going 72 00:04:00.180 --> 00:04:04.800 to make you a lemonade. And that's really what has happened. 73 00:04:05.400 --> 00:04:09.840 When I went to ... I was going to go to college, I wanted to go 74 00:04:09.840 --> 00:04:15.420 to Wellesley an all women school outside of Boston, channeling 75 00:04:15.420 --> 00:04:24.360 Abigail Adams, and at the time, I wasn't able to get in. And I 76 00:04:24.360 --> 00:04:29.940 got an opportunity to go to a military academy. And my choice 77 00:04:29.940 --> 00:04:33.000 was I want to go to the Air Force Academy. Margaret Heckler, 78 00:04:33.000 --> 00:04:36.540 my Congresswoman gave me her principal nomination to West 79 00:04:36.540 --> 00:04:40.560 Point. Now there was no cyber then. There wasn't even computer 80 00:04:40.560 --> 00:04:46.470 science as a major. And so I got asked when I was first classmen, 81 00:04:46.530 --> 00:04:50.880 if I would be interested in taking electrical engineer. So 82 00:04:50.880 --> 00:04:53.880 as part of my engineering degree, I took electrical 83 00:04:53.880 --> 00:04:56.790 engineering and our concentration as we call them, 84 00:04:56.790 --> 00:04:59.850 we didn't really have majors, and I took electrical 85 00:04:59.850 --> 00:05:05.160 engineering. And that started me in a systems bitten-by-type of 86 00:05:05.160 --> 00:05:08.010 thinking that came through my entire life. 87 00:05:08.460 --> 00:05:10.950 Tom Field: I like that. We are either tumbleweeds or we are 88 00:05:10.950 --> 00:05:14.010 very adaptable. Maybe a little bit of both, but remarkable 89 00:05:14.010 --> 00:05:16.500 woman. Had the chance to speak with her as she wound down her 90 00:05:16.500 --> 00:05:19.890 career. And I'll be sharing that - career and expanding interview 91 00:05:19.980 --> 00:05:20.490 shortly. 92 00:05:21.330 --> 00:05:23.640 Anna Delaney: Very good. She's an inspiration and we need more 93 00:05:23.640 --> 00:05:26.400 leaders like that. Do you have any idea as to how she will be 94 00:05:26.400 --> 00:05:28.650 spending her time in retirement? 95 00:05:29.100 --> 00:05:31.530 Tom Field: I don't believe for a second she's going to totally 96 00:05:31.530 --> 00:05:35.460 stop. She's too active in too many groups throughout the world 97 00:05:35.460 --> 00:05:39.120 really, What I'm hoping for is an opportunity to sit down with 98 00:05:39.120 --> 00:05:42.870 her in person to hear more about her and her husband's career 99 00:05:42.960 --> 00:05:46.620 undercover doing drug busts for the FBI. I think there's a movie 100 00:05:46.620 --> 00:05:47.970 there and I'm eager to hear it. 101 00:05:48.360 --> 00:05:51.660 Anna Delaney: I love it. Well, thank you very much. Matt, we 102 00:05:51.660 --> 00:05:54.600 also met for the first time this year, didn't we? But in London. 103 00:05:55.020 --> 00:05:55.980 How crazy is that? 104 00:05:56.070 --> 00:05:58.290 Mathew Schwartz: I know, good times. And then just a few short 105 00:05:58.290 --> 00:05:59.550 weeks later in San Francisco. 106 00:05:59.790 --> 00:06:03.570 Anna Delaney: Indeed, and which, of course, adds to this year's 107 00:06:03.570 --> 00:06:06.300 top moments that must be said. But other than that, Matt, 108 00:06:06.300 --> 00:06:09.630 you've had a fruitful year of reporting. Ransomware attacks 109 00:06:09.630 --> 00:06:13.290 certainly didn't stop. We saw double and even triple extortion 110 00:06:13.290 --> 00:06:16.290 tactics being employed by the criminals. And then of course, 111 00:06:16.500 --> 00:06:20.190 the Russia-Ukraine war certainly turned cyber warfare into a 112 00:06:20.190 --> 00:06:23.490 reality. How was the year for you and was there an interview 113 00:06:23.490 --> 00:06:25.110 that towered above the rest? 114 00:06:26.040 --> 00:06:28.560 Mathew Schwartz: Definitely, as you say, ransomware continues to 115 00:06:28.560 --> 00:06:32.910 be such a fascinating topic as the criminals innovate different 116 00:06:32.910 --> 00:06:36.150 business models, and so on. And one of the big impacts I think 117 00:06:36.150 --> 00:06:40.440 we've seen with ransomware has been Russia's decision to invade 118 00:06:40.710 --> 00:06:45.180 Ukraine. And that leads me to what has been one of the most 119 00:06:45.210 --> 00:06:49.530 standout interviews for the year of me, for me, which was 120 00:06:49.530 --> 00:06:52.320 speaking with Ukrainian government cybersecurity 121 00:06:52.320 --> 00:06:58.170 officer, Victor Zhora, back in August. So the war began, 122 00:06:58.200 --> 00:07:04.050 February 24th. Forces moved in. Obviously, we saw a run up to 123 00:07:04.050 --> 00:07:08.550 that where there was a lot of, I don't want to say cyber sniping, 124 00:07:08.550 --> 00:07:12.030 but you get the idea that there is a lot of conflict already 125 00:07:12.030 --> 00:07:15.420 happening, possibly softening up the battlefield or trying to 126 00:07:15.630 --> 00:07:19.710 before the next escalation that we saw with the forces moving 127 00:07:19.710 --> 00:07:23.580 into Ukraine in February. So I had the opportunity to speak to 128 00:07:23.580 --> 00:07:27.780 Victor Zhora, who's helping lead the cybersecurity defense for 129 00:07:27.780 --> 00:07:30.990 the country. And you may recall, at the beginning of the year, 130 00:07:30.990 --> 00:07:34.110 there was a lot of question about how Russia perceived to be 131 00:07:34.110 --> 00:07:39.060 this gargantuan cybersecurity power, would use hack attacks 132 00:07:39.330 --> 00:07:45.270 for what might be the first actual cyber war. And so I put 133 00:07:45.270 --> 00:07:48.540 the question to Victor, at the beginning of war, he had said, 134 00:07:48.540 --> 00:07:52.290 the Russia-Ukraine War was the world's first not cyber war, he 135 00:07:52.290 --> 00:07:55.890 was looking at it as the world's first hybrid war, and that it 136 00:07:55.890 --> 00:08:00.120 was a war. But there was also the use of cyber. I asked him to 137 00:08:00.120 --> 00:08:03.540 expand on that, because he's obviously on the front lines 138 00:08:03.540 --> 00:08:07.710 here. And just how has it been used? What's been surprising to 139 00:08:07.710 --> 00:08:09.750 you? And this is what he said. 140 00:08:10.380 --> 00:08:13.230 Victor Zhora: Russia for us just continues to combine 141 00:08:13.260 --> 00:08:19.230 cyberattacks with kinetic operations, and in a very 142 00:08:19.260 --> 00:08:23.880 serious percentage, that can be coordinated with kinetic to 143 00:08:23.880 --> 00:08:28.320 amplify the overall psychological effect from these 144 00:08:28.770 --> 00:08:35.490 attacks. Some of cyber operations continue being 145 00:08:35.730 --> 00:08:40.950 separate from their military activity. So this is very 146 00:08:41.490 --> 00:08:49.350 diverse activity. And it seems to me that in the last several 147 00:08:49.350 --> 00:08:58.320 months, we do not observe some particular strategy. The 148 00:08:59.220 --> 00:09:03.750 adversary continue to seek for gaps and vulnerabilities in 149 00:09:03.900 --> 00:09:08.280 Ukrainian networks trying to gain access to provide 150 00:09:08.280 --> 00:09:14.220 persistence in these networks to exfiltrate data to seek for 151 00:09:14.460 --> 00:09:20.070 opportunities of direct impact and destruction to these 152 00:09:20.070 --> 00:09:27.030 networks. And it seems to me that decisions made accordingly 153 00:09:27.030 --> 00:09:31.620 to opportunities that can find in our infrastructures, and then 154 00:09:31.620 --> 00:09:37.440 perhaps, they will choose best scenario according to current 155 00:09:37.440 --> 00:09:48.210 circumstances, perhaps in consideration of potential 156 00:09:48.600 --> 00:09:53.640 kinetic conventional opportunities they have on 157 00:09:53.640 --> 00:09:57.780 battlefields, or simply providing information 158 00:09:57.780 --> 00:10:02.340 psychological effects on Ukrainian media sphere. 159 00:10:03.270 --> 00:10:06.060 Mathew Schwartz: Unfortunately, what we have been seeing - now 160 00:10:06.060 --> 00:10:08.910 that it's winter - is that Russia is repeating some of its 161 00:10:08.910 --> 00:10:13.380 prior tactics. So back in 2015, back in 2016, it used 162 00:10:13.500 --> 00:10:17.100 cyberattacks in order to crash part of the power grid in 163 00:10:17.100 --> 00:10:20.520 Ukraine. A lot of people were warning that this was an obvious 164 00:10:20.520 --> 00:10:23.820 play they might make. We didn't see it, though, at the beginning 165 00:10:23.880 --> 00:10:27.930 of the conflict, presumably because missiles are a much 166 00:10:27.930 --> 00:10:31.050 easier way to destroy infrastructure and to disrupt 167 00:10:31.050 --> 00:10:34.320 activities. Unfortunately, now, though, we are seeing these 168 00:10:34.350 --> 00:10:37.830 indiscriminate continuing attacks on civilians, escalating 169 00:10:37.830 --> 00:10:43.320 to the point where there's been crashing or targeting or 170 00:10:43.320 --> 00:10:46.590 destruction of the infrastructure that Ukrainians 171 00:10:46.590 --> 00:10:49.290 need to keep themselves warm over the winter. Officials have 172 00:10:49.290 --> 00:10:51.840 been saying that one of the best defenses they have against this 173 00:10:51.840 --> 00:10:55.080 is generators, and they've been appealing for other countries to 174 00:10:55.080 --> 00:10:58.920 send them generators. So obviously, there have been these 175 00:10:58.950 --> 00:11:02.880 cybersecurity, cyber warfare, cyberattack questions, but they 176 00:11:02.880 --> 00:11:05.550 have really, I think, been secondary to the reality on the 177 00:11:05.550 --> 00:11:10.650 battlefield, and for the lives of people who are in Ukraine and 178 00:11:10.650 --> 00:11:14.550 attempting to maintain normalcy as much as they can in the midst 179 00:11:14.550 --> 00:11:15.660 of Russia's invasion. 180 00:11:16.800 --> 00:11:18.900 Anna Delaney: For sure, and then we saw this incredible 181 00:11:19.260 --> 00:11:21.930 international collaboration, didn't we, in terms of threat 182 00:11:21.930 --> 00:11:24.990 intelligence, sharing and supporting Ukraine's digital 183 00:11:24.990 --> 00:11:28.680 defenses, but there is this danger of cyber war fatigue? 184 00:11:28.980 --> 00:11:31.500 Matt, do you sense this happening? And are you concerned 185 00:11:31.950 --> 00:11:34.740 that going into 2023 that might cause problems? 186 00:11:35.550 --> 00:11:37.080 Mathew Schwartz: Again, I think this is secondary to the 187 00:11:37.080 --> 00:11:39.870 potential problem, geopolitically speaking of war, 188 00:11:39.870 --> 00:11:42.960 fatigue. We've seen a lot of Western governments, to their 189 00:11:42.960 --> 00:11:48.900 credit, backing Ukraine. One of the big success stories for me 190 00:11:49.080 --> 00:11:51.750 of the year, and maybe I should have highlighted this sooner in 191 00:11:51.750 --> 00:11:55.290 our discussion is the likes of Microsoft, and I'm going to get 192 00:11:55.290 --> 00:11:57.450 the names wrong. So I won't even try. But all these companies 193 00:11:57.480 --> 00:12:01.440 stepped forward to help Ukraine. As you say, there's threat 194 00:12:01.440 --> 00:12:05.280 intelligence, Microsoft and others have also donated cloud 195 00:12:05.280 --> 00:12:08.340 computing, Ukraine was able to keep operations going because 196 00:12:08.340 --> 00:12:10.770 they moved to the cloud. I mean, we were talking about quick 197 00:12:10.770 --> 00:12:14.850 digital transformation. I think, for Ukrainian government, maybe 198 00:12:14.850 --> 00:12:16.860 it was overnight in some cases. They flipped a switch, and they 199 00:12:16.860 --> 00:12:24.480 just went for it. And amazing, amazing work by companies, by 200 00:12:24.480 --> 00:12:26.400 businesses, by private businesses to donate time 201 00:12:26.430 --> 00:12:30.240 expertise and help to help Ukraine defend itself. Amazing. 202 00:12:30.390 --> 00:12:34.800 Wonderful. So I do though, wonder if we could see some 203 00:12:34.800 --> 00:12:37.350 fracturing amongst the Western governments that have pledged a 204 00:12:37.350 --> 00:12:40.650 lot of money and resources, weapons, help, all that sort of 205 00:12:40.650 --> 00:12:44.820 thing. Geopolitics is difficult. And the Soviet Union, now 206 00:12:44.820 --> 00:12:48.660 Russia, has a long history of attempting to exploit existing 207 00:12:48.660 --> 00:12:51.900 differences, disagreements, and certainly they're going to be 208 00:12:51.900 --> 00:12:56.910 trying to use this war as a way to weaken the EU. We've already 209 00:12:56.910 --> 00:13:01.440 seen it weakened by the exit of Britain. And they're going to 210 00:13:01.440 --> 00:13:03.660 use that to their advantage in whatever way they can. I think 211 00:13:03.660 --> 00:13:06.510 cyber secondary there, but I think there are some real 212 00:13:06.510 --> 00:13:09.210 problems. We don't know how they will shake out, possibly with 213 00:13:09.210 --> 00:13:11.550 cyber ramifications as we go forward. 214 00:13:12.990 --> 00:13:15.990 Anna Delaney: Excellent work, Matt, and really very good 215 00:13:16.080 --> 00:13:19.470 interview. That was a great find, I suppose. Well done. 216 00:13:19.470 --> 00:13:21.720 Michael Novinson: Thank you. I was lucky and honored to be able 217 00:13:21.720 --> 00:13:22.170 to do that. 218 00:13:23.580 --> 00:13:25.980 Anna Delaney: Well, Michael, we also met for the first time this 219 00:13:25.980 --> 00:13:31.440 year, but in San Francisco. What a moment, what an intense stint. 220 00:13:31.440 --> 00:13:34.920 But it was great. So much happened in the business world 221 00:13:35.040 --> 00:13:37.470 this year, didn't it? So what's the golden interview that you 222 00:13:37.650 --> 00:13:38.700 are going to share with us? 223 00:13:39.260 --> 00:13:41.900 Michael Novinson: Absolutely. And thank you for having me. I 224 00:13:41.900 --> 00:13:44.360 was delighted to be able to speak not once but twice with 225 00:13:44.360 --> 00:13:47.720 Nikesh Arora. He's the CEO of Palo Alto Networks. We spoke at 226 00:13:47.720 --> 00:13:50.270 RSA Conference on video in June and I'll share a clip from that 227 00:13:50.270 --> 00:13:53.960 as well as in person at Palo Alto Networks Ignite - their 228 00:13:53.960 --> 00:13:57.470 show - just last week in Las Vegas. So I think there was a 229 00:13:57.470 --> 00:14:00.050 lot of questions in terms of best of breed versus platform 230 00:14:00.050 --> 00:14:02.000 that have been percolating in the industry for a number of 231 00:14:02.000 --> 00:14:07.070 years. And up until this past year, it really seems like 232 00:14:07.250 --> 00:14:10.880 investors in the industry were very enthusiastic about having 233 00:14:10.880 --> 00:14:13.820 people who are knowledgeable in a specific technology area like 234 00:14:13.820 --> 00:14:17.600 CrowdStrike and endpoint security and identity. And Palo 235 00:14:17.600 --> 00:14:20.180 Alto Networks have taken a bit of a different strategy under 236 00:14:20.180 --> 00:14:23.810 Nikesh Arora. He came in as CEO in June of 2018. But that went 237 00:14:23.810 --> 00:14:26.900 to a really a pretty narrowly focused firewall vendor. And 238 00:14:26.900 --> 00:14:31.010 they made between 2018 and early 2021, roughly a dozen 239 00:14:31.010 --> 00:14:34.100 acquisitions; spent two and a half billion dollars and moved 240 00:14:34.100 --> 00:14:36.800 into all kinds of areas where they hadn't had any play before. 241 00:14:37.040 --> 00:14:39.800 And this is highly unusual in the industry. Really, the 242 00:14:39.800 --> 00:14:41.720 industry has prioritized building out capabilities 243 00:14:41.720 --> 00:14:44.960 organically. And we've seen the likes of Symantec and McAfee try 244 00:14:44.960 --> 00:14:48.200 to make large acquisitions move into new areas. And ultimately, 245 00:14:48.200 --> 00:14:51.080 it hasn't worked that they haven't, while they're trying to 246 00:14:51.080 --> 00:14:54.890 offer customers a broader platform that has the 247 00:14:54.890 --> 00:14:57.500 capabilities that haven't been best in class across the board. 248 00:14:58.730 --> 00:15:03.500 So yeah, up until this point, really a major focus was cloud, 249 00:15:03.500 --> 00:15:07.820 they brought container security service, all these sub 250 00:15:07.820 --> 00:15:10.370 capabilities within Cloud security. And then another big 251 00:15:10.370 --> 00:15:12.920 area of focus has been around security operations, they bought 252 00:15:12.920 --> 00:15:16.970 into SOAR. And then really have been focused on trying to build 253 00:15:16.970 --> 00:15:21.710 out what they call XSIAM as a sim replacement offering. So 254 00:15:21.740 --> 00:15:24.710 when I had Nikesh on, and I did want to speak to him a little 255 00:15:24.710 --> 00:15:29.240 bit about the unique strategy there and why the company was so 256 00:15:29.240 --> 00:15:32.540 focused on doing M&A in his early years, and why he thought 257 00:15:32.540 --> 00:15:35.180 that that was the best way to make the company relevant going 258 00:15:35.180 --> 00:15:35.600 forward. 259 00:15:35.870 --> 00:15:39.020 Nikesh Arora: It's really not one security company that has 260 00:15:39.020 --> 00:15:41.780 more than two and a half percent market share, which is us. And 261 00:15:42.200 --> 00:15:45.500 if you analyze that, you realize that every security company gets 262 00:15:45.500 --> 00:15:48.260 really good at one thing, and then misses the boat, no pun 263 00:15:48.260 --> 00:15:51.740 intended on the next thing. And you sit there and say, well, I 264 00:15:51.740 --> 00:15:54.560 can't go back and change the past. So I can't go back and 265 00:15:54.560 --> 00:15:58.220 build a business in areas that, you know, we've kind of missed 266 00:15:58.220 --> 00:16:01.550 the boat on. But if you sat back and thought about four years 267 00:16:01.550 --> 00:16:05.360 ago, what was going to be big. I spent 10 years at Google. And in 268 00:16:05.360 --> 00:16:08.600 that period, I realized the cloud is going to be big. So I 269 00:16:08.600 --> 00:16:11.150 sat down with Nir Zuk, our founder. I sat down with Lee 270 00:16:11.150 --> 00:16:13.820 Klarich, our chief product officer and our teams. We really 271 00:16:13.820 --> 00:16:18.170 sat down and parsed through what the implications of that change 272 00:16:18.170 --> 00:16:21.830 were. I realize, you know, half the company in the world are 273 00:16:21.830 --> 00:16:23.840 going to go in the cloud. So they're going to have to write a 274 00:16:23.840 --> 00:16:25.730 whole bunch of applications in the cloud. So we have to find a 275 00:16:25.730 --> 00:16:29.750 way to secure that. Two, it's going to change in how networks 276 00:16:29.750 --> 00:16:31.970 are fundamentally created. So we had to go think about how 277 00:16:31.970 --> 00:16:35.090 network transformation is going to happen. And three, the 278 00:16:35.120 --> 00:16:39.230 availability of cheaper compute, low latency, high bandwidth 279 00:16:39.230 --> 00:16:41.930 solutions, will allow for a whole new real-time process 280 00:16:41.930 --> 00:16:45.440 security. So based on those three insights, we said about 281 00:16:45.440 --> 00:16:48.710 the strategy about building a network security platform, a 282 00:16:48.710 --> 00:16:52.850 cloud security platform and an automation platform, which is 283 00:16:52.850 --> 00:16:56.270 based on a fast processing and real-time security. 284 00:16:55.769 --> 00:16:58.146 Michael Novinson: So in 2022, the market has largely come 285 00:16:58.207 --> 00:17:01.864 around to the vision of Palo Alto Networks had. We have seen 286 00:17:01.925 --> 00:17:05.521 their stock hold steady, while other more focused companies 287 00:17:05.582 --> 00:17:08.874 like CrowdStrike to Zcalaer and Octa and hit harder by 288 00:17:08.935 --> 00:17:12.044 investors. They're now the most valuable company in 289 00:17:12.105 --> 00:17:15.701 cybersecurity, not only the largest from a top line revenue 290 00:17:15.762 --> 00:17:19.541 standpoint, which has been the case since Symantec was sold to 291 00:17:19.602 --> 00:17:23.442 Broadcom, but actually the most valuable, I think investors are 292 00:17:23.503 --> 00:17:26.856 happy to see that they're well positioned to weather an 293 00:17:26.917 --> 00:17:30.330 economic downturn, since they have offerings in a lot of 294 00:17:30.391 --> 00:17:33.805 different areas. And I think there is a feeling that the 295 00:17:33.866 --> 00:17:37.401 industry is coming around to their vision that, especially 296 00:17:37.462 --> 00:17:41.059 with the downturn, that there's more pressure around vendor 297 00:17:41.120 --> 00:17:44.960 consolidation, trying to get rid of point products reduce cost. 298 00:17:45.021 --> 00:17:48.739 And I think there's been enough feedback from the market that 299 00:17:48.800 --> 00:17:52.579 their products and even in areas where they didn't, where they 300 00:17:52.640 --> 00:17:56.115 moved in, inorganically like cloud or security operations 301 00:17:56.176 --> 00:17:59.650 that their offerings are, at least one of the best in the 302 00:17:59.711 --> 00:18:03.307 industry. So they're not asking their customers to accept a 303 00:18:03.368 --> 00:18:07.087 subpar offering just for the case of having a broad platform. 304 00:18:07.148 --> 00:18:10.805 So Nikesh will complete five years as CEO in June. So far it 305 00:18:10.866 --> 00:18:14.401 seems like investors are really and customers are rallying 306 00:18:14.462 --> 00:18:15.560 around his vision. 307 00:18:15.000 --> 00:18:19.770 Anna Delaney: Very good, and Michael, did anything happen 308 00:18:19.770 --> 00:18:23.370 this year, that was pretty unique to 2022. Like you hadn't 309 00:18:23.370 --> 00:18:26.040 seen it in the industry before in previous years? 310 00:18:26.690 --> 00:18:30.230 Michael Novinson: Yeah, so the really unique thing has been 311 00:18:30.230 --> 00:18:34.100 these take-private deals that most years because security is a 312 00:18:34.100 --> 00:18:35.960 growing industry, if you look at the number of companies that are 313 00:18:35.960 --> 00:18:37.880 going public versus the number of companies that are leaving 314 00:18:37.880 --> 00:18:40.700 the public market, that usually the former greatly outweighs the 315 00:18:40.700 --> 00:18:43.880 latter, we had at least four companies going public in 2021. 316 00:18:44.450 --> 00:18:46.730 And to the extent that companies were leaving the market, there 317 00:18:46.730 --> 00:18:51.170 might be a big, a big player, acquiring them like Google in 318 00:18:51.170 --> 00:18:53.930 the case of Mandiant, or whatnot. And yeah, this year was 319 00:18:53.930 --> 00:18:58.520 different that stocks just really weren't doing well. So 320 00:18:58.520 --> 00:19:01.100 the private equity firm still raised a lot of money. They had 321 00:19:01.100 --> 00:19:04.850 a lot of cash. And these are growing companies, these are 322 00:19:05.240 --> 00:19:07.340 maybe on the way to profitability. There's a high 323 00:19:07.430 --> 00:19:10.280 degree of customer interest, and they just saw a good deal and 324 00:19:10.430 --> 00:19:13.820 with Steve King we had Stu Sjouwerman , he's the CEO of 325 00:19:13.850 --> 00:19:18.500 KnowBe4, into to the ISMG Studios. I'd asked him, you just 326 00:19:18.500 --> 00:19:21.350 went public in 2021 and why did you decide only a year later to 327 00:19:21.620 --> 00:19:26.420 get acquired by this equity. And he was saying that the market 328 00:19:26.420 --> 00:19:29.180 isn't being fair to us, like we're growing to 35% a year, 329 00:19:29.180 --> 00:19:32.750 we're actually profitable, which is rare in this industry and the 330 00:19:33.110 --> 00:19:35.720 stock/that flatlines had gone down and he just felt like the 331 00:19:35.720 --> 00:19:38.810 public markets were not recognizing the value of all 332 00:19:38.810 --> 00:19:41.990 that the very largest cybersecurity company. So no 333 00:19:41.990 --> 00:19:45.260 IPOs this year, highly unlikely they'll be one next year. But 334 00:19:45.260 --> 00:19:49.820 yeah, Thoma Brvao just raised $34 billion. I have to wonder 335 00:19:49.820 --> 00:19:52.160 how much that's going to end up being spent on cybersecurity 336 00:19:52.160 --> 00:19:54.590 purchases. But I think we're going to continue to see this 337 00:19:54.590 --> 00:19:56.870 because I think people realize there's some really good 338 00:19:56.870 --> 00:20:00.170 companies that can be purchased at affordable rates. 339 00:20:01.490 --> 00:20:03.620 Anna Delaney: That's a great interesting insight, Michael. 340 00:20:03.620 --> 00:20:07.790 Thank you. So finally, prediction time, of course, as 341 00:20:07.790 --> 00:20:10.310 you approach the new year, what are your top predictions for 342 00:20:10.340 --> 00:20:11.330 2023? 343 00:20:11.000 --> 00:20:17.360 Tom Field: I have two; On sort of the scary side, I worry about 344 00:20:17.390 --> 00:20:20.960 attacks on operational technology. I think that we've 345 00:20:20.960 --> 00:20:23.960 seen some ... we know what the vulnerabilities are, we know 346 00:20:23.960 --> 00:20:26.630 organizations are waking up to those, we know adversaries are 347 00:20:26.630 --> 00:20:29.480 discovering them, and likely exploiting them as we speak. I 348 00:20:29.480 --> 00:20:33.140 worry about those taking down organizations that aren't 349 00:20:33.140 --> 00:20:35.330 adequately prepared. That's something I think we'll be 350 00:20:35.330 --> 00:20:39.230 talking about in 2023. Encouraging follow up on what 351 00:20:39.230 --> 00:20:42.080 Michael was just talking about was consolidation I believe 352 00:20:42.080 --> 00:20:44.600 we're going to see in the cybersecurity space, I don't 353 00:20:44.600 --> 00:20:47.960 think it's necessarily a bad thing for them to be fewer, 354 00:20:48.110 --> 00:20:51.830 perhaps stronger vendors for security leaders to deal with. 355 00:20:52.010 --> 00:20:55.790 We talk about the issues of supply chain security, and third 356 00:20:55.790 --> 00:21:00.050 party risk management, I think that those issues are 357 00:21:00.050 --> 00:21:04.340 ameliorated to some extent by consolidation. So I think that's 358 00:21:04.340 --> 00:21:05.210 an encouraging sign. 359 00:21:06.650 --> 00:21:08.180 Anna Delaney: Excellent, Matt? 360 00:21:09.620 --> 00:21:11.600 Mathew Schwartz: Couple of the ones that I picked - supply 361 00:21:11.600 --> 00:21:15.200 chain attacks, I think, are fertile territory for additional 362 00:21:15.200 --> 00:21:19.880 attacks, we saw SolarWinds, that came to light in 2021. And I 363 00:21:19.880 --> 00:21:23.300 think there were worries that we would see much more of that in 364 00:21:23.300 --> 00:21:27.590 2022. Maybe there has been and we just haven't found it yet. 365 00:21:27.740 --> 00:21:30.440 But I do think we're going to see much more in the supply 366 00:21:30.440 --> 00:21:33.800 chain attack front, because you'd have one person or one 367 00:21:33.800 --> 00:21:36.680 organization, one entity, one piece of software, and it gives 368 00:21:36.680 --> 00:21:41.210 you that ability to hit many more than one, potential 369 00:21:41.210 --> 00:21:44.360 victims. So I think that is something we're going to be 370 00:21:44.360 --> 00:21:48.200 seeing more of. Ransomware, like we were discussing at the top of 371 00:21:48.200 --> 00:21:50.750 the hour, I think we're going to be seeing more innovative 372 00:21:50.750 --> 00:21:54.440 business models, what those will be, I don't know. But of course, 373 00:21:54.440 --> 00:21:57.950 they're going to be fine tuned by criminals to try to get them 374 00:21:57.950 --> 00:22:02.240 more money. I think we've maybe seen less emphasis on large U.S. 375 00:22:02.240 --> 00:22:07.610 organizations, and more emphasis on other countries. Australia, 376 00:22:07.610 --> 00:22:11.060 for example, had a really big ransomware hit. The U.K., the 377 00:22:11.060 --> 00:22:13.700 NHS through a third-party provider had a really bad hit 378 00:22:13.790 --> 00:22:17.510 this year. I think we'll see more of that. And then finally, 379 00:22:17.540 --> 00:22:20.420 more uncertainty on the Ukraine front. We talked about the 380 00:22:20.420 --> 00:22:24.410 psychology of supporting Ukraine, and Ukraine's 381 00:22:24.410 --> 00:22:28.160 adversaries attempting to exploit that - if you will - try 382 00:22:28.160 --> 00:22:30.740 to use that against the coalition of countries or break 383 00:22:30.740 --> 00:22:33.110 up the coalition of countries that have come together to 384 00:22:33.110 --> 00:22:37.490 support Ukraine. How that will shake out is anyone's guess. But 385 00:22:37.490 --> 00:22:40.370 the longer the war lasts. I mean, the more horribleness of 386 00:22:40.370 --> 00:22:43.580 course, but also the greater the potential for Western backers to 387 00:22:43.580 --> 00:22:46.700 blink. And so we'll have to wait to see what happens. Hopefully, 388 00:22:46.700 --> 00:22:49.010 that won't happen. But we will see. 389 00:22:52.130 --> 00:22:54.080 Anna Delaney: Do you see your head then, Michael? 390 00:22:55.350 --> 00:22:57.570 Michael Novinson: For me, I'm really watching these late stage 391 00:22:57.570 --> 00:23:01.050 startups. The economic downturn didn't affect everyone equally. 392 00:23:01.050 --> 00:23:03.990 And for those companies that had been in fully anticipating to go 393 00:23:03.990 --> 00:23:06.330 public in 2022 or 2023, that they've had a lot of tough 394 00:23:06.330 --> 00:23:09.120 decisions. We've certainly seen layoffs at a number of companies 395 00:23:09.120 --> 00:23:12.780 - Cybereason, OneTrust, SNEAK, Lacework, etc. And then 396 00:23:12.780 --> 00:23:15.120 companies having to decide what is their future look like in the 397 00:23:15.120 --> 00:23:19.080 case of Arctic Wolf them and taking $100 million in tax, they 398 00:23:19.080 --> 00:23:21.360 wouldn't have to take a valuation hit. But buying 399 00:23:21.360 --> 00:23:23.790 themselves a little bit more time. In the case of SNEAK, just 400 00:23:23.790 --> 00:23:26.910 last week, they actually took about a 12% cut to their 401 00:23:26.910 --> 00:23:29.670 valuation in order to get more money. And I think we'll see 402 00:23:29.670 --> 00:23:32.370 some more moves like that. I think we'll also see some folks 403 00:23:32.370 --> 00:23:36.090 contemplating an exit. I know, all of these companies really 404 00:23:36.090 --> 00:23:38.700 were enthusiastic about going public. And they were very 405 00:23:39.420 --> 00:23:41.850 bought into that vision. But I think folks didn't have to start 406 00:23:41.850 --> 00:23:44.520 considering alternatives and other media reports. Cybereason 407 00:23:44.520 --> 00:23:48.300 was considering an acquisition, they very strongly refuted that 408 00:23:48.300 --> 00:23:51.000 pushback on that. But I do think folks are going to have to start 409 00:23:51.000 --> 00:23:54.600 considering things in terms of the M&A landscape. I certainly 410 00:23:54.600 --> 00:23:56.790 think a lot of it is going to be those private equity firms that 411 00:23:56.790 --> 00:23:59.460 have a lot of money and see cheap deals. I do wonder in 412 00:23:59.460 --> 00:24:01.830 terms of what's called strategic acquisitions follow either 413 00:24:01.830 --> 00:24:04.800 cybersecurity or technology vendors. We didn't see much in 414 00:24:04.800 --> 00:24:07.650 the cybersecurity world. I mean, the biggest one we saw in 2022 415 00:24:07.650 --> 00:24:11.310 was Attivo Networks as bought for just north of 600 million by 416 00:24:11.310 --> 00:24:15.570 SentinelOne. If you compare that to 2021, Octa spent more than 6 417 00:24:15.570 --> 00:24:19.230 billion in Auth0. So with company stocks down, investors 418 00:24:19.230 --> 00:24:20.610 don't really want to see them spending their money on 419 00:24:20.610 --> 00:24:23.130 acquisitions. But I will keep an eye on some of those large 420 00:24:23.130 --> 00:24:26.760 technology firms. I mean, Google made a very powerful statement 421 00:24:26.760 --> 00:24:30.420 spending 5.3 billion to buy Mandiant. And I do wonder if 422 00:24:30.420 --> 00:24:33.840 Microsoft, and particularly Amazon Web Services, feel some 423 00:24:33.840 --> 00:24:38.160 pressure to show a commitment to security to buy a well regarded 424 00:24:38.700 --> 00:24:41.160 firm in the industry may be spending north of a billion to 425 00:24:41.160 --> 00:24:44.220 signal that we're serious about security. This is important to 426 00:24:44.220 --> 00:24:47.250 us and we have in-house expertise in this area. So 427 00:24:47.250 --> 00:24:49.830 particularly on AWS, I would keep my eyes on the skies. 428 00:24:50.520 --> 00:24:54.570 Anna Delaney: Lots to watch and 2023. I was thinking for sure 429 00:24:54.570 --> 00:24:56.820 we're going to see some significant movement to regulate 430 00:24:56.820 --> 00:25:02.070 the crypto space and fight money laundering and more NSA bypass 431 00:25:02.070 --> 00:25:06.030 attacks. But on a positive note, hopefully more organizations 432 00:25:06.870 --> 00:25:10.560 embrace, tech, like FIDO. So does that sound all fair? 433 00:25:11.040 --> 00:25:12.930 Tom Field: And the four of us all get the opportunity to be 434 00:25:12.930 --> 00:25:15.300 together sometime in 2023 in person? 435 00:25:15.720 --> 00:25:16.620 Anna Delaney: That would be wonderful. 436 00:25:16.620 --> 00:25:17.280 Michael Novinson: It'd be lovely. 437 00:25:17.610 --> 00:25:19.290 Anna Delaney: Tom, Mathew, Michael, thank you so much. It's 438 00:25:19.290 --> 00:25:21.270 been wonderful working with you this year. 439 00:25:21.810 --> 00:25:23.190 Tom Field: Thank you. Happy New Year. All the best. 440 00:25:23.430 --> 00:25:24.150 Mathew Schwartz: Happy New Year. 441 00:25:24.780 --> 00:25:25.650 Michael Novinson: Happy New Year. 442 00:25:26.010 --> 00:25:28.020 Anna Delaney: Happy New Year. Thank you so much for watching. 443 00:25:28.080 --> 00:25:28.860 Until next year!