The Voice of Cyberยฎ

KBI.Media | KBKAST
Episode 273 Deep Dive: Jeetu Patel | The Future of Security
First Aired: August 23, 2024

In this episode, we welcome Jeetu Patel, Executive Vice President and Chief Product Officer at Cisco, to delve into the future of cybersecurity and its impact on cloud-based software. Jeetu shares his insights on the detrimental effects of monopolies in the industry and the complexities faced by Chief Information Security Officers (CISOs). He emphasizes the importance of resilience, updates, and collaboration in addressing security challenges and predicting exponential innovation.

Jeetu Patel is Ciscoโ€™s Executive Vice President and General Manager of Security and Collaboration. He leverages a diverse set of capabilities to lead the strategy and development for these businesses and also owns P&L responsibility for this multibillion-dollar portfolio. Jeetu combines a bold vision, steeped in product design and development expertise, operational rigor and innate market understanding to create high growth Software as a Service (SaaS) businesses.

A member of the Executive Leadership Team, Jeetu is helping to redefine Cisco’s SaaS business and strategy to further accelerate the company’s transformation and growth. His mission is to build world class, subscription-based products that solve Cisco customersโ€™ biggest problems. His team is creating and designing meaningfully differentiated products that diverge in the way theyโ€™re conceived, built, priced, packaged and sold.

Prior to joining Cisco, Jeetu was the Chief Product Officer (CPO) and Chief Strategy Officer (CSO) at Box, a role he pioneered. He led the companyโ€™s product and platform strategy, setting the companyโ€™s long-term vision and roadmap for cloud content management in the enterprise. He transformed Box from a single product application to a multi-product platform used by 100K customers representing 69% of the Fortune 500. The discipline, quality standards, performance metrics, and stability Jeetu instilled fueled the platformโ€™s growth โ€“ nearly quadrupling revenues to $700M+. Boxโ€™s growth scaled to reach over 60M users with over 50% of customers using multiple products. He also created the Box Platform business unit where he led product strategy, marketing and developer relations โ€“ driving products from incubation stage to mature offerings.

Before joining Box, Jeetu was General Manager and Chief Executive of EMCโ€™s newly acquired Syncplicity business unit, a cloud service for Enterprise File Sync Sharing (EFSS) and collaboration. One of the first SaaS-based solutions offered by EMC, Jeetu spearheaded the companyโ€™s acquisition. He created a world class leadership team, secured some of the marketโ€™s largest customers and led the group to become one of the fastest growing EFSS companies in a highly competitive market. Other key roles at EMC included CMO for the Information Intelligence Group and Chief Strategy Officer, where he drove the organic and inorganic strategy for the divisionโ€™s cloud and mobile growth.

Previously, Jeetu was President of Doculabs, a research and advisory firm co-owned by Forrester Research. The firm focused on collaboration and content management across a range of industries including financial services, insurance, energy, manufacturing and life sciences.

He currently serves on the boards of JLL, an American commercial real estate services company, and Equinix, the worldโ€™s digital infrastructure companyโ„ข.

Jeetu holds a B.S. in Information Decision Sciences from the University of Illinois, Chicago, and lives in the San Francisco Bay Area with his family.

Help Us Improve

Please take two minutes to write a quick and honest review on your perception of KBKast, and what value it brings to you professionally. The button below will open a new tab, and allow you to add your thoughts to either (or both!) of the two podcast review aggregators, Apple Podcasts or Podchaser.

Episode Transcription

These transcriptions are automatically generated. Please excuse any errors in the text.

Jeetu Patel [00:00:00]:
My strong belief is monopolies are bad, categorically, for the industry. It stifles competition. It actually creates the wrong kind of incentive structures. And so I believe that free markets that are highly competitive are great. I also believe that in security, the problem is not monopolies. The problem is very high amount of fractured markets. As a result, the complexity that has increased because of the fracturing of the market is so high that it’s very hard for the CISOs to actually keep the head above who are because on average, most companies have about 50 to 70 different members in their cybersecurity stack or 50 to 70 different products.

Karissa Breen [00:01:04]:
Joining me back on the show for a deep dive is Jeetu Patel, executive vice president and general manager of security and collaboration from Cisco. And today, we’re discussing the future of cybersecurity and the potential impacts on the reliance of cloud based software. So, Jeetu, welcome back.

Jeetu Patel [00:01:19]:
Thank you for having me, Karissa. Good to be back.

Karissa Breen [00:01:22]:
So recently, there have been some events that have caused major disruptions that you’re obviously aware of, the businesses. So maybe talk me through this whole thing just from your perspective and maybe even if there’s customers that have been sort of reaching out to you and that are worried about this. You know, no one sort of wakes up and sort of predicts this. It was you know, perhaps it blinds out a lot of people in particular. So I’m keen to sort of hear your thoughts.

Jeetu Patel [00:01:45]:
These are interesting times we live in where our first priority, firstly, is whenever a customer calls us because we wanna make sure that, you know, right now, we’re supporting our customers in the way we can. And so that’s that’s a given. That’s a that’s the core foundation. But when you look at these kind of outages that we’ve seen, it should be a stark reminder for us of the sheer interconnectedness of our world. Criticality of having resilience within your organization to say, hey. I’m. These things are gonna happen. And when they do happen, it’s more important to have the kind of infrastructure in place so that you can be resilient and you can come back up as fast as possible.

Jeetu Patel [00:02:26]:
And so the way I think about this when this happened was it it’s just a reminder of how important it is for us to maintain a healthy security posture, but also how important it is for us to just know that even when there is not a breach, something could go wrong because of just some level of mechanisms that can happen by anyone. It’s human error. You know, that can happen for anyone. So I’m not a big fan of assigning blame and pointing blame, and I actually feel that we should look at this as a learning opportunity within the industry to know what the what the ripple effects of an incident like this can have and what the consequences are of an outage, whether it’s caused by a breach, whether it’s caused by an unforced error. I think these are not only disruptive out outages that cause inconvenience. They can, you know, cost lives, and we ought to make sure that kinda keep that in mind. One of the things that we had done was at Splunk. There was a recent cost of downtime report, and it revealed over there that there was, like, $540,000 per hour that that’s cost for organizations when they have downtime.

Jeetu Patel [00:03:35]:
And downtime can happen because of a multitude of different reasons, which is why we we think of it like you have to make sure that you tie them all together because it could happen because you’ve got a productivity outage. It could happen because you’ve got API overage. It could happen because you’ve had a breach. It could happen because of any other of like, a number of reasons. But when that does happen, knowing why that happened and being able to go resolve that as quickly as possible is probably the the thing that’ll separate the good companies from the great companies.

Karissa Breen [00:04:05]:
Okay. So there’s a couple of things in there you said which was interesting. You said, take this situation recently as a learning opportunity. So what would be some of the learnings that you could sort of explain today?

Jeetu Patel [00:04:15]:
Well, the learnings are that in this particular situation that updates are hard. There’s unforced errors that happen in updates. When you have to update infrastructure, you just have to make sure that there’s a different mode of operating than the way that we might have. We’re more connected now than ever before, and we need to understand the ripple effect consequence of this. And that this isn’t this trend isn’t gonna slow down. It is only gonna speed up where there’s gonna be both unforced errors as well as, you know, breaches that might occur. And when that happens, organizations have to be have to have a posture of resilience of of digital resilience that can actually get them back up. So what what’s the big learning? Updates are hard.

Jeetu Patel [00:04:59]:
And what we need to do is make sure that we start to think about architectures and solutions that can allow us to actually have more elegant ways that these kind of things can get done over time. We’ve been working on some of these pieces ourselves in a product that we have called HyperShield. How do you go about doing an update so that it doesn’t you know, you’ve tested everything out in your live environment rather than bringing it down and testing it out in the sandbox. We could test it out in the live environment, live data to see how the new update is performing before you actually switch over to it. And that’s just one example of how these things are gonna actually work out over time. And and the other learning I have is it can a continuously improving process to go out and fix these issues in a compressed amount of time is gonna be pretty important as well. You know, that’s something that I just don’t feel. You can ever be complacent that your your gobble good enough.

Jeetu Patel [00:05:59]:
You can always get better because every minute of downtime cost 1,000,000, cost 1,000,000,000 throughout the world. And more importantly, it actually has risked lives. And what each one of these things does, unfortunately, it gives adversaries ideas of different ways that they can actually start to bring down society. So the learning over here is very much around making sure that you have more resilient infrastructure or making sure that you solve problems like updates and patching and segmentation, all of these which can actually be controls that are put in place. And then lastly, you know, ensuring that you’ve got the right kind of processes and, speed with which you can actually, again, get your call back.

Karissa Breen [00:06:41]:
Yeah. You make some great points. So I wanna explore that a little bit more because I think these are the things that, you know, when we zoom out, you said it bring down society, like the ripple effect. Obviously, this incident happened recently. Do you think people were rattled by this? Now I say this because I was getting calls from people like, what’s going on? Like, my brother-in-law works in, like, finance and was trying to, like, short a longer stock. So, like, he’s one set of people. I’ve spoken to people this week, executive trying to fly from the US to Australia, couldn’t get their flight, All of their, you know, road shows would, you know, change. You know, there were people stuck here in Australia, and they’re like, oh my gosh.

Karissa Breen [00:07:13]:
I’m a student. I can’t get a flight because x, you know, airline company not gonna pay for my hotel. What do I do? So it’s like people have been impacted by different ways, but people seem really rattled out there hard. So I wanna talk a little bit more about this because look how far and wide that this impacts, like, impacted people and businesses. So you think people understand the full effect of that, like, maybe since this incident? But, I mean, you said before, this is gonna speed up. So we we’re very likely to see this situation happen again.

Jeetu Patel [00:07:43]:
Yeah. I think in my mind, the thing that probably has I mean, we are in the industry, so, you know, I’m not surprised when I see something like this because we talk about this, that a bad cyber attack can bring down society. It can bring down your power grid. It can bring down your water supply system. It can bring down your financial services system. It can bring down your transportation system and on and on and on. But when you see it in real life, you say, oh my goodness. Look at how connected we are, and look at how easily the entire system can stop functioning.

Jeetu Patel [00:08:20]:
There’s a level of kind of you know, people do get taken aback a bit. In my mind, these are healthy reminders for us to get even more paranoid because the delta right now between the readiness of organization or either a cyberattack or an outage and being resilient to it versus their sentiment of feeling confident is a is a massive dissonance from each other. And we’ve done studies where 80% of the people feel like they’ve got everything covered, but only a small single digit percentage of people actually are ready when you look at it. That delta, that dissonance is actually what you have to bridge the gap of because you can’t solve these problems and you can’t get a better posture if you don’t admit that there is actually a need for a better posture. And then the second thing you have to have is you have to simplify this quite dramatically for the for our practitioner community because I think the job of the CISO right now is one of the hardest jobs in the industry. There’s liability in that job. There is complexity, and there’s, a shortage of funding. And all those three things together can be a pretty difficult thing for someone to deal with.

Jeetu Patel [00:09:31]:
And so I think the the tech community has to come together. And in fact, one of the ways that I think it has to come together is we have to have a fundamental mental model shift from being this very capitalistic and I don’t mean capitalism. I think capitalism is great. Capitalism is even the wrong word. This highly competitive market, really understanding who the enemy is. The enemy is actually not my competitor. The enemy is the adversary. And if I can actually collaborate with even my competitors to exchange data so that when an adverse event happens, which, by the way, is not a matter of if it is guaranteed or when, that we are all collaborating with each other to help the customer out.

Jeetu Patel [00:10:18]:
I think that’s the more mature way to do it to actually save humanity. And I, you know, I know it I sound hyperbolic when I say to save humanity because but these things could have meaningful consequential impacts on society in ways that we haven’t fully figured out or imagined. And I think we have to make sure that the ecosystem interoperability and exchange of data and exchange of knowledge and exchange of what’s happening with bad actors is something that we don’t actually hide from each other because of competitive advantage. But we are very open in sharing it with, amongst, the different providers in the market. And I think that’s a very counterintuitive concept, but, frankly, that’s the only way or and I would invite all of my, like, in this case, you know, I wanna make sure that we actually offer all all the support we can to CrowdStrike and to Microsoft and others to say, if there’s anything that Cisco could do, we’re here to help.

Karissa Breen [00:11:20]:
So the part that’s interesting is I wanna go back to your points here, but I just wanna go back one one step. You you saw that, you know, companies being resilient. But how do you sort of know if you are or not? And the reason why I asked that question is, like, companies last week were probably waking up like, great. We’re gonna get all these people halfway across the world, and all all, you know, all of our systems is not working at all. So they probably, in their mind, have this version of, oh, we’re resilient. And then all of a sudden, you know, look what happened. Everything came tumbling down, like, you know, domino effect quite rapidly as well. But how do how do people sort of wake up and they can confidently say to you, you know what, Jeetu? I think we’re resilient.

Karissa Breen [00:11:57]:
Do you have people actually saying that, though, to you?

Jeetu Patel [00:12:00]:
One of the things that at least we’ve been thinking about as we offer advice to our customers is making sure that the outages are recovering from an outage is a day to day, and it’s actually finding a needle in the haystack. And the amount of time that’s taken, find out what went wrong and what do we need to do to go out and revert us. You know, there’s a fair amount of time that gets taken in that. And, you know, the way that we think about it is correlating the data, knowing when there’s an connectivity outage versus a security breach versus an API overage, and making sure that the data gets correlated with each other so that you you can pinpoint at a much faster level. And it’s not about reactively, you know, defending an attack that might have happened or an outage that might have occurred, but it is about proactively creating the right amount of stability in the infrastructure and having the right amount of, you know, backups in the infrastructure to make that happen. I I think this is not an easy question to there’s not one single silver bullet answer. What you have to do is systematically continue to keep pruning and keeping on getting your systems better so that they’re while they’re talking to each other, there’s enough data exchange between them, and you’re able to go out in a short amount of time, find out what’s going wrong and then do something about what’s going wrong in record time. Like, I’ll give you an example.

Jeetu Patel [00:13:24]:
Our you know, the amount of time that it takes to detect something right now and then investigate when you feel like there’s a breach that’s occurred, for example, in security and then remediate that should all start to get compressed, and that’s what we wanna do. And so one of the things one of the big reasons why we bought Splunk was for that reason, which is take an investigation and compress the time to investigation, but also make sure that you can detect at a better pace because you’ve got more data to detect what’s going wrong going wrong and then also orchestrate a response. And so technologies like XDR and SIM and SOAR, which were all siloed and in different parts in the world before. Now with Splunk and Cisco, you have a single platform that can actually say, okay. I can do, you know, way better detections because I can get telemetry from the network. I can get telemetry from the endpoint. I’m gonna then feed that data into Splunk. But I’m gonna only feed, a subset of the data.

Jeetu Patel [00:14:25]:
I’m not gonna feed everything. One of the challenges we have right now is when you feed too much data into something, it’s still a needle in the haystack issue. And so what we do is rather than feeding high volume, low fidelity data, what you do is you feed low volume, high fidelity data to prevent lateral movement.

Karissa Breen [00:14:43]:
And

Jeetu Patel [00:14:43]:
then once you’ve done that, you can compress your time to investigation. Another way to think about this actually, Carissa, is take a step back and say, if you assume for a moment in security that an attack has already infiltrated your organization, The attacker is already in your system. The name of the game is preventing lateral movement. And the way that you prevent lateral movement is by actually where does lateral movement happen the most? It happens on the network. And so what we have to do is be effective at correlating the data in the network from the endpoint, from the web so that low level alerts, which you would have otherwise ignored in different parts of the infrastructure, when correlate together, it can tell you about a high level alert that you shouldn’t ignore and therefore, really respond to that as quickly as possible.

Karissa Breen [00:15:33]:
Okay. You mentioned before ecosystem. This one is this one’s really interesting. So you saw that competitors. If you had to hypothesize, if competitors worked better together like you mentioned before, and I actually heard you speak about it at Cisco Live in Melbourne last year. Remember that explicitly. Do you believe that if everyone were together, Palos and Fortinet, and all these people, right, work together and not to your point, like, trying to compete and not, you know, withhold information because they have the competitive advantage. I’ll be so focused on that and, you know, who is the real you know, not competing against each other.

Karissa Breen [00:16:07]:
It’s the the bad guys. Right? Would you assume that we would reduce outages and then incidents if that was a thing that happened in a perfect world?

Jeetu Patel [00:16:16]:
It would be hard hard to imagine that you wouldn’t given the fact that each one of us has a purview of certain amount of data that if you correlate together, you’d actually have a better, you know, kind of scope of visibility. So it’s almost a guarantee that if there’s cooperation, you’ll have better outcome. And, by the way, I think the industry is starting to do that, so I give my competitors a lot of credit towards it. Like, you know, Microsoft and CrowdStrike are competitors. And in this particular case, they came together to go out and resolve this issue. You know, there’s aspects where we compete with Microsoft. Microsoft the head of security of Microsoft, Basu, was on stage with me at, Cisco Live where I invited her on my keynote and said, let’s make sure that we actually extend the gesture of working together and actually start this partnership between platform providers and the ecosystem. We take telemetry from about 13 major providers into our XDR system because we wanna make sure that that telemetry enriches the kind of detections that we can do on our side.

Jeetu Patel [00:17:19]:
So I actually think the market is starting to see that you have to work together in an interoperable ecosystem. It’s almost guaranteed that the power of the collective is greater than the power of any individual one. I’m pretty long on ecosystem advantages also because I feel like for the longest time in software, we have operated from this kind of notion of a zero sum game. In order for me to win, someone has to lose. And I personally just tend to reject that notion because if you can add meaningful value to the customer, there are scenarios that are very prominent where both parties can win. And if if it’s me and one of my competitors, I would we work well together. And not only does the customer win, but as a function of the customer winning, the 2 of us win. Does that make sense?

Karissa Breen [00:18:13]:
Absolutely. I think a 100% it makes sense. And this is the part I mean, even I’ve spoken about it that you make a great point. The real issue are the cyber criminals, not, you know, Palo Alto or whoever it is. Like, this is the part where I think some people may get lost in well, Cisco won the deal over me, and now I’m annoyed. Like, these this is the part where I think people are they I mean, are they in it for the right reasons? Like, are you really in it to, you know, to protect customers and people and society, or you’re in it for your own self gain? So I guess this becomes a bigger, you know, a bigger question. But it’s just more so hearing you say that from your position where you sit, your tenure in the game of we actually work more together. Know, we’re gonna get a better outcome.

Karissa Breen [00:18:55]:
So do you sort of envision this will start to happen over the years? Like, I know in couple more years, I see you get at Cisco Live, and I say, hey, Jeetu. How’s this whole collaboration thing going? You know, is that do you think that gap will close in time, or you’re not sure?

Jeetu Patel [00:19:11]:
I think gap has already started closing. I’ll give you an example in collaboration. Like, you you brought a collaboration. Let me give you an example there. Microsoft Teams is a big competitor of Webex, but we also make hardware devices. And we decided to say, you know what? Even though Microsoft Teams competes with us, we will run Microsoft Teams natively on our devices. And not only will we do that, we will move some of the software capabilities with AI enrichment that we’ve built in our Webex stack to the firmware level of the devices so that that device can actually run that that piece of code, like noise cancellation or video focus areas or, you know, kind of video optimizations and all of that. And those will then be applied to Microsoft Teams.

Jeetu Patel [00:20:00]:
So we literally worked hard to make Microsoft Teams work better with the capabilities that we had innovated in Webex because we felt like that would be good for the industry, and it would actually commercially also be good for us. So this is not an either or. Like, I know you juxtapositioned this earlier saying, do you do this for self gain, or do you do this for the right reasons of helping society? I think you do it for both. There’s always a commercial interest. But I have this kind of a friend of mine years ago taught me this lesson 25 years ago or so. I was at his place. I don’t know. There was a guy named Mike Tuchen who just recently retired, and he used to, at the time, you know, run a business at Microsoft.

Jeetu Patel [00:20:45]:
And I was talking to him about something, and I asked him a question. Like, does that scare you folks? And he’s like, facts shouldn’t scare a business. The reality is is when someone has more than 20% market share and if you don’t integrate with that piece of technology, then you’re just gonna be left out of the action for that percentage of the market. And so it actually makes good commercial sense to integrate. It’s not just good for the customer and for the industry. It also makes good commercial sense to integrate. And so I actually feel like there is far more reason to be open, to be interoperate, to be collaborative with your competitors than it is to be closed. And I feel like it’s a very 19 nineties and a mindset to say that I’m gonna go out and do my thing and someone else does their thing, and we’re just gonna compete all the time.

Jeetu Patel [00:21:34]:
Because in tech right now, there is no 2 companies that probably don’t have some overlap when they’re at scale. Like, I can’t think of a single company that Cisco might not have some overlap with somewhere. Right? Like, very few Gong. But that doesn’t mean that you don’t learn how to collaborate with them and cooperate with them. Because if you if you don’t, you will lose out on the opportunities that could be created by that collaboration.

Karissa Breen [00:21:59]:
No. That’s a good point. That’s a good point. And that and that sort of leads me into sort of my next question on market share. So when this incident happened, for example, I started to do some, like, reconnaissance on forums and social media, just sort of seeing what people are saying. And, like, people were sort of saying out there, you know, should one company have the monopoly and have that market share? And and then I’ve heard people sort of say, oh, you know, they should spread the risk and all of that. So what are your sort of thoughts then on to that? Like, this whole problem that people are sort of saying, we have this overreliance then on, you know, these big players. Are we too reliant on them?

Jeetu Patel [00:22:34]:
My strong belief is monopolies are bad categorically for the industry. It stifles competition. It actually creates the wrong kind of incentive structures. And so I believe that, you know, free markets that are highly competitive are great. I also believe that in security, the problem is not monopolies. The problem is very high amount of fractured markets. As a result, the complexity that has increased because of the fracturing of the market is so high that it’s very hard for the CISOs to actually keep the head above whoever because on average, most companies have about 50 to 70 different members in their cybersecurity stack or 50 to 70 different products. And there’s about 35 100 vendors in the market, and no one owns more than 15% of the share.

Jeetu Patel [00:23:27]:
And when you start thinking of that, that complexity is untenable to carry forward moving. So you you have to have some kind of a platform approach, which allows for simplicity in the operating environment for security. And so I think that’s very important. So I think both of those things are all true. You have to have sim simplicity and data exchange and a platform approach so that there’s simplicity that gets injected into the way that, an IT practitioner can go up and manage the security environment. And you also need to make sure that there’s the right level of regulation to prevent, you know, bad behavior for monopolies that might that that might emerge. So I think both of those two things are all true simultaneously.

Karissa Breen [00:24:13]:
So what does bad behavior for monopolies look like, would you say?

Jeetu Patel [00:24:16]:
I mean, bad behavior for monopolies is, ineffective use of your power for stifling the ecosystem. Like, that’s that’s bad behavior. And I think there’s enough checks and balances in the system to go out and stop that. We always have to be aware of that because like, for example, I’m at my heart, I’m a start up guy. I admire entrepreneurs. I admire start ups. I admire what they do to go out and the grit that they have and what they’ve been able to do to struggle to overcome the odds. And I feel like a vibrant start up ecosystem is what makes America so amazing and was what makes tech so amazing.

Jeetu Patel [00:24:58]:
And it’s actually the countries in the world that are getting more and more vibrant to the startup ecosystem are actually seeing progress follow. Right? If you look at different geographies that are growing and different different countries that are growing, there’s a very vibrant startup ecosystem. And so I personally feel like that start up ecosystem has to be protected, hydrated, and encouraged in the economy. I think it’s very good for the progress of humankind. I also feel that at scale motions are very good for the progress of humankind in areas where there’s a high amount of complexity that’s come in or a very inefficient use of capital. Like, for example, in security right now, we are spending an enormously greater amount of money than we were 20 years ago. And ransomware is on the rise, and we are no safer today than we were 20 years ago. Something has to change in that equation.

Jeetu Patel [00:25:54]:
Right? And the way that that equation needs to change is you you have to have some simplicity injected into the system. There has to be greater efficacy. There has to be a better experience. There has to be a better set of economics in play. And if you don’t have those three things, then I just don’t think you’d you’d be able to, serve the customers and the customer community in the right way. So I feel like you just have to make sure that whenever someone starts getting, you know, too big or too powerful that there’s checks and balances for that. And so I do agree that you need to make sure that there’s checks and balances for that, but I also agree that that can also simultaneously hold true with creating a platform effect because the complexity of a very, very fractioned environment is actually, is not healthy nor is it safe. And the interesting part in this entire equation is the very reason that start ups and security emerged for this kind of point solution, best of breed approach was to increase efficacy.

Jeetu Patel [00:26:54]:
But what ended up happening is because there were so many of them all over the place, the kind of sort of did the same thing, but each one of them have their own policy engine. Each one of them would have if you have 70 players in the market that you’re that are helping you solve your problems in cybersecurity, that’s 70 different policy engine. That’s 70 different places where contention from a current policy. That’s a tremendously complex environment to go train your IT staff to go out and manage. And so those are the thing that have to get you know, the very reason that the ecosystem got so fractured was to go improve efficacy is the reason why efficacy is getting impacted negatively. So I think there’s gonna be a shift in security to more of a certain set of integrated platform. And the reason for that is because security is a data game, and the one who goes out and correlates the most amount of data is the one who’s gonna be able to make sure that they could keep the world safer by doing better detections, better investigation, better response remediation, better prevention, all the entire kind of life cycle.

Karissa Breen [00:27:56]:
Okay. So still following this train of thought for a moment. So you you’re mentioning the 4, you know, simplicity, etcetera, platform approach. Did you sort of envision now that this incident happened and as we’ve sort of spoken about today market share, the, you know, monopoly, people are worried now, do you start to see people shifting? People do you think people are gonna get worried now because they feel like, oh, we got this over reliance? Like, what do you sort of think is gonna happen now with the incident on how much it’s impacted people and businesses, etcetera? What do you sort of see from your experience people will start doing now?

Jeetu Patel [00:28:29]:
The changes are gonna be incremental. They’re not gonna be, like, one fell swoop change that is gonna change. What I’ve seen customers do even today is they have a multi vendor strategy. I don’t know if a single company that has a single vendor strategy that says I’m gonna buy all my security from only 1 vendor, and that’s it. No one else. That does not exist. You just need to make sure that there’s enough kind of redundancies in the system that if one part goes down, you can bring it up with the other. And and that that kind of aspect of a multivendor strategy, I think, most most companies use.

Jeetu Patel [00:29:07]:
This just happened to be one of those incidents where even if you have a multivendor strategy, there are gonna be companies who are gonna have a large footprint. And when they have a large footprint and an incident happens, there’s gonna be a charge that has to be, you know, resolved. So I don’t think there’s an easy silver bullet answer in this thing. Besides, testing before deployment is good is a good practice. Automation of some of those pieces in a way that can actually have testing of live data without actually moving over to that environment so you can see what the differentials might be super valuable to have. And so there might be different techniques that start to emerge to mitigate against some of these risks that we have, to avoid situations like the one that we just saw. Basically, if you think about what we are doing with a product called HyperShield, that is exactly what we’re doing because we’ve seen, like, 3 big problems that I think the industry has not been able to solve. Segmentation is really hard, especially in a hyper distributed world, where you have to go out and, you know, write segmentation rules, and that gets to be a very, very complex problem.

Jeetu Patel [00:30:11]:
Patching is hard. It takes about, you know, 3 to 5 days from the time that a vulnerability is is announced to the time that an exploit occurs. It takes 45 days for a patch to be applied. That gives you days and days and days of exposure where vulnerability is out there in the market now, and you don’t have a patch against it. We gotta solve for that. And then the third one is updates are hard like we just talked about. And so for each one of those, I think with given technologies like AI, you could add a lot of automation to solve some of these problems. So we’ve actually constructed things that can do autonomous segmentation based on the behavior of the application.

Jeetu Patel [00:30:51]:
You can you can kinda change the boundaries of segmentation dynamically. You can do distributed exploit protection. So within minutes of a vulnerability being announced, you can have a compensating control that can be applied until the batch is gonna be applied. And once the batch gets applied, the compensated control is smart enough to be taken away. And then you have kind of this dual path upgrading that we do, which is, like, if you have version 1 and version 2 and you wanna upgrade from version 1 to version 2, the way that we are starting to do it now is very similar to the way that, you know, you could do it in an automated way with your consumer technologies where you can say, okay. You don’t even have to think about it, mister or miss with this customer. I’m gonna make sure that you upgrade from version 1 to version 2 in a way that you have both version 1 and version 2 running in parallel in your system for some days. You do a differential at the end.

Jeetu Patel [00:31:44]:
You try to figure out if the systems are working as you would have expected them to work. And when you start to get good evidence, the data that that’s working exactly the way you want it to work, You could swap them and make the primary the shadow path and the shadow the primary path. And that’s how upgrades will happen in the future. So I think these are, like, foundational elements that have been broken in the past that I think we have an opportunity to fix because of some of the new technologies coming up or up about in the realm of hardware acceleration or observability or AI.

Karissa Breen [00:32:16]:
Just pressing a little bit more with those 3 broken things about this industry. So segmentation, patching, updates. So if I you know, in my experience of, you know, almost doing 300 episodes now, someone else, I didn’t think, well, you know what, KB? It’s about the basics. They’ll say it’s about hatching, which, you know, we’d be as you mentioned before, that’s hard. We’ve been trying to talk about doing this for 20 years. It wasn’t fixed.

Jeetu Patel [00:32:37]:
Yeah.

Karissa Breen [00:32:37]:
So they undertone what you’re saying, if someone else were to come on here, they’d say, oh, it’s it’s they’re all basics, but it’s not that basic. This is the part that I’ve spoken about at length with people. They come on and they say it’s all about basic patch management and, you know, updates and all that. But you’ve just clearly articulated here that they these things are hard to do, and it’s like people don’t acknowledge that they’re hard. The practitioners acknowledge they’re hard, but there’s not there there has not been an elegance to

Jeetu Patel [00:33:07]:
ways this is important. Up until now, there weren’t elegant ways. I equate this to an analogy that I give people sometimes, which is imagine if Amazon dotcom were founded in the year 14/75. It would be an epic disaster of a company. Why? Because there was no shipping and logistics infrastructure. There was no Internet. There was no personal computing revolution. There was no mobile revolution.

Jeetu Patel [00:33:32]:
There was you know, like, all the core foundational building blocks which were needed on top of which Amazon could be built didn’t exist. It wouldn’t have made made any sense. That’s actually what’s happened with patching and updates and segmentation is all the core building blocks that needed to be there really weren’t available in its full form or maturity until very recently. So the 3 that I talk about that we have used that are really important are kernel level visibility, AI, and hardware acceleration. Those three things give you a purview that historically did not exist as a result of which you weren’t able to do the things that we can do today to make patching very easy or updates very easy. We couldn’t have done this 10 years ago. The elegant solution that we’ve come up with right now just simply would be very, very hard to have have have actually put into place 10 years ago. And so part of it is just the technology maturity levels now in certain core domains have have had such step function improvements that you can then build on top of that to solve these problems that historically weren’t as elegantly solvable in the past.

Jeetu Patel [00:34:44]:
And then you have to say, alright. So once you have that, the world becomes a very different set of possibility. You’re not thinking about building the next version of something that already exists. What you’re doing is building the first version of something completely new that was not even possible because the core building blocks didn’t exist.

Karissa Breen [00:35:05]:
Yeah. I I I totally hear your point. But that’s the part that sort of still gets me g 2 about people, and they, you know, talking to me on this show. They’re like, oh, you know, implement the basics. But, like, you were saying, this wasn’t even a you couldn’t even possibly have done something like this to make it easier for people 10 years ago. This problem has been a huge problem for multiple decades, but people say, oh, it’s so basic.

Jeetu Patel [00:35:24]:
And it’s not solvable because it wasn’t solvable in the old way because it required you had a massive talent shortage. You had a skill shortage. People had way too much volume. The here’s the statistic that’s mind boggling to me that I when I discovered it, only 20% of vulnerabilities that get discovered ever get patched. 80% of the vulnerabilities discovered never get patched. Oh. Think about that for a second. Right? We are all living in a very exposed environment.

Jeetu Patel [00:35:54]:
And, I mean, if if there were 10 ways to get into your house and you only locked 2 of those doors at any point in time And then just pray that no one’s gonna break in. That’s kind of the world we’re living in right now. And so we have to come up with more creative solves than the ones that we’ve had to date. And I think what I’m excited about about AI and about some of these technologies, like eBPF with visibility and observability and all of that is the more you can observe on what is happening in your environment, the better you’re gonna be at being able to pinpoint and say, therefore, we need to stop x y z. And with the way that AI is maturing right now at the base that it’s maturing, the kind of solutions that we can start to imagine now because of the power of the silicon and because of the power of AI is so much so much more advanced, such a short period of time. And that exponential kind of innovation curve, I think, is gonna continue over the course of the next 5 to 10 years. I’m really, really encouraged to see, like, the kind of things we can do because I’ll tell you the the kindest innovations we’ve had and I I told our our customers publicly in one of the keynotes. I’m like, in in 2023, we had more innovation in Cisco and security than previous decade combined, and 24 was a multiple of 23.

Jeetu Patel [00:37:20]:
We’re only halfway through the year, and that trajectory is gonna continue. That’s exciting stuff, but I think we will see this kinda balance that has a potential of tipping in favor of a defender from the adversary because of AI, because we will be able to create a data advantage. For the past 20 years, 30 years, we’ve always said the adversary has the advantage because they have to be right once. You have to be right as a defender every single time. That’s just an imbalance that can’t be got, you know, kinda solved. While that still is the case, you will have a tremendous data advantage, which makes it much easier to predict and prevent rather than reactively detect and respond.

Karissa Breen [00:37:57]:
So a lot of everything has happened and what we discussed. What do you think happens now in Jeetu? What do you where do you think we go from here as an industry, as a society? What what are your thoughts?

Jeetu Patel [00:38:08]:
There’s a few things that have to happen. Let me tell you what I think must happen. I think we have to make sure that security gets simplified, not just for the management aspect, but also for the use by an average consumer. Right now, it is way, way too complicated, and it’s very intimidating. So if you ask take an exercise and ask your family who’s, like, 1 generation ahead of you on how they use security, and you’ll find that they actually find it very, very scary and intimidating. We gotta make sure that we solve that because security is a problem which addresses every, you know, digital worker on the planet. It’s billions of people. That’s maybe not all 8,000,000,000 because not every one of the 8,000,000,000 is is digital, but a lion’s share of the majority.

Jeetu Patel [00:38:53]:
Right? And so the first thing you have to do is make sure that you make security simple with both management, by the IT practitioner, but also for the end user. And, historically, security has never focused on that because they’ve always been focused on power user scenarios. And so one of the big things I think is a cultural shift that needs to be done in security is you need to have a very different kind of profile of people attracted to the industry. We need to have more women. We need to have more people in liberal from liberal arts background. We need to have more people with design backgrounds so that we can make sure that they can humanize security. Because in the absence of humanization of security, security cannot actually help protect us. Because people won’t know.

Jeetu Patel [00:39:37]:
Like, the the human errors are gonna be too many because it’s not gonna be intuitive to use. So that’s number 1. The other thing that must happen is you have to accommodate for the new architectures and say, what are the things that need to be done given the change in architectures? We are in a hyper distributed world. We are gonna be in a world with epic scale proportion with AI. We’re gonna be in a world where there’s gonna be a degree of acceleration of threats because the attack surface has increased so much, and you have to respond to that with automation. So you no longer can actually have security at human scale. You must incorporate machine scale. The first thing is humanized security.

Jeetu Patel [00:40:17]:
But second thing is you can’t address security at human scale. You have to address it at machine scale. And then the third thing is you have to make sure that security is a data game. And that if you wanted to prevent this notion of lateral movement, the companies that most effectively correlate the data so that they can find a needle in a haystack are the ones that are gonna be the most most relevant companies of the future. And so security is a data game, and we have to make sure that we utilize the data and share the data with ecosystem effectively so that we can stay a step ahead of the adversaries.

Karissa Breen [00:40:54]:
I think it was a great summary, but I will just ask one final question. Do you have any closing comments or final thoughts you’d like to leave our audience with today, Jeetu?

Jeetu Patel [00:41:03]:
Well, this seems very kind of intimidating and sometimes it seems what’s the world coming to, I think there’s a tremendous amount of I’m an optimist at heart about the future of humanity and especially because of security, because I think we’re gonna make as a community I’m confident of it, and I’m hoping that I can do my part in it. As as an industry, we’re gonna make sure that we actually cooperate together and do things to keep the adversaries at bay. And while this is gonna be a very complex undertaking over the course of the next next few decades, I do think that companies will come together or governments will come together. There’ll be better public private partnership. There’ll be better use of AI. There’ll be better regulation so that safety can actually be practiced. All of those things. You know? Like, we have to make sure as a community that we’re trying to drive towards thoughtful implementation of all of those pieces.

Jeetu Patel [00:42:04]:
If we do our jobs right, I think the next generation is gonna have a bright future, but we’ll have to make sure that we do our jobs right and not get too myopic about about these aspects because the downside effects are not ones that we should ignore, but the upside is something that we should keep our eye on the prize for.

Share This