CXO INSIGHT

Can you tell me more about your role at Splunk and what your day-to-day looks like ?

Since joining Splunk two years ago , I ’ ve led our product and technology strategy , focusing on developing and delivering Splunk ’ s security and observability products and platform . Since Cisco ’ s acquisition , I have also been responsible for Splunk product integrations at Cisco .

One of my current priorities is managing the evolution of Splunk ’ s unified security and observability platform . For our purposes , Foundational AI and Generative AI are productivity tools , so we ’ re building and implementing them into our offerings without customers incurring an additional cost . We also work closely across Cisco teams to integrate our tools so customers can leverage data to connect and protect every aspect of their organisations .

Outside of strategy , I spend a lot of time interacting with customers to learn firsthand what challenges they ’ re facing and how Splunk and Cisco can help alleviate pain points . Listening to customer feedback and meeting them where they ’ re at with our products will always be a top priority .

What should leaders be asking themselves about their businesses and cybersecurity ?

To create an effective cybersecurity strategy , you must first understand your organisation ’ s unique cybersecurity environment . Doing so will help improve your organisational security posture , which is your company ’ s overall readiness and preparation level to guard against a cyberattack .

A great way to start is by conducting an audit . Assessing risk by identifying all of your technology assets and assigning a vulnerability level to each , based on its underlying technology and importance to the business , allows you to prioritise the systems most in need of protection . Splunk Security natively integrates the MITRE attack framework standard to aid customers in making these assessments . This is a universally accessible , continuously updated knowledge base / framework for modelling , detecting , preventing and fighting cybersecurity threats based on cybercriminals ’ known adversarial behaviours .

Leaders should also always be thinking about how to expand their organisation ’ s cybersecurity toolkit . For example , what weaknesses are present in the company ’ s infrastructure that would benefit from introducing a new tool ? Are you automating phishing detection and response effectively , given this is a common entry point for attackers ? Are you consolidating your tools and data management strategy in the Security Operations Centre ( SOC ) to make analysts more productive ?

With Splunk as part of the Cisco portfolio , we bring together leading network security with the leading SIEM ( Security Information and Event Management ) system in the market . Already trusted by thousands of the world ’ s largest enterprises , our security products and partners are ready to help customers mature their security operations .

What ’ s the most concerning aspect of cybersecurity at the moment ?

My top concern is the impact Generative AI will have on cybersecurity . There is significant uncertainty around who benefits most from AI in the cybersecurity landscape . In Splunk ’ s State of

Security 2024 report , we found that 45 % of respondents believe adversaries will benefit most from AI , 43 % believe defenders will benefit most and 12 % believe they will cancel each other out .

We ’ re already seeing significant shifts in the threat environment . AI is expanding organisations ’ attack surface through adversarial attacks , data poisoning and model theft . AI continues to lower the barriers to entry as attackers benefit from AI with deep fake videos and voice generation increasing the risk of social engineering , one of the most common ways organisations are compromised . New challenges also arise from relying on inaccurate LLMs ( Large Language Models ), which can lead to the wrong decisions being made . All of this creates more headaches for those tasked with keeping organisations secure and operational .

At the same time , we are embedding AI assistants into our products to improve the effectiveness and efficiency of SOC analysts , giving them a productivity boost . We are also working on new ways to help companies secure their various AI implementations and services against these modes of attack to help detect model poisoning , hallucination and model efficacy drift . On balance , AI is similar to any other technology , bringing both risk and opportunity .

How do you promote innovation within your team and keep them motivated ?

Despite how quickly the landscape is changing , there ’ s nothing I would say that ’ s significantly different about how I approach team management today compared to two or three years ago . New technologies require new learnings and people to figure out how those technologies work , and product development teams like to learn new technologies , apply them to create something new and make a difference in how people live and work .

www . intelligentcxo . com

45