Mitch Ashley: I have the pleasure of being joined by Ryan Kovar, Ryan is a distinguished tech security technologist and leader of SURGe with Splunk, and Cory Minton who’s field CTO for The Americas with Splunk. Welcome, guys.
Ryan Kovar: Thank you.
Mitch Ashley: Good to be chatting with you both. A topic that’s very top of mind for CISOs or IT leaders, of course, is how do we create a resilient and dynamic organization that can keep pace with the business and the change that we see in the technology landscape, whether it’s our own infrastructure, own application portfolio, cloud, et cetera, all of those things, but also, of course, the tax services that are evolving and changing as what the bad guys, the threat actors, are doing. We’ve also not only got to have a great and resilient technology stack, but organizationally, process-wise, all of those things have to fit together into a cohesive strategy.
We’re here to talk about that, thinking about it as an IT leader, whether you’re in security or IT or combination of both, and discussing your all expertise experience, but also you talk to a lot of customers as leaders in Splunk and the kind of things that you do. Cory, it’d be great to have you kick things off. Maybe we should start with if you want to start with the people domain or maybe you want to set it up a little bit differently. I’d love to hear your initial thoughts on this.
Cory Minton: Yeah. No people’s perfect. I think the people process technology lens on tackling any sort of problem for leaders today is an appropriate framework. I’m happy to talk about the people portion of building great cybersecurity and IT organizations that, like you said, deliver resilience.
Ryan Kovar: For me, at least when we think about this, you said IT leaders, and I think one of the big changes I’ve seen across for cyber for CISOs is it’s no longer IT or security. It is business leaders. When we started talking about people, that to me starts resonating because that is a cognitive change in how CISOs think of themselves and they think of their value, which we often get stuck in the technology part of people process and technology because a lot of us are technologists at heart, but I think the big change that Cory and I have seen when we start talking to CISOs and CIOs is this convergence of skills and the need to support the business differently.
Cory Minton: Yeah, and it’s an interesting sort of people market, too. I think leaders have to think about the fact that, yeah, in technology, there has been some turmoil in some of the big tech companies, but there’s still a lot of really great talent out there. I think that there’s choice. With unemployment so low, and there’s, what, like 16 million jobs unfilled currently in the US and a lot of those being in the tech sector, people have choice and they have a place where they can go.
I think, leaders, if they’re going to build a talent pipeline and build a great organization, they have to find folks where they are and bring them in and connect them to a value, a mission and a vision that they get excited about. Certainly, securing digital services and protecting against bad actors is exciting in and of itself for many folks, but actually connecting those people to how it affects the outcomes that matter to the business and that whole value creation process, I think, is a real critical skill for folks to understand today as they, again, are out communicating and interacting in the network, building networks of talent pools. I think that clear vision of why it matters and why the work that somebody would do with you matters is critically important.
Ryan Kovar: That reminds me of the cliche, of course, that people don’t quit jobs, they quit leaders. When you flip that around, one of my mentors, Susan St. Ledger, told me, you can evaluate the success of a leader by how many people follow them to another company. I know right now, in this market, what I’m finding is people are staying longer because they like the people they work for or they like their leadership team, they like the culture. The money, even if they’re not making as much as they were last year because of inflation, the people I know who stuck around longest are the people happy with the people that they work for and work with.
Mitch Ashley: It’s interesting when we talk about people. I’ve worked in part of my career where the sort of higher the purple unicorn that doesn’t exist, that got eight skills, that needs 20 years of experience for things that have only been around for three. We set our subs up to hire these phenomenal people of which there may only be a few in the world that are like that, but it’s about growing our people, but also growing our organizations, developing them. It’s not just hiring people. It’s building a team. It’s building an organization that’s got the right talent at the right time at the right place to match with the business needs, and that changes. That means you can’t always hire for it. You’re partnering for it. You’re working with companies like Splunk to bring in skills and expertise maybe you need for the moment, you need for a project, you need for strategy, all of those things. Love to hear your perspective about broaden what we think about people and how we incorporate that part of it into our strategy.
Cory Minton: Yeah. I’ll say, top to bottom, start at the executive level down to practitioners. Everybody has a partner. Everybody has a consulting partner typically that they bring in to, like you said, fill those gaps where it’s a new skill, it’s a new technology, it’s a new capability that they’re trying to deploy for the reasons that they’ve chosen to do so. They’re valuable, but you may not have those skills internally. Training takes time and, oftentimes, just finding that partner that can help you solve that particular problem is incredibly important. I think, as the security landscape and, frankly, the tools being used to deliver and develop the latest digital services continues to get more complex, expecting to hire that skillset completely, probably not realistic especially as digital transformation objectives have an ebb and a flow of momentum and the amount of work being done on particular projects.
Yeah, I see it as one of the top areas where, when I’m talking to CIOs and CTOs and CISOs, when they think about, “Hey, we want to deploy this new capability within Splunk,” or, “We’re, frankly, trying to figure out how to integrate better with our observability and IT teams to derive more value from the tools we’ve already purchased,” it’s oftentimes that people conversation of, “How do I actually leverage your talent to show us what good looks like and bring the experience from other companies similar to us that have already been down this path to, call it the cheat code, how do I do the thing that you guys already know how to do? How do I buy that capability?” Oftentimes, it’s through people.
Ryan Kovar: My experience, I’ll go the other side of the halo and horns there down to just the nitty-gritty hiring. Recently building out my team, I intentionally carved out three slots for entry level, early career folks into our cybersecurity team, which is pretty rare for Splunk and pretty rare for a lot of security research teams, but the way I did that was really rewriting the job description to be embracive of second-career people. I actually really dislike the term “there’s a problem with the pipeline for hiring”. I think that’s completely false. The problem is not in the pipeline. The problem is we have a valve on incredible talent and gate-keeping who actually gets into the pipeline. We do see a problem with the pipeline when I start looking for folks who are underrepresented in cyber especially 15, 20 years down.
What I don’t see is a problem of, basically, the reservoir. The reservoir is healthy. The reservoir is huge, but people either don’t feel like they’re welcome or they self-select out especially of cybersecurity. For me, a lot of the people problems that we have, if we can start working on the problems of today, future us, as a security leader, will be very happy if present me can help unlock that reservoir by turning open the valve by creating job descriptions and roles that are less around years of experience and understanding technologies that I can Google or generative AI my way through today.
I think there’s just a lot of flexibility especially for folks who have critical thinking and communication skills. I can teach you TCP/IP. I can’t teach you how to communicate. I can’t teach you how to synthesize information. I need you to walk in the door with that. Something for me around people and these hiring gaps that we see is really about being more embracive of nontraditional cybersecurity and IT roles and then also facilitating them in ways they can succeed.
Mitch Ashley: Well, and it’s also about hiring for what we need today, but also where the ball is going to be downfield when the ball lands. Part of that is hiring people who have demonstrated their ability to learn, adapt. Yesterday, they were TCP/IP expert. Today, They’re the security threat landscape expert. How did they do that? How did they get there? They learned it. It may have been on the job, but there’s also a lot of self-motivation and just skill in that learning, and that repetitive learning skill is I think something you can harness or leverage to accelerate their career as well as what you need.
Cory Minton: Absolutely. It’s one of those things that, always, some folks get turned off. As Ryan said, sometimes there’s a valve, and one of those valves is like, “You must have a college education.” While I don’t necessarily believe that a college education is always the right thing, I think what it proves if you have one is that, as you said Mitch, you’re able to go through a structured learning process in an organization that’s institutional, understand dynamics and things and achieve an objective which was set before you that had some measurable outcomes that you had to deliver, which I think is something true for all of us in a corporate responsibility job as we have to operate in an institutional environment. We have to consistently learn new things. We have to interact with people around us. I think college is a good measure, but, as Ryan said, oftentimes, a second career is maybe even a more powerful measure of somebody who’s done that successfully.
Like Ryan said, the technical skills are learnable and, frankly, the fun part is some of the technical skills are actually getting obfuscated by advancements in technology. As we think about things like, Ryan, you mentioned, generative AI, we can make the joke, but, candidly, wouldn’t you rather hire somebody who’s got incredible cybersecurity skills and understands the landscape more so than somebody who’s just really good at crafting queries because then, if you have somebody that has that domain expertise as technologies like generative AI and other sort of assistive technologies continue to evolve, then the domain expertise becomes the most important because then you start interacting on a natural language way and you don’t have to have those same technical skills to get there, which I think is probably one of the most interesting uses for generative AI is actually bringing out the barriers for technical ability to execute in a job like security or IT.
Ryan Kovar: Prompt engineering will be one of the most significant requirements for entry-level and mid-level jobs by next year, in my opinion, categorically.
Mitch Ashley: We’ve already been through one generation. It’s called search engines. Now, we’re doing it with generative AI.
Ryan Kovar: Yeah. Yeah. No. We’re talking about this, but the reality is I’ve been doing cybersecurity and IT since 1999. Cory, there’s enough gray there. I’m sure you’re about the same generation. When I started, there was no Google and you had to read the Microsoft TechNet documentation, and then there was Google, and I put 65 CD binder in the trash and said, “Never again.”
The fun thing that I always tell people that I’m mentoring or advocating for in cybersecurity is I’ve been doing this for 24 years and, of the 24 years, I have about four years of knowledge that’s relevant. I have 24 years of wisdom, but four years of knowledge that’s relevant. Everything else, no one cares that I can fix Exchange 5.5 driven pub EDB and I know how to defrag a Windows NT 4.0 server. That doesn’t matter. That’s one of the great things about cybersecurity and IT in the general is that you can become a subject matter expert in something very quickly and not have the bias of age.
Mitch Ashley: Well, let’s turn our lens to the process part of it, and we’ve talked a lot about people and we could talk a lot more about it. There’s some great conversations that we’ve had already about that. We’ve got to have processes that are well-oiled to highly tuned, but can be responsive of incident management when things happen. The organization now has to operate cross-functionally, the stove-pipes, the things that we’ve lived with for so long. Now, we have to operate cross-functionally. We’re trying to tear those down, but our processes have to work across those.
I’m interested in your all thoughts about how are organizations, what do they best do to adapt to what we need today so we can be speedier, respond more quickly and more reliably to threats or incidents or needs of the business?
Cory Minton: Yeah. Do you want to to hit it, Ryan?
Ryan Kovar: No. Please, Cory, go ahead.
Cory Minton: Okay. I was actually going to say it’s actually not even an option anymore. We talk about that they need to do it. It’s not an option. If you look at some of the SEC’s recent rulings on the disclosure of material and incidents that happen for publicly traded companies in the US, you have to report that. You have to have that cross-functional view of how if a cybersecurity incident happens or an IT sort of incident outage or breach, any of these categorical things that happen, if they have a material impact on operations that would affect shareholder value, then you must disclose those things, and so now the impetus is on every publicly traded company to get this figured out really well. It’s got executive buy-in now that we’re going to tear down the walls between security and IT operations and our engineering teams developing our next digital capabilities because, anywhere across that spectrum that we have a process breakdown, whether it’s externally caused or internally caused, if it’s material, we better report it.
These are no longer like, hey, it’s a good idea. This is like “test that theory and report the results” kind of stuff that the SEC will send somebody to jail over. We’ve already seen some convictions on previously publicly traded companies on misreporting things. It’s no longer a game. We’re serious about this. I think, from a process perspective, one of the things I’m seeing is reaching across the aisle. CISOs are talking to CIOs and CTOs more so now than I’ve seen in the last couple of years because they have to understand those impacts and they’re looking to organizations that actually already do some of them within the company that are already being trusted by different pockets of the organization. They’re looking externally for that guidance and help, whether it’s from consulting partners that are, hey, advising on security operations or advising on software development capabilities or technology partners.
I mean, even the CISA, the Cloud Infrastructure Security Agency, their recent strategy update talked about one of the key pillars of their annual strategy for resilience included technology partners that were going to help them achieve that resilience. I think we have the impetus. The measurement is required now. There’s no longer a game, and I think executives are starting to understand it and they’re looking external to say, “Who can help me deal with this?” No matter where we land on what is material and some of the legal questions on how it’s implemented, we still have to respond and we still have to report some of those capabilities. Now is the time to start reaching across the aisle and starting to ask questions of your partnerships that you have in the org on how can you help us solve this problem.
Ryan Kovar: I look at things like DevOps which still today has a little bit of a carve out separate. In a lot of organizations, DevOps is a slightly different place than maybe traditional security and, well, certainly than security, and then possibly even different than traditional IT engineering or infrastructure. In today’s society or today’s world of technology, a lot of the security issues that organizations are facing are in their DevOps pipeline, and so I find it fascinating what Cory said. The SEC has this term, material finding. You have to report a material finding.
Now, I as a security professional may very well know what that is, but, frankly, the DevOps world has gone feral to a point where the security organizations are not a part of it and so the DevOps team are the only ones who understand what the security implications are. They’re the ones finding it and, because they’re in a DevOps mind frame, they’re not stopping and saying, “Let’s create an incident. Let’s walk this through.” No. They’re just fixing it and they’re moving it on. That’s how the cloud works. That’s how DevOps works.
There is this essential need for us as an industry to really start reaching more across because we are being outpaced by DevOps home growing their own SecOps without oversight, without the wisdom of the security world, but we can’t stay in the way of the business, which is why that’s so important for us to go across and understand this because now there’s regulatory requirements and the real world is people are going to move forward whether they like it or not, so get on that train.
Cory Minton: Yeah/ it’s funny, Ryan, you say that. I was reading the SEC reports from JPMorgan Chase. Jamie Dimon, their CEO, said in the letter to shareholders he had two sort of funny juxtaposed statements that used the same phrasing, which I found interesting. He said two things he could not overemphasize, one was, “I cannot overemphasize the need for cybersecurity in our organization. Everything must be secure,” and then later in the letter he said, “I cannot overemphasize our need to deploy innovative technology,” which is exactly what you said. If my CICD pipeline is continuing to push updates, but I’m not applying those cybersecurity principles that, like you said, was incident review and forensics and actually looking into it, then we’ve missed the boat on this. One of the key parts of this SEC filing is you not only have to report the outage, but you actually have to from an annual reporting perspective talk about your processes that you’re using to ensure cybersecurity in those areas. That’s one of those that’s like the CEO is saying this to shareholders. We better pay attention.
Ryan Kovar: The CEO of a bank that touches 20% of every dollar in the world every day, right?
Cory Minton: We cannot overemphasize.
Ryan Kovar: I love that example because I look at DevOps as a perfect world where I have no fear at all that the DevOps team will identify and remediate security issues very quickly and then continue to do so because they’re not looking at the larger picture. Why did this get ingested? Why do we have this happening? Why is this CRO a threat actor you may not know anything about a threat actor. You may not understand that Tampa strawberry as per Microsoft has a really significant interest in your organization, and one of their TTPs is actually moving up the chain and actually jumping ahead for software supply chain.
That is something that I would not expect a DevSecOps engineer to understand, but that is where the context of a larger security world, and that’s why this resiliency message, this is why it’s working across aisles. It becomes so important for the process. I honestly think the technology is usually the easiest part of this. The people and the process to implement and secure the technology, way harder, way less interesting than most people, except nerds like me, but much harder.
Mitch Ashley: Well, and what you really bring to light is that the security specialists are going to understand the threat landscape much better. DevOps developers, et cetera, know their environment focused on the things that they are. You mentioned Jamie Dimon. Those two things, he’s expecting us, our CEOs are expecting us to figure out how we bring that together, how we make that happen so we don’t have feral organizations, so we don’t have processes that are brittle when things really fall apart or our environments get more complex. I mean, that’s an obvious thing. They are complex and they’re getting more complex, and no one understands the whole thing, so we’ve all got to pull together and say there are three dimensions to this problem, not one, and here’s the steps. We together figure out how we fix this.
Great. Well, let’s talk about the technology perspective then. Obviously, Splunk being a great technology company, have been around for a long time. I remember finding Splunk on the showroom floor in the early days still doing black T-shirts then just like they are today, a great company that you all work for. Let’s talk about some of the technology side of what’s important and, again, thinking about not just internal people and processes, but also third parties that we’re using like the Splunks of the world in our organizations and how you can help with this challenge.
Ryan Kovar: I’ll start really easily on this one, and then Cory will actually say something much better. People buy software to solve their problems. That’s it. That’s the easiest way when I pay people. I didn’t come from a sales background. I was operational. I was a threat hunter for the government, threat intelligence at DARPA, places like this. I didn’t think about why I bought software until I worked for a software vendor. It’s very easy. You buy software to make your life easier, to solve a problem faster or to solve it better.
When I look at what Splunk does, a lot of our recent efforts are really around this incremental growth of just making people’s lives better, making people’s lives easier, cutting down the barriers to do their job faster because that’s what people need, whether it be security, whether it be observability, whether it be traditional IT engineering, that to me is really what we focus on here at Splunk which is why I’m still here after nine years. We make people’s lives better and we allow them to fulfill the mission that they’re actually being paid for rather than fighting the software that they’re buying and paying money for. That to me really is at the heart of what we do.
Cory Minton: Yeah, and I think, if anybody’s seen some of the Splunk messaging in the market, we’ve really rallied behind this idea of resilience, and I think it actually sums up nicely the things that we do which I think, based on the conversation we’ve just had about the people and process, things that are challenging organizations, I think we’re in a really unique place to be a partner, to be one of those partner organizations and be the software that people buy to make their lives easier because we sit in this unique place of being one of the few organizations that actually unify, tear down the walls between security, IT operations and those feral DevOps teams that are out there building the next digital services because our corporate mission is around resilience, and we think of that as a simple statement of, “How do you keep all this digital business secure and up and running?” Simple statement, but, secure, not a simple thing to do, and up and running oftentimes equally on simple thing to do.
Ryan Kovar: Sometimes at loggerheads.
Cory Minton: Yeah. Exactly, a pearl of either sort of objective. There used to be this term we called a MOM. We all love MOM, monitor of monitors. It sits above. It sits at an enterprise level, at a higher level to give you visibility. I think that’s what folks have maybe struggled with that we see. Hybrid cloud is reality, right? There’s lots of clouds, not one cloud. Clearly, there’s leaders in terms of revenue, and each quarter they grow at different paces, but candidly, even Michael Dell said some years ago, “The cloud is not a place. It’s more of an operating model.” As you see SaaS being part of cloud journeys, yes, data centers are still run by organizations. They just are run now in a much more orchestration pattern similar to cloud providers, and that reality of lots of silos across different landscapes is creating challenges.
If you use one tool that’s provided by said provider, then, yes, you can secure and keep up and running that one particular cloud real estate, but what about how it’s connected across the organization? How about the ways that applications traverse deployment centers? I think that’s what we really see as interesting is organizations are leaning on Splunk especially in the macroeconomic conditions where everybody’s focused less on growth and more on profitability, so they’re looking at like, hey, how do I reduce the number of tools?
Ryan Kovar: More out of less.
Cory Minton: Yeah. Exactly. Do more with less. They’re looking at it and going, “Wait a second, so I have this network environ, this router, so my data center. I’m sending the logs from that thing to nine different tools. Why am I doing that?” That’s nine times I’m paying for that bit of data to be stored and processed and analyzed by some number of tools, and organizations are looking at it and going, “Maybe that’s not smart. Maybe that same piece of data has nine questions being asked of it, and is there may be a fewer number of tools that could answer those nine questions effectively to give me the outcome without having to have all this sprawl?”
It’s a unique conversation that we’re in today. Candidly, the tools consolidation, that rationalization of tools is one, looking at data. The data deluge hasn’t stopped. As we talk about sending data to nine different places, well, as that data becomes richer, it’s no longer just logs. Now we’re looking at metrics for real time. We’re looking at traces for spanning. How does an application actually impact multiple sort of environments? The data is getting rich and large. Is it all equal? Should we all be sending it to the same place? Should we be treating it with some valuation?
Those are conversations that I’m having today that technology is helping solve, and Splunk is doing some really interesting work in the data rationalization and in that tools consolidation area that’s making it easier for customers to do more. As Ryan said, you bought a piece of software to make your life easier. We’re trying to go out and help folks figure out how to make more lives easier with the software they already bought.
Ryan Kovar: I’m just required to hit all the buzzwords, so I’ll say ransomware now. It’s fascinating to me. Resilience, as in the concept of business leaders and cybersecurity, CISO leaders having to come together, I think, partly is really being driven by this threat of ransomware because the first time a cybersecurity threat has consistently and continually impacted every aspect of a business where 10 years ago, 15 years ago, oh, APT1 from China, exfil data. Well, that was the big issue. Well, by the time you heard about in the news, it’s already done. It’s actually relatively small scale. The impact is we were compromised, there was a breach, and now we have to deal with the public relations fallout, the stock drop, and also we have to make sure this doesn’t happen again.
With ransomware, it’s actually we’ve encrypted your critical business systems and you can no longer do business, and now you have questions of do we pay the ransom? Well, now you need to involve the finance or you need to involve your chief legal officer. Oh, it’s publicly out there that we have this security issue. You have to involve the PR team, the public relations team. Oh, it’s actually knocked out our core business. Oh, well, now you’re involving the sales org. Now you’re involving the IT org. It’s coming across all these different places, so it’s builds back into what tools do you have that facilitate this and then, going back to the people part that we touched on earlier, this is where someone needs to be across all of them because they need to understand the impact and actually drive those changes that are needed and, because of ransomware, we actually have to deal with it. We can’t just pretend it doesn’t exist. CISOs can’t just be nerds in the closet playing cyber. They actually have to be able to speak eloquently to their business leaders, to the board of directors and others.
Cory Minton: Yep. I’m just going to jump on the bandwagon of buzzword bingo. One of the things we’re seeing a ton of, too, is we talk about new digital workloads constantly being brought in, new innovation, we’re hiring consultants to bring in and actually help generative AI get real in our organizations, there’s a lot of conversation about is generative AI threat versus risk? There’s a whole kind of conversation there, but one that actually, as we’re moving past the hype and the AI washing nonsense that’s happened in the market, once we’re getting to real, a lot of CISOs have been talking about or talking to are trying to figure out how do I deploy those technologies internally? How do I go find the models that I can train against my data sets that would actually go help my teams do their jobs better?
What I would say is is that’s another one of those areas where, as you’re innovating and bringing in new technology, treat it like another digital workload. You’re still going to have to detect when something goes wrong. You’re still going to have to investigate when something goes wrong in that generative AI hallucinates, it has an outage, whatever, and you’re still going to have to respond to those outages and take those learnings and put it back into the operational process of how do you run that system more effectively.
I think people need help oftentimes finding those consistent patterns that we have to deploy to just keep things securely up and running regardless of what the workload is under the covers, and I candidly see that as one of the greatest areas for leaders that are looking to partner with a professional services organization or an assay, those outside consultancies. There’s a lot of value there in having them help bring in the patterns especially on proven technologies to short cycle, increase your time to value or, excuse me ,shorten your time to value when thinking about those new digital workloads and making sure that they’re secure and up and running.
Mitch Ashley: I like where you’re taking this, which is one I wanted to wrap with, which is our organizations are expecting us to innovate, not just ourselves innovate, but also support the rest of the organization to be able to innovate. You talked about Ransomware. The newest thing is they’re not encrypting your data anymore. They’re just threatening to release it, so it’s not a matter of losing the data. It’s losing control over it. AI is the next, maybe it’s the next boon to phishing. We may not be able to tell the difference between an email from a generative AI LLM that’s been trained on how our CEO talks versus a well-scripted, predefined email.
These new kind of threat models as well as new technologies force us to innovate and find new ways to do things. We have to help our people with tools, technologies, processes. I’d love to hear some more thoughts about what do we do to set ourselves up for success to be able to innovate in a way that’s going to help support where the organization is today and where it’s going?
Ryan Kovar: Well, I’ll make a slightly controversial opinion here. I don’t think there’s ever been a single technology that outweighs the benefits for the offense or defense. I look at generative AI as something that is going to liberate security organizations from the shackles of mundanity. It’ll democratize what we can do in terms of analysis. It will also do the same for the adversaries. The only people who will lose are those who are not taking advantage of this technology on either side.
I really do believe that we can all up-level as we go through with different technologies just as the adversaries are. When we invented a trench or trench warfare in World War I, they invented the tank. When we invented an airplane, they invented anti-aircraft. This is a tit-for-tat thing, and there’s always a leap at some point. People created a star fortress and that stymied invasions until someone invented the cannon. Sometimes, defense beats offense and sometimes offense beats off defense, but it goes back and forth as you go.
I don’t necessarily see anything that’s a semantic change in how organizations will defend, but I do believe, if you’re not paying attention, if you’re not innovating, if you’re not selecting vendors, if you’re buying software, if you’re not buying vendors who aren’t innovating, you’re going to have a very difficult time in the next five years because your adversaries absolutely are.
Cory Minton: Yeah, and I would go maybe less digital and say we as leaders cannot underestimate and cannot undervalue investments that we make in our people and our business culture today that create space for the learning and the development and the skills attainment that Ryan talked about, being critical. Leaders must create space for technologists, for practitioners, for leaders to go learn and to go study and have a mantra of spending some large amount of time on a regular basis, on a cadence basis, investigating, whether that’s going and attending conferences and networking and starting to understand what’s happening in the industry or it’s partnering with a technology organization and doing more hands-on workshops and learnings or it’s going next, when you’ve got a consultant in, spending time with those folks in the office picking their brain on what are the skills that they’re paying you for? Why are you here? What is so unique about what you’re doing, and how do I learn more of that?
It comes from leaders making that a priority. If we’re going to have an organization that has people, process and technology that’s actually going to be resilient, that’s going to be able to survive in this next epoch of technology innovation, it’s going to have to be led by the best intelligence, which is still human intelligence, and that requires investment, and I think you got to put a stake in the ground and make that a priority today.
Ryan Kovar: I love that part because, going back to our previous discussions about leaders who often have 10, 20, 30 years of experience, none of it is relevant. When I started my career as CISO, my only half, well, first off, CISOs didn’t exist. Second, the CTO or the person in charge of technology at that company had to pay attention to desktops, printers and servers on-prem, and then 10 years ago, 15 years ago, it was laptops, desktops, printers on-prem, printers in the home offices, a data center that they co-located to in this little cloud thing that they’re trying out, and then five or 10 years ago, it was all those plus software as a service, and now it’s, okay, well, we have a CICD pipeline and we’re driving APIs and our entire business is dependent upon this one piece of open source software that’s maintained by three guys in a former Yugoslavian Republic and, if it has an issue, we’re going to be done.
Also, we M&Aed a company out of China. Every time they develop a vulnerability, that has to go to the Chinese government along with us. It’s a lot more complex. For those who are just resting on their laurels of “I’ve been doing this for a while” and not up-leveling their own education and hiring people who are subject matter levels as direct lieutenants, you’re going to have a bad day.
Mitch Ashley: Bringing it back to the thinking that got us here is not the thinking that will get us to the next place, I’m paraphrasing Einstein here, but it’s also our own thinking. That’s the value of bringing in perspectives like yours with your partners, your suppliers, companies like Splunk, professional services. There are a lot of ways. I think we’re at the same junction point where we were with the cloud. Where we’re like, “Here’s the cloud. Is it just somebody else’s computer or is it a new way of doing things?” But what is that new way?
We’re kind of in that place today with AI. Okay. Right. We know we can do generative AI stuff, but what does it really mean? How do we leverage it, to your point, Ryan? You have to be a participant on the field to really figure that out. You don’t have to go spend crazy money on the latest thing just because that’s what was in the airline magazine, but it is about figuring out and learning what you can do with it and what’s possible learning by yourself, but also with others.
Well, thank you to both of you, to Cory Minton and Ryan Kovar, for joining us, and thanks to the Splunk team for bringing us together to have this conversation. We hope it’s been really beneficial to everybody who’s listening in. I know it’s been great for me as well. Thank you.