We are starting to see “tremendous collaboration” between government, the private sector to pool resources and work on finding a vaccine for COVID-19—but communicating those efforts needs to improve to build a consistent relationship, especially in critical infrastructure sectors, according to Robert Rodriguez, chairman and founder of the Security Innovation Network (SINET).
“It seems to me that the greatest public-private partnerships are accomplished and delivered with excellence during the most difficult times of life,’’ said Rodriguez, speaking Monday night on Task Force 7 Radio. There needs to be a marketing arm to get that message out, he said, adding that “we're missing that piece. I think we need to have more boots on the ground in the various communities that are some of our power centers for our nation's critical infrastructure,’’ such as manufacturing, energy, telecom, oil and gas, banking and finance.
SINET's mission is to advance innovation and enable global collaboration between the public and private sectors to defeat cyber security threats.
The desired outcome of those partnerships is innovation, creativity and new solutions to help solve problems integrating emerging technologies. noted TF 7 host George Rettas.
A big topic in cyber security is about advancing innovation in the market, and SINET’s ecosystem focuses on three entities: innovators, the investors and the buyers, said Rodriguez, who previously served over 22 years as a special agent with the United States Secret Service.
“Cyber security has become like the air we breathe. It touches everything,’’ he said.
Better Messaging Needed From Vendors
In response to a question from Rettas about what entrepreneurs most care about, he said CISOs and buyers have developed “battle fatigue.
“With bad culture, the bad messaging, the bad marketing, I think CEOs of companies need to pay attention to their marketing teams because they're hurting their brands,’’ Rodriguez said.
Emails CISOs receive are being deleted, he said, calling it “wasted capital.”
Today, CISOs are “doing more business amongst referrals with their trusted colleagues in the industry. It's coming down to the word ‘trust.’”
Both Rettas and Rodriguez agreed that decision makers are being inundated with email, and text messages, and phone calls from vendors of all types, and they just can't sift through all of it any longer.
Vendor overload has the effect of creating “not only noise, but bad noise,’’ Rodriguez said. “I try to respond to all my emails. It's gotten harder over the last several years, because I view it as a lack of respect. You have to kind of prioritize, and sort through your emails and calls, and just try to manage as best as possible.”
Rettas asked Rodriguez for advice on how vendors can get the critical face-to-face time with the CISO and other security leaders.
"Take your money from the booth at RSA or Black Hat or wherever it is and invest that in an offsite that is a thought leadership, working offsite, where you're not pitching your product," he replied. “Do it in a nice place, like in the wine country, or Pebble Beach…some place that's going to differentiate you from all the other noise, and do it well. Make it about building trust, building relationships with those CISOs, and then start from there.”
Cyber Security Bubble
The conversation then shifted to whether cyber security is the biggest threat to our national security.
“I would have said two months ago, yes,’’ Rodriguez said. “Right now, I think COVID-19 is to our economic and our national security ... because it is the underpinnings of everything that we touch, from our military to our critical infrastructure, to our privacy. I mean, there's nothing out there that I know of that touches all different angles of business and society than cyber.”
With so many people working from home now, a lot of CISOs are very busy securing that environment and trying to keep workers productive, Rodriguez said.
Rettas said he wonders how long spending on cyber security will continue, and that he believes there is a bubble, based on conversations with venture capitalists. He asked Rodriguez if he sees it continuing.
“I believe the [spending] trend will continue,’’ Rodriguez replied. “There is a tremendous amount of capital out there, or there was until a couple of months ago. It's going to slow down, obviously.’’ But when the market bounces back, he said he sees buyers wanting more of the many all-in-one platforms versus the point solutions.
“However, in talking to many of CISOs, they still are open to early adoption of nimble, innovative point solutions that can address some of their pain points,’’ he added.
Rodriguez agreed that there is bubble but said he’s not sure when it might burst.
While companies are always trying to stay ahead of cyber attackers, now there is the added risk with so many employees working from home.
“Not that's it new, it's just that pretty much every employer, and every CISO and CIO is sidetracked from doing their normal job to secure the environment for work to home, and all the things that come with it,’’ Rodriguez said. “It'll change the marketplace a little bit for the time being. Moving forward into the next six months to a year, we’ll probably get back to some normalcy, I believe. In terms of the bubble, I can't predict that one.”
The ‘Task Force 7 Radio’ recap is a weekly feature on the Cyber Security Hub.
To listen to this and past episodes, click here.