Panel Discussion — Network Security in a Hybrid Work World
Nuggets of golden advice on security hybrid networks
Listen as this highly experienced panel of security practitioners shares their big ideas for the new world of hybrid work — and the accelerated security vulnerabilities it creates. This panel stemmed from the Cyber Tech & Risk virtual event on January 27, 2022.
You’ll learn
The ways the COVID-19 pandemic accelerated existing trends toward remote work
What the enterprise network means today with so many not physically connected to the enterprise network
Examples of the new major security requirements for modern enterprise network
Who is this for?
Host
Guest speakers
00:00 [Music]
00:07 so we now move to our panel discussion
00:11 we will start the panel with a quick
00:13 self introduction so jay let you go
00:16 first then after that agony sure hi
00:18 everyone i'm jay howie as brian just
00:20 pointed out
00:21 um
00:22 i'm a senior director at rbc and i have
00:25 the fortunate pleasure of leading a
00:28 group of very talented subject matter
00:30 experts that are involved in designing
00:32 all things related to network security
00:34 for rbc globally
00:36 um
00:37 i've been at rbc for almost 25 years and
00:41 all in the network security space so
00:42 i've been uh i've kind of seen the
00:45 network security
00:46 space grow from its uh infancy to what
00:49 it is now so um it's been quite a
00:51 journey
00:52 and brian thank you for inviting me i'm
00:54 really looking forward to the
00:56 conversation thank you very much jay for
00:59 your support and i like jay introduced
01:02 he has been uh with the bank for so many
01:04 years and especially in the network's
01:07 network network security field so what
01:10 uh uh actually
01:12 me describe the history and uh jay has a
01:15 first-hand experience to have all those
01:17 things right so that's a great uh angle
01:20 we have actually i meet and i go back uh
01:23 probably about at least 10 years
01:25 i've known him i mean back in the day
01:27 when he
01:28 he used to be toronto based as well so
01:30 uh um he's definitely got part of that
01:33 part of that history with him as well
01:35 it's a small world yes it is
01:38 yeah excellent um
01:41 agony
01:43 can you
01:44 can you give me another try
01:46 yeah hello okay yeah we can hear you
01:48 know good very cool
01:50 okay so hi my name is agni uh good
01:52 evening from
01:54 india and i mean it's morning here but
01:56 good evening to everyone who's on the
01:58 call
01:59 um yeah i am currently engaged as the
02:02 group's ceo for biocon and pyocon is a
02:06 pharmaceutical company and
02:09 apart from this i do a little bit of
02:13 pro bono
02:15 working with
02:16 standards bodies
02:18 my experience spans about
02:20 30 years in cyber security business
02:23 continuity data privacy
02:25 and risk management and i've been
02:27 contributing to standards on iso i'm
02:29 part of three
02:31 forums on iso
02:33 one for security and privacy the second
02:35 for continuity and resilience and the
02:38 third is for risk management
02:40 i am also part of business continent
02:42 institute and i work with them for cyber
02:44 resilience
02:46 i am a speaker at various events
02:48 especially the global forums from
02:51 uh ec council and ismg and uh
02:55 business continuity institute and now
02:56 i'm here i'm happy for you know brian
02:59 calling me on online and
03:02 thank you brian for calling me here i'm
03:04 also part of cloud security alliance um
03:06 i've been contributing to
03:08 the cloud control matrix version 4 and
03:11 the auditing guidelines that came right
03:13 after
03:14 so
03:15 that's in short who i am i'm currently
03:18 working on a standard for cyber
03:20 resilience for the bureau of indian
03:22 standards
03:23 thank you brian
03:25 all right thank you very much again as
03:27 we can see you have a broad
03:29 industry experience a rich also you you
03:32 have it involved with the the the
03:35 standard the definition standard
03:37 establish all those
03:39 uh cloud risk standards so that's great
03:42 we are very honored to have you join the
03:44 panel today in fact i'm hoping that one
03:47 of these days i will be invited to
03:49 contribute to the sassy as a standard
03:52 who knows
03:53 it's coming
03:55 all right cool uh i mean we actually
03:58 introduce you but if you can add like a
04:00 30 seconds uh any perspective from you
04:03 from no not the official introduction
04:05 but to yourself
04:07 sure so like jay pointed out i'm
04:09 actually originally from toronto uh
04:11 spent most of my life there before
04:13 moving out to california
04:15 so i had the opportunity to work with a
04:17 number of organizations in canada uh
04:20 along with along with the bank and uh
04:23 started talking about this shift to the
04:25 cloud over a decade ago with jay and his
04:27 team right so uh it's it's things you
04:30 know trent when we see trends we start
04:33 sort of discussing them and planning for
04:35 the changes and sometimes i'm trying to
04:37 take longer to uh to sort of solidify
04:40 right
04:41 and sassy is definitely one of those
04:42 that's sort of on the scene but it's
04:44 still evolving and still crystallizing
04:46 and uh and you know
04:48 it may morph a little bit by the time
04:50 it's fully baked and we'd love to have
04:52 uh looks like agni help can i contribute
04:54 to that
04:56 excellent thank you very much
04:58 and uh
04:59 at least you escape the the winter time
05:01 here so you get a little bit warmer in
05:04 california
05:05 and all right cool uh let's start our
05:08 panel discussion uh for people online i
05:10 also encourage you to submit your
05:12 questions through chat or q a we
05:15 actually got some questions already
05:17 in the meantime i have prepared some
05:20 questions to ask our panels so let's
05:22 start first with that question
05:25 and just to give some reason why we need
05:29 to look at today's topic network
05:31 security because a network security kind
05:33 of in the industry for a long long time
05:36 like from day one the firewall all those
05:38 things right but recently especially
05:41 last two years kobe 19 dynamic changed
05:45 the whole landscape
05:47 which caused that we call it a hybrid
05:49 work world right hybrid work environment
05:52 so i'd like to ask our panel members
05:56 how does a hybrid work environment
05:58 impact the security landscape today
06:02 i want to hear your perspective from
06:04 there
06:05 um
06:06 maybe who wants to be first
06:09 i'll i'll jump in okay jay yeah um so
06:12 brian as you pointed out like for sure
06:14 the uh
06:15 the pandemic
06:16 was a game changer right um and really
06:19 put a lot a lot of focus on certain
06:22 parts of the network um
06:24 you know remote access being one for
06:26 sure
06:28 uh so a lot of our employee you know a
06:30 lot of our internet egress services a
06:32 lot of our third party um connectivity
06:35 um you know just the amount of data
06:37 we're pushing now
06:38 um is just through through the roof
06:41 right um
06:42 you know what i would say about hybrid
06:46 hybrid uh um the hybrid work environment
06:49 is
06:49 you know without a doubt no it's not one
06:52 size fits all you know i think i think
06:54 hybrid me hybrid for me means
06:56 flexibility
06:57 and in the network uh in the network
06:59 security pieces need to kind of adapt
07:03 and and provide and enable that
07:04 flexibility
07:06 um i think it puts more and more
07:08 pressure on the network on network
07:09 security around protecting employees
07:12 um and assets and data
07:14 especially with us having you know
07:16 considerably more people working
07:18 remotely and all over the place
07:20 um i think it really comes down to
07:21 rethinking a lot of our network security
07:24 infrastructures and the tools we use you
07:26 know i know me talks about sassy you
07:28 know i'm sure we'll get into things like
07:30 zero trust network access
07:32 concepts and a few other things but
07:34 these things are really um
07:35 you know coming to the forefront
07:38 um you know at this critical time and i
07:40 and for me
07:41 um i know i'm probably jumping a little
07:43 bit ahead here but you know if i if i
07:45 look at what it means talking about he's
07:46 talking about you know the power and the
07:49 promise of of cloud computing and how
07:51 that's how that's translating across
07:54 into providing solutions in the network
07:56 security space and i think that's uh
07:58 that's definitely something um you know
08:00 we're we're keeping our eye on and
08:02 seeing seeing that uh that transpire
08:06 very cool
08:07 so the transformation the the actually
08:10 the covalent accelerated digital
08:12 transformation without a doubt in a way
08:15 to push us to accelerate and we need to
08:19 bring a lot of flexibility to our staffs
08:23 and also the cloud computing all those
08:25 latest technology push this great uh
08:28 agony want to add anything on that one
08:31 yeah so um
08:33 this sassy is not new it didn't happen
08:35 because of the pandemic
08:38 right but it it definitely like you said
08:42 it was brought forward it was
08:44 accelerated because
08:46 of the pandemic because of the situation
08:48 that we are in this
08:50 uh right now where a lot of people are
08:51 working from home
08:53 and you have a lot of stress from valid
08:57 users coming from outside the network
08:59 unlike earlier where most of the valid
09:01 users were inside the network
09:03 so
09:04 i think it was developed in 2019 and
09:07 zero trust i think was somewhere in 2010
09:11 so uh all these concepts have been
09:13 around for quite some time it's just
09:15 that
09:17 the real development of the tools the
09:20 the technology
09:22 and the use cases uh most importantly
09:25 that has evolved due to the pandemic so
09:29 uh
09:30 what you know in before we we got onto
09:32 the pandemic i think somewhere in march
09:34 2020 i wrote a small note on what i
09:37 believe will change over time and though
09:40 i didn't call out sassy by its name but
09:43 i did say that the security and network
09:46 are going to merge and
09:48 one of the key challenges
09:50 that we have in today's pandemic is
09:53 really not network and not security it's
09:56 more about people so there is a sizable
09:58 amount of work that's going on that's
10:00 trying to make sure that
10:02 when people get connected to your
10:03 enterprise
10:05 the human aspect is taken care of but
10:07 let me come back to what we are
10:08 discussing today the reason that the
10:10 human aspect becomes a huge thing is
10:13 because you're no longer connected
10:15 physically to the enterprise and i'm by
10:18 connected physically i don't mean by
10:19 wires i mean the human human interaction
10:22 being in an office and and and therefore
10:26 the focus of the whole world is now
10:28 moving from
10:30 a perimeter-based network to
10:32 a more decentralized network where the
10:35 perimeter is moving on to
10:37 the guy who's trying to connect into
10:39 your enterprise so there's a
10:41 transformation that has happened due to
10:42 the pandemic and
10:44 and given the situation that we are in
10:46 and given the fact that
10:48 the network is transforming through
10:50 sassy through other mechanisms
10:52 i think it's a good uh space to be for
10:55 uh
10:56 those who are innovating those who are
10:59 bringing newer things
11:00 and the best part is that the whole
11:01 world is contributing to make things
11:03 better
11:05 yeah so
11:07 the world is different now and the way
11:09 people are working are totally different
11:12 and i like what you mentioned it's not
11:14 just a centralized it's more like a
11:16 distributed now you have a bigger
11:18 network to manage and how do you deal
11:21 with the classic network model so that's
11:24 the definitely the impact
11:26 i mean you want to uh share more on that
11:29 one
11:30 yeah so you know hybrid work and the
11:32 pandemic has certainly changed a lot of
11:34 things for the industry right but the
11:36 one question i ask myself every few days
11:40 and i love to debate is what does the
11:42 enterprise network even mean today right
11:44 all of us are at home you know um
11:47 presumably managed laptops connecting to
11:49 sas applications doing our work right
11:52 like uh we're not touching the firewall
11:55 that exists out in the corporate network
11:56 at all right traffic's going straight on
11:58 over the internet to uh to the sas
12:01 vendor right so what does it even mean
12:03 to have an enterprise network and then
12:06 as a security as a person responsible
12:08 for security in my organization right
12:10 how do i like what sort of controls can
12:12 i put in place to make sure that i can
12:14 still manage our cyber risk and keep my
12:16 employees safe and keep uh keep my data
12:19 safe
12:21 that's that's really what it boils down
12:22 to
12:23 yeah that's a very fundamental
12:26 fundamental question what does the
12:28 enterprise network mean to us right so
12:30 if
12:31 everything change i'm sitting at my
12:33 basement work remotely to access the
12:36 enterprise every one of uh like dynamic
12:39 locations so what does that mean
12:42 um which actually lead our next question
12:45 right so we talk about hybrid
12:48 environment to definitely impact our
12:50 security and the way we are working
12:53 now let's narrow down a little bit to
12:56 network security or enterprise network i
12:59 mean mentioned
13:00 so based on the current situation what
13:03 do you see
13:05 from from that requirement side what are
13:08 some like a key requirements for the uh
13:11 or pressure to the enterprise uh like a
13:14 large organization like a bank like a
13:15 global company or even small media
13:18 customers or small media
13:21 companies what kind of a
13:23 major requirements for a modern
13:26 enterprise network so what do you see
13:29 must we must achieve
13:34 anyone can jump uh maybe a me first so
13:36 we can we can kind of switch now yeah i
13:39 can i can give you a bit of a
13:40 perspective i'm hearing that i'm hearing
13:41 from our customers right and and the
13:43 folks we talk to right so
13:46 there's a few different things so the
13:48 cyber threat landscape is constantly
13:50 changing right every few every so often
13:52 we're seeing new threats pop up on the
13:54 scene
13:55 uh last year we all saw kind of what
13:57 happened with ransomware and all the
13:58 negative effects that that came out of
14:00 that right that's a big that's a big
14:02 shift that we're seeing and these things
14:04 are turning over a lot faster for now
14:07 right there's other problems in the
14:08 industry like you know email fraud and
14:10 business email compromise uh there's
14:13 ddos threats on the network right every
14:15 uh every quarter or so we're seeing a
14:18 new bar set in the site in terms of a
14:20 volumetric ddos attack that somebody's
14:22 experienced or some networks experience
14:24 but these are the changing sort of
14:26 threat landscape requirements that we
14:28 see but the biggest one that we see is
14:30 the need for flexibility right because
14:32 uh folks are not able to kind of
14:35 like have a crystal ball looking three
14:37 years in the future to understand okay
14:39 what percentage of my users are going to
14:41 be in the office versus at home right so
14:44 uh so so just having that like that
14:46 number could be 100
14:47 could be five percent right
14:49 and based on that they want to keep
14:51 their options open and uh and be
14:54 prepared to shift and adapt as
14:55 conditions
14:56 change
14:58 excellent
14:59 so that's the insight from amit
15:02 from his observation with his clients
15:05 and the industry
15:07 what about
15:08 jay and agony so you're both managing a
15:11 large organization the network so what
15:14 do you see from the requirements side
15:17 let me start okay okay yeah go ahead
15:20 so um
15:22 there are multiple areas and i'll let
15:24 jay talk about the topics that i think
15:27 he wanted to
15:28 but
15:29 i'm going to give a very simplistic
15:30 example of what the network is evolving
15:34 and i'm going to relate it to our lives
15:36 imagine you go into a museum so you buy
15:38 a ticket and then you enter a hall and
15:41 now you're at liberty to select
15:43 which one of those halls you want to go
15:46 into there's no one to check you and you
15:47 can go to
15:49 go and see any part of the museum at any
15:51 point of time upon your leisure
15:54 compare that to visiting someone in a
15:56 government facility depending on how
15:59 and who you are visiting
16:01 broadly you would have to go to the gate
16:04 announce yourself show some kind of
16:07 evidence that proves who you are
16:10 and then you get called into to meet the
16:13 person that you're trying to meet and
16:15 then you've got to wait in the lobby
16:17 before that person makes sure that
16:18 you're the person who's going to meet
16:20 and there would be a secretary who would
16:21 probably come and ask you a few
16:23 questions or a security guard who's
16:25 going to pose a few more questions and
16:26 once everything is validated you would
16:28 be ushered in to meet that person that
16:31 you you're that you're out to meet
16:33 today's network an earlier network
16:35 has been like these two things
16:38 earlier the network was all about like
16:40 amit said in his uh in his speech in the
16:43 beginning
16:44 it was all about making
16:46 computing systems available and it was
16:49 more like a museum
16:51 as long as you landed on the network you
16:53 had the liberty to choose which computer
16:55 system you would want to connect to
16:57 and what would you do next
16:59 today's network requirements are more
17:01 like visiting that government officer
17:03 right
17:04 you need to be validated because you
17:07 don't know who the valid user is and who
17:09 the perpetrator is
17:11 jay
17:13 yeah i mean
17:15 i i'll kind of build on what you're
17:17 saying and what a meat's saying right i
17:18 think i think it means right flexibility
17:22 scalability is a huge piece like we've
17:25 got you know and uh and resiliency are
17:27 are really key concepts
17:29 in the in the modern enterprise network
17:31 i'm not saying they weren't in the past
17:32 but i'm just i think that i think the
17:34 games kind of you know really uh you
17:36 know really
17:38 upped itself
17:39 um i think you're seeing a lot more um
17:42 focus on on um you know what whether you
17:45 want to call it micro segmentation or
17:47 workload segmentation concepts in the
17:49 network as well that that kind of tie
17:51 together
17:52 access and identity concepts together as
17:55 well um you know and and
17:58 you know putting more controls around
18:00 uh flows within the network um
18:04 now to enable a lot of this stuff you
18:06 know you're i think you're seeing a lot
18:07 of focus on things like software-defined
18:08 networks um program programmable
18:11 networks
18:12 um you know the use of apis for internet
18:15 connect inter interconnectivity
18:17 um you know and again i think that i
18:20 think you're also seeing now the
18:21 extension of your network
18:24 you know either you know not only to the
18:26 cloud
18:27 um but also you know in in many cases to
18:29 people's
18:31 you know people's homes
18:33 and and that that's the you know it's
18:34 just you know that whole i think amit
18:37 had had a had a diagram in his
18:39 presentation around the whole uh you
18:41 know castle moat paradigm that's that's
18:44 long gone right it's
18:46 it's uh there's a ton of holes and and
18:48 access points coming out of that castle
18:50 that we need to consider and factor into
18:52 things and that's why some of these uh
18:54 some of these concepts and so what what
18:56 what agni was talking about around this
18:59 permissioning as you move throughout the
19:01 network is becoming a bigger and bigger
19:03 concept
19:06 wonderful
19:07 all right so those are some uh key
19:09 requirements you can see so like a
19:11 flexibility
19:13 uh like a check
19:15 it's not like a older
19:17 perimeter-based security you have to
19:19 implement all those zero trusts we will
19:22 touch on that a little bit later and
19:24 access control and also really need to
19:27 meet the current
19:29 the work environment people work from
19:31 everywhere and also you want to make the
19:34 system agile flexible
19:37 scalable it's not just okay you put it
19:39 there and forget about it right so those
19:42 are some key requirements that we can
19:44 observe
19:45 um all right so since we have this
19:48 requirements
19:49 the so the logic
19:51 the question next is
19:53 how do we do it
19:54 right so especially not everyone from
19:57 scratch right so if i uh like i say i'm
20:00 running a startup that's okay i just buy
20:02 the latest one the cloud-based
20:04 everything cloud and native but for a
20:07 large organization doesn't matter as a
20:08 bank the global company or the you
20:10 already have the years of infrastructure
20:14 and the network model the people get
20:16 used to that
20:17 so what do you see some what's your
20:20 recommendation to transform a
20:22 traditional i'm sure a lot of companies
20:25 still own
20:26 traditional or kind of a halfway there
20:28 right so to transform a traditional
20:31 network model to the modern network
20:34 architecture
20:35 so what's your recommendation there
20:39 maybe i can you you start first
20:42 so um
20:44 in in my view there are three kinds of
20:47 organizations today
20:49 those who will not move to cloud right
20:52 now
20:53 probably because of
20:54 the way they are connected and the
20:56 reliance on connectivity being lower
20:59 and they will come to cloud probably
21:01 later not not right now
21:03 then there are those who are born on the
21:05 cloud like you said right they they've
21:08 never seen an infrastructure problem
21:10 because for them
21:11 infrastructure is a given
21:13 it is not supposed to fail
21:15 so that's the second kind of
21:18 organization and then the largest part
21:20 of the world are all those who are
21:22 migrating into the cloud like you said
21:24 traditional
21:25 migrating into the cloud
21:27 now
21:29 when you are traditional and migrating
21:31 into the cloud this migration could be
21:33 called a transformation and and so and
21:36 so forth
21:37 it has to be driven by
21:39 the organization's need to go digital
21:43 and there are a lot of organizations who
21:45 are going digital and there is a
21:47 sizeable amount of organization also if
21:50 i were to split those who are
21:52 transforming into two parts those who
21:54 are already
21:55 somewhere closer to the target of
21:56 digitalization of their enterprise and
21:59 those who are beginning
22:01 because there's a huge amount of digital
22:03 information that is needed before
22:07 a network like i mean the cloud
22:09 facilities could really be used
22:11 right because unless you have the data
22:13 that you want to use for
22:15 business purposes
22:17 there is no need for them to go digital
22:20 for them to use cloud
22:21 so
22:22 the whole thing will then break you know
22:25 depend upon
22:26 the movement and the need and and and
22:29 and the impetus of
22:31 the market that every organization will
22:34 work with
22:35 uh to to bring them onto the cloud
22:37 because they would want to be more
22:39 available they would want the data to be
22:42 more
22:43 usable and i'm going to bring a little
22:45 bit of
22:46 a few of those ables from the standards
22:48 perspective right
22:50 um
22:51 you need to be able to
22:53 have your
22:54 network
22:57 structured in such a manner that
23:00 you are that your your business
23:02 functions are repeatable
23:04 and
23:05 comparable and therefore predictable
23:10 all right so that's a agony so point of
23:13 views we really need to look at
23:15 i i love what you described there's a
23:17 everybody is different right so you
23:19 cannot just using one solution to fit
23:22 all the organizations you really need to
23:24 tailor and that's why i liked i liked
23:26 what amit showed at the end a roadmap
23:30 it may be different for all these
23:32 different organizations but there has to
23:34 be a map for even those who are on the
23:37 cloud they need to get used to the fact
23:39 that tomorrow
23:41 infrastructure can fail and you need to
23:43 be prepared for that but that's a
23:44 different story i'm not going there but
23:47 i was just trying to contribute to your
23:49 conclusion that yes no
23:51 no one is saying you need a different
23:53 solution for everybody
23:55 right so you need to tailor the the
23:58 strategy or approach for your
23:59 organization all right uh
24:02 maybe uh amy what what you want to add
24:05 on that yeah yeah i can chime in like
24:07 agni said right the road match map
24:09 approach is really key uh i think
24:11 there's some of we talked about
24:13 segmentation we talked about micro
24:15 segmentation and putting sort of these
24:17 zero trust controls in place couple
24:19 things you can do as as a sort of a
24:23 strategy right one is kind of weaving
24:25 identity more closely into that equation
24:28 uh just having identity aware controls
24:30 and policies right and this could be
24:33 kind of like working with your existing
24:34 identity platform or or using a new
24:37 platform but
24:38 i think that needs to be a big part of
24:40 the security controls and and uh and
24:43 zero trust the second is
24:45 awareness of the endpoint
24:47 right like what device is this how clean
24:50 is this device is this a managed device
24:52 or not uh that's a very useful context
24:55 to kind of help start and and some of
24:57 these things you can start rolling out
24:58 using your existing uh platforms
25:01 existing controls right there's
25:02 integrations available and or you could
25:05 move to a new security control platform
25:07 but i think bringing these two elements
25:09 into the equation this really helps
25:12 move you further along on the sassy
25:14 journey
25:15 excellent so that's a great add-on
25:18 and jay what's your view on this one
25:21 yeah this is a tough one um especially
25:23 in the enterprise space um you know
25:27 i i think if you have the opportunity
25:30 a green field opportunity
25:32 um you know it's a it's a much easier
25:34 transition because you can build a lot
25:36 of this right in from the ground up
25:38 um but like i said in the enterprise
25:40 space you know you're always going to
25:41 have that hybrid of kind of some green
25:44 field maybe with public cloud or private
25:46 cloud and then you're going to have have
25:47 your traditional um you know data
25:49 centers and your in your network
25:51 um that you need to figure out uh a big
25:54 part of this for me would be
25:56 um you know really being able to map out
25:59 business application flow and
26:01 understanding what that is you need to
26:02 have some level of visibility you need
26:04 to know
26:05 um
26:06 what's good traffic versus i'll call it
26:09 non-good
26:11 and be able to you know be able to look
26:12 at that kind of stuff in order to help
26:14 you you know define
26:16 policy i think you'd need to have an
26:18 understanding of
26:19 um you know what
26:21 what you're what you're trying to
26:22 protect um
26:24 you know whether it be your crown jewels
26:25 or or other parts of your organization
26:28 and start there i think if you were to
26:30 if you were to look at it
26:32 if you're trying to attempt this you
26:34 know kind of at a large scale i i don't
26:36 think you're going to be successful i
26:38 think you've got to start small and uh
26:40 and build into it um that'd be my two
26:42 cents i i guess the other piece i would
26:44 add i mean there's a bunch of things
26:46 happening
26:47 you know in the network space
26:49 that are trying to help
26:51 you know this journey you know you're
26:53 seeing a lot of stuff you know a lot of
26:55 companies are are well on their journey
26:57 if not faster you know completed their
27:00 journey on moving away from i guess i'd
27:02 call it like layer three networks
27:04 into more
27:06 leaf spine networks
27:08 that kind of help support some of this
27:09 stuff there's a lot more um you know me
27:12 talked about uh
27:13 software-defined networking there's a
27:15 lot of preval you know a lot of that
27:16 stuff happening in the enterprise space
27:18 um adoption of virtualization things
27:21 like that that can really help you
27:24 you know kind of you know do things at
27:26 the network level but you know whether
27:28 it be at the overlay level or the
27:29 underlay level but you know you can help
27:31 define and break zones out a little bit
27:36 all right
27:36 i really like what you said about the
27:37 crown jewel model earlier right which i
27:39 mean if you're in a large organization
27:41 you can't do it all right it's just too
27:43 complex and too hard it really helps to
27:45 kind of have that understanding of what
27:47 are the important things you need to
27:48 protect
27:49 start there right build a plan around
27:51 those and then and kind of phase it out
27:54 yeah excellent so at the end of the day
27:57 you really need to know what you have
27:59 first
28:00 before you do any change right so
28:01 otherwise you don't know how do you
28:04 measure the success i know how do you
28:06 know one you you you complete some
28:09 transformation percentage-wise so you
28:11 need to know what do you have and this
28:13 also dynamically change you need to
28:15 always update that one
28:18 all right cool
28:19 i do see quite many questions online
28:22 already on the chat and on on the q a
28:26 some of them are quite specific or tied
28:30 to some solutions so i would encourage
28:33 our panelists
28:35 maybe later to to respond to that
28:37 especially if it's a technical question
28:39 so you may want to comment on that but
28:42 here i just pick up some general ones
28:44 so for example i think davey david
28:48 mentioned that zero trust which actually
28:51 related to our next question so xero
28:54 trust become kind of a very popular
28:56 concept in the industry so he wonders
28:59 how that works with our network security
29:02 and how that
29:03 zero trust how do you implement zero
29:05 trust in network security architecture
29:09 maybe uh i mean first i mean
29:13 take a stab at it right zero trust as a
29:15 concept has been been around for you
29:17 know some time right that uh started
29:20 using this term almost a decade ago but
29:22 the real gist of it is is uh that you
29:25 know in far and network security and
29:26 firewalls right we have this notion of
29:28 like implicit deny right
29:30 at the end right which is you know not
29:33 you block everything unless you
29:34 explicitly allow it right and that's
29:36 really the foundation of zero trust it's
29:38 default in eye mode right and uh but in
29:41 practice what we ended up doing is
29:44 we didn't know what all the traffic
29:45 flows were and very often like the
29:47 default deny model didn't work and then
29:50 uh
29:51 and there was this allow any any that's
29:52 not going to do firewall policies
29:55 and it just sort of stayed there right
29:57 and uh
29:58 i think the the the key with zero trust
30:01 is uh some things like network
30:03 segmentation right segmenting and that
30:05 works more and more finely so that it's
30:07 like agni was mentioning right the
30:09 analogy between a museum versus an
30:11 office right
30:12 the other other analysis similar very
30:14 similar analogy i like to use as a hotel
30:16 right in the hotel you have your key
30:18 card and you can walk into the lobby but
30:20 you can't go anywhere else unless your
30:22 key card is authorized right you can't
30:24 just walk into anybody's room you can't
30:25 go to the gym unless you have the your
30:28 your guests there you can't go to the uh
30:30 the the premium lounge in the top floor
30:32 unless you're a premium member right
30:35 and that's the type of model we need to
30:37 move towards
30:38 and that's really the gist of zero trust
30:41 and and like i mentioned like weaving in
30:43 elements like identity and endpoint
30:45 awareness
30:46 are really key to to that picture right
30:48 so making sure that
30:50 the firewall the network security device
30:52 knows who you are and what device your
30:54 com what type of device you're coming
30:56 from is a device safe at this point in
30:58 time right
30:59 those are additional context pieces that
31:01 that are needed to
31:03 to make that access decision
31:05 all right very cool
31:07 i think
31:10 that the network is
31:12 in between
31:14 the real guru here is the application
31:16 so when you're talking zero trust it's
31:19 really about
31:21 whether you are you all those components
31:23 that you can control before someone
31:25 reaches the application
31:27 are they
31:29 ready to trust that connection like amit
31:32 said and i think that hotel example is
31:35 very very relevant because
31:37 if you have a key card
31:39 does the elevator trust you
31:41 and if it does
31:42 i mean can i take your key card and go
31:44 up i could right that's one element
31:47 that's not controlled so if you had a an
31:49 elevator also complemented by the video
31:52 camera that says
31:54 this person with this card is not
31:56 is allowed while this person with the
31:58 same card is not allowed so that
32:00 probably could be zero trust
32:02 i just thought i would add on to what
32:03 amity was saying
32:07 all right so that's actually add on to
32:09 the the hotel story and uh so jay and do
32:13 you want to add anything on that one
32:15 sure i i i won't add on to the hotel
32:17 story i don't i'm not as creative as
32:19 those as the other two guys but um
32:22 i've just got a couple comments so one
32:24 is just make sure that everyone
32:25 understands zero trust is is it's a
32:27 security model um i think sometimes
32:29 people think it's a a product or
32:32 solution but it's really a it's a model
32:34 on how to apply security and yeah
32:36 everyone's right it's really around
32:38 um you know the concept of least
32:40 privileged access it ties to what
32:42 together contextual
32:44 um you know information whether it be so
32:47 it's usually application and user right
32:49 um as far as how to adopt it
32:52 um again i think um i think
32:55 risk appetite and security policies play
32:57 a big role in in helping you
32:59 at least give giving you some framework
33:01 to on how you're going to approach up
33:03 creating a policy
33:05 i i think it's really important to start
33:07 small
33:08 because again it's this is going to be
33:09 it's it's going to be a journey
33:11 um it's especially the enterprise space
33:13 is not something you're going to turn on
33:14 overnight
33:15 um
33:16 i would reiterate what i said before i
33:18 think it's incredibly important to
33:20 understand
33:21 your users and and and the in their
33:24 application traffic flows
33:26 um and really mapping those flows out
33:28 and understanding that in some cases
33:30 there's some tools that help with that
33:32 but sometimes it also requires some uh
33:35 some you know data mining and and things
33:38 like that uh to really understand where
33:39 i go that is um it's really important to
33:42 understand intent
33:43 uh in this situation right like if
33:45 you're just gonna map out flows you
33:46 don't know if the flows are are good
33:48 flows or bad flows right so if you're
33:50 gonna create a policy based on what you
33:52 see
33:52 it may not be
33:54 the ideal policy right um i think you
33:57 have to factor in things like
33:58 multi-factor authentication
34:00 into it usage tracking brian you brought
34:03 that up i mean this is going to be
34:04 something that requires continuous
34:06 monitoring and learning i think you're
34:08 always flipping between what i would
34:10 call learn mode and enforcement mode
34:12 because you're you know a lot of times
34:14 unless you've got a very very static
34:16 environment things are going to change
34:17 and you're going to need to adapt to it
34:20 and hopefully you can build in some
34:21 level of automation or orchestration to
34:24 assist with that so those would be my uh
34:26 my big things
34:28 excellent all right so like a xero trust
34:32 working with network security there are
34:34 actually quite many things happening in
34:36 the industry and so maybe we can recap a
34:40 little bit and from your point of view
34:42 what are some like current industry
34:45 trends or emerging technology or
34:48 emerging trends for the network security
34:51 we mentioned several things already but
34:53 here i just want to take opportunity
34:55 kind of like a recap
34:57 or may not be just a technology maybe a
35:00 compliance or maybe a standard or maybe
35:02 a
35:03 model or architecture so some of the
35:06 quest some of the our audience also
35:08 asked this question so
35:10 i'd like to hear your insights the
35:12 current industry trends about network
35:15 security
35:17 um
35:18 anyway i want to start i'll do it i'll
35:20 jump in on this one
35:21 um definitely what we're seeing um
35:25 a huge increase in in uh threatened
35:27 attacks
35:29 like it's just it's it's crazy
35:31 um we're seeing huge obviously the large
35:34 volumes of uh of remote access workers
35:37 you know in our case you know we we went
35:40 from
35:41 having
35:43 you know probably
35:44 probably our our global solution for
35:46 remote access pre-pandemic you know
35:48 probably supported somewhere around
35:51 maybe 25 or 30 percent of our of our
35:54 overall work workforce
35:56 and you know within a matter of weeks we
35:58 were now supporting like 95
36:01 um uh i i talked about this earlier uh
36:04 the amount of network traffic we're
36:06 pushing today is is
36:09 lar is is more than we've ever seen um
36:12 you know agni talked about it was a
36:13 really cool thing he brought up around
36:15 people and collaboration and obviously
36:18 that those that you know with us now not
36:20 being face to face or
36:22 um you know working in the same
36:24 environment where
36:25 all our collaborations happening over
36:27 the network
36:28 you know whereas probably a portion of
36:29 it was only happening over the network
36:31 so we're seeing that video content
36:33 um you know the business is moving
36:36 you know uh
36:37 moving more and more out to you know to
36:40 leveraging public cloud leveraging sas
36:43 um applications so again that's all
36:44 putting strains on on on the network and
36:47 the network security infrastructure
36:49 um the increase i already talked about
36:51 the increase of cloud adoption and one
36:53 thing i'm we're seeing a lot of um i
36:55 mean this has been building for years
36:56 but
36:57 more and more use of encryption i mean
36:59 probably when i look at our
37:02 um our
37:03 egress traffic flows i'm gonna guess
37:06 we're probably somewhere around 97
37:09 percent of our flows are now encrypted
37:12 so those are the are the big trends that
37:14 we're seeing
37:15 wonderful that's a great firsthand
37:17 experience
37:19 and anyone else want to add on that
37:25 yeah uh so
37:27 i i i was actually looking up my
37:29 previous notes that
37:31 i had from uh from a meeting that we're
37:34 talking about what's emerging and what
37:36 is going to be probably big thing in the
37:38 future and there's one thing that struck
37:40 me very very
37:41 um
37:43 very very unique it's called as moving
37:45 target defense and that's probably
37:47 something that's going to come up in a
37:50 large way in the future currently a few
37:53 vendors are doing something about it but
37:55 i think moving target defense is going
37:58 to become a big thing in network
38:00 security in the future
38:01 this was based upon a paper that was
38:03 written by a department of homeland
38:05 security
38:06 some time ago on how you can keep
38:09 shifting your your your targets uh
38:12 constantly uh on the network and if
38:14 you're able to do that whether you do
38:16 that via decoys whether you do that via
38:20 uh you know a particular network
38:22 architecture or a design or or a switch
38:26 or a router or any other box that that
38:28 comes in in front of your network and
38:30 constantly keeps moving
38:32 the the targets that's going to become
38:34 something very interesting in incoming
38:37 times
38:38 and i believe
38:39 there's a lot of research that is going
38:41 on in that area
38:43 so so the way that works is very simple
38:45 so imagine you're trying to shoot a
38:47 target and the target shifts by
38:50 two inches
38:52 you are definitely going to miss that
38:53 target and it shifted it shifts two
38:56 inches every time you shoot so that's
38:58 the concept of moving target defense but
39:01 a concept
39:02 coming down to reality in terms of how
39:05 it manifests
39:06 itself on the network how how cloud
39:09 service providers are going to bring
39:10 that like you know someone like
39:12 cloudflare is probably going to bring
39:14 that to
39:15 our tables is something that is yet to
39:17 be seen
39:20 all right moving target so that that's
39:22 the uh
39:23 one thing i actually first time here
39:25 this wonderful answer that's really
39:27 interesting
39:28 uh amit you want to
39:30 share anything
39:31 yeah that's that's a very yeah i agree
39:33 that's a very interesting sort of way of
39:35 looking at the problem right it's like a
39:37 little bit of the whack-a-mole game
39:38 right it's
39:40 anytime
39:41 you feel like you've saw you fixed one
39:43 this year the new one pops up but
39:47 if i really sort of step back uh the big
39:50 big macro shift that we're seeing right
39:52 now is mj alluded to this a little bit
39:55 right is this whole thing that i call
39:57 the consumerization of enterprise id
39:59 there's a whole host there's a whole
40:01 ecosystem of sas applications out there
40:04 the new one popping up every week right
40:06 they're geared at solving or digitizing
40:09 some business process something that you
40:11 used to do that was it was and
40:15 smart software engineers trying to
40:16 figure out okay how do i do this better
40:18 and make it more efficient for you and
40:20 save you time and money and i'm going to
40:22 deliver it to you as a sas application
40:24 right either through the web or as a
40:26 mobile app and i'm going to deliver it
40:27 over the internet
40:29 and that's the way i want users to
40:31 consume it
40:32 and our sort of
40:34 challenges on the vendor side is how do
40:36 we ensure that
40:38 we connect the user and that application
40:41 it could be sitting in like aws or gcp
40:44 whatever it is right how do we connect
40:46 it
40:46 over the most efficient path but at the
40:49 same time give enterprises the security
40:52 controls they need to uh to ensure that
40:54 the users and data is safe right so uh
40:57 that's that's really kind of what we're
40:59 working on on the vendor side and trying
41:02 to sort of minimize the number of
41:04 inspections minimize the number of round
41:06 trips minimize any any sort of traffic
41:08 tromboning that could be happening right
41:10 that's kind of what we're focused on in
41:12 delivering a sassy platform
41:15 very cool
41:16 so that's actually also reflects what we
41:18 mentioned today it's a
41:20 different world right now the
41:22 requirements hybrid decentralized and
41:25 people wants a lot of choice flexibility
41:29 in the meantime you have to deliver in
41:31 the agile way it's just like a pandemic
41:34 you have to overnight like almost like
41:36 overnight like a json
41:39 from 25 all of a sudden become a 95 or
41:42 even more so that's actually reflected
41:45 the speed and the scale of
41:48 of your network security to meet the
41:50 current
41:51 industry requirements
41:53 okay um all right so i want to switch
41:56 gear a little bit
41:58 uh i'm sure there are quite many people
42:00 online
42:01 today
42:02 they are interesting cyber security or
42:05 network security they also want to tap
42:07 into some latest technology
42:10 or career opportunities
42:12 since uh network security also changed a
42:14 lot and
42:16 we we talk about quite many technologies
42:19 people ask okay uh if i'm interested in
42:22 this field what kind of things i should
42:24 learn what kind of standard i need to
42:26 kind of understand what kind of
42:28 compliance or
42:30 what kind of things i need to kind of
42:32 start to pay attention to
42:34 so my next question for you is
42:36 from your point of view uh when you
42:38 build a successful from hiring company
42:41 point of view when you build a
42:42 successful security team for a hybrid
42:45 work working work environment what kind
42:48 of a key
42:50 skills or capabilities
42:52 you are looking for
42:54 so which give us some guidance to our
42:56 audience if they're interesting career
42:58 opportunities
43:01 all right jay you want to start sure
43:03 i'll jump in um
43:05 my some of my answers might surprise you
43:07 um it's not i'm not going to focus so
43:09 much on the technical side i actually
43:11 think
43:12 you know the whole this whole
43:14 presentation's just been taught we've
43:15 talked about flexibility and and the you
43:18 know the speeds and scale and uh that
43:20 that we need you know basically we have
43:22 to move at the speed of the business
43:24 right
43:25 some of the key key skills i think
43:26 people need to have is adaptability um i
43:30 think the right aptitude uh
43:32 i think people have to have this
43:34 continually continuous learning mindset
43:37 um because things are changing so
43:38 quickly um you need to be you need to be
43:41 prepared for that
43:42 uh i think
43:44 collaboration i mean who knows you know
43:46 where i don't think the world's ever
43:48 going back to the way it was
43:49 pre-pandemic you know i think i think
43:51 we're you know a lot of a lot of things
43:53 are going to be very hybrid so having
43:54 really strong collaboration skills um
43:57 being able to have strong written and
43:58 verbal communication communication
44:00 skills is incredibly important
44:02 i also think having um you know for a
44:04 lot of people in the technical space for
44:06 the longest time you know it was all
44:09 about the product or the solution that
44:11 they supported and i'm not i'm not
44:13 trying to um
44:14 [Music]
44:15 uh
44:16 say that's
44:18 not important what i'm trying to say
44:19 though is understanding what the
44:21 business
44:22 wants understanding how
44:24 how
44:25 how you or as an employee or or how
44:28 network security
44:29 security solutions can create value is
44:33 very very important so i put down like
44:35 business um focus or or business acumen
44:38 trying to understand kind of where the
44:40 business is headed and how you can play
44:42 a part in that um is really really
44:45 important so those would be mine
44:48 actually you actually talk about human
44:50 network right so you talk about
44:52 collaboration adaptability and also to
44:55 learn speak other people's language to
44:58 to for the purpose of a better
45:00 communication so that's great inside
45:04 uh acne you want to share any insights
45:07 from your end i'm
45:09 i'm
45:10 going to try and connect what amit said
45:12 last to what jay said now
45:15 so by the way i fully agree with jay
45:17 the technology part is the easier part
45:20 it's the other parts of the difficult
45:22 but let me go over to what jay said
45:24 there are five uh
45:26 things that are going to come to all
45:29 enterprises and they're going to seek
45:30 connectivity through the cloud or
45:33 through the standard mechanisms one are
45:36 your internal employees who are sitting
45:38 in
45:39 on a local area network in your offices
45:42 uh
45:43 hybrid is not going away right so there
45:44 are going to be some people in office
45:47 two those people who are trusted
45:49 employees and who are outside for trying
45:52 to come in
45:53 uh three are going to be suppliers and
45:55 partners and they would seek
45:58 newer more flexible options to come in
46:00 especially those who are going to fix
46:02 your problem right so you your machine
46:05 went down you need someone across the
46:07 world who's got the right skill sets and
46:09 the right tool sets to come and fix that
46:12 problem you're going to allow them to
46:13 come in
46:14 uh four is your data center itself right
46:17 so the data center is probably moving to
46:20 the cloud but it still is an element
46:23 that you need to connect
46:24 and and lastly our instruments ot iot
46:30 industrial control systems cada plc's
46:34 all these are soon going to require
46:37 connectivity to the network not only to
46:40 the network but also to the cloud
46:42 directly and indirectly the reason i
46:44 said all these things is to enforce upon
46:47 the point about what we need from the
46:49 people so while you may have some people
46:52 who are focusing on the technology
46:54 someone would understand iot better than
46:56 someone else but
46:59 in the end the people that we need in
47:01 the cyber security part of the world are
47:04 those who understand the business
47:07 or who have the willingness to
47:09 understand the business
47:11 and those who have the patience to go
47:14 through and be adaptable based upon
47:17 whatever new things that throw are
47:19 thrown upon them and lastly those who
47:22 have the hunger
47:24 to learn new things as they happen and
47:26 to use that knowledge to fulfill all
47:29 these five kind of
47:31 connectivity requirements of the future
47:35 very cool i really appreciate your input
47:38 and
47:39 people right so the
47:41 people to understand the business that's
47:44 actually in a way is to understand the
47:46 needs why we need to do it right so
47:50 back to the targets although there's
47:52 moving targets but we want to focus on
47:55 the major tactic
47:56 to to satisfy the business needs rather
47:59 than you just randomly add another piece
48:02 of technology to feels very cool or
48:06 showcased so that's also very important
48:09 all right i mean one of the questions
48:11 that i always have sorry one of the
48:13 questions that i am always having to ask
48:17 my teams is guess
48:19 it's why
48:21 someone comes and tells me they they
48:23 want firewall as a service why
48:26 and i i need this this big thing on the
48:28 firewall management system why and the
48:31 moment you ask those questions you go
48:33 back to what the business wants to do
48:35 because cyber security is no longer
48:39 something that you use to protect your
48:41 business cyber security is going to be
48:44 the cornerstone of your next business
48:48 transition transformation totally it's
48:50 all about enablement i couldn't agree
48:52 more
48:53 absolutely that's the biggest thing i
48:55 talked about started to jump in on this
48:56 but i talked about my history like way
48:58 back in the day
49:00 it was it was a cyber security well it
49:02 wasn't even cyber security at the time
49:04 but it was about protecting it was about
49:06 defending or or you know detect you know
49:09 detection and maybe a little bit of
49:10 prevention
49:11 cyber security now is all about business
49:14 on business enablement that's the piece
49:17 it's a jump it's a it's a it is a jump
49:19 from some people
49:20 but that's what it's about it's about
49:22 identifying how cyber security and how
49:25 the network security solutions or
49:26 whatever security solutions we're
49:28 talking about
49:29 are creating value for the business
49:30 otherwise it doesn't matter
49:34 i i couldn't agree more with with uh
49:36 both of you right it's absolutely about
49:39 enabling the business enabling
49:40 transformation right yeah but going back
49:43 to what jake said a little bit earlier
49:45 right this whole notion of uh
49:48 uh skills being sort of more or bounded
49:50 and finite and technology driven right
49:53 like 20 years ago and i you know 20 25
49:56 years ago when i started dabbling in
49:57 networks and security it was it was
49:59 about learning the platform or learning
50:01 a particular brand of appliance from a
50:04 vendor right and and
50:06 that brand of appliance and that model
50:08 model would probably stick around for
50:10 five six seven years and today's in a
50:12 cloud scenic world we're seeing new
50:14 capabilities and new features being
50:16 released every week right so i think
50:18 it's more important to have a skill
50:21 think of skills in terms of concepts
50:23 rather than individual technologies or
50:26 individual vendors right so so those
50:28 concepts are and then you made a point
50:30 about adaptability aj which is i think
50:32 really key right if you have that if you
50:34 have that skill then you can take that
50:36 concept and apply it to different
50:38 scenarios and different domains and
50:41 and sort of
50:43 find your way through it right
50:45 one foot
50:47 and as you can see three of our panel
50:49 members they have
50:51 years of experience and they observe all
50:54 those transition or probably many
50:58 generations of uh
51:00 network things right so this is not the
51:02 first time this actually definitely not
51:05 the last time so this is just a part of
51:07 it
51:08 although this is quite big but
51:10 uh from their years of experience what
51:12 they
51:13 share with you really is all those
51:16 focus on people focus on uh business
51:19 also focus on the big picture concept
51:22 and how to putting the things together
51:24 so really you need to establish that big
51:26 picture rather than just focus on one
51:28 two or the other all right cool
51:32 and this pretty much come to our end of
51:34 our final discussion we we have a
51:36 calculator almost like uh 50 minutes
51:39 um
51:41 before we go
51:42 actually i want to ask our panel members
51:45 before we
51:46 finish this panel
51:48 if you can make one recommendation to
51:51 our audience uh regarding network
51:54 security or regarding the best practice
51:56 for hybrid uh like a working environment
52:00 what would you like to say to them
52:02 so you can only share one
52:04 due to the time uh what would you what's
52:07 your top uh recommendation
52:10 let's start with a meet
52:13 i would say like don't be too attached
52:15 to the how
52:17 right you may be you may be used to a
52:19 certain way of doing things but think
52:20 about really what is a business need
52:23 what do you what are you what is the end
52:24 goal what are you trying to achieve
52:26 and think more broadly in terms of like
52:29 what are the different ways i can
52:30 achieve this objective right and and the
52:32 way that you're most comfortable with
52:34 may not be the best way right so like
52:36 that's that would be one recommendation
52:38 i'll leave the audience with
52:40 excellent starting with the business
52:42 needs
52:43 all right for anywhere else
52:45 go next um uh it may be along a similar
52:48 line but i i think it's it's all about
52:50 being outcome focused
52:52 focus on the outcome
52:55 right that that should be your your
52:56 where your all your focus is and then
52:59 you know as me mentions there there's
53:00 there could be many different ways to
53:02 achieve that outcome
53:03 and you know but in in it's working
53:06 through those right through whether it
53:07 be through
53:08 iterative processes or or whatnot but
53:11 it's all about being outcome focused
53:14 no no what know what you're know what
53:15 your outcomes are that you're going
53:17 after and what are going to drive the
53:19 business forwards
53:21 in other words it's objectives your
53:23 your goals right so
53:25 don't lose the big picture
53:28 excellent agony you want to add
53:30 yeah i think um we've talked about this
53:33 many times and there's one area that we
53:36 did not and that's an area of focus that
53:39 i would advise everybody to no matter
53:42 what you do how diverse your network is
53:45 whatever that you're planning
53:46 don't forget the governance and
53:48 oversight you need to have complete
53:51 visibility of everything in your
53:54 enterprise in the network
53:57 gives you that visibility if you have
53:59 the mechanism to stand guard on every
54:02 traffic that is going through your
54:03 network do it because that's going to
54:06 give you value to build cyber security
54:09 in addition to enabling the network
54:12 so the visibility is very very important
54:15 so it's not just for practitioners to
54:18 defend but also for auditor like for
54:22 compliance for governance
54:24 like three lines of defense even for
54:27 operations you need visibility because
54:29 if you don't know
54:31 what's going on
54:32 you wouldn't have get those early
54:34 indicators which you will use to respond
54:37 to a future attack
54:40 very true
54:41 and the visibility actually is the key
54:43 components of all the what we talk about
54:47 all right so uh thank you very much uh
54:49 everyone a hour panel members again a
54:53 meet from cloudflare
54:56 jay from rbc and agony from biocon so i
55:00 like to ask everybody online to give
55:03 them a virtual applause of pat to thank
55:07 you very much for coming to speak to us
55:11 all right thank you thank you very much
55:13 love to do this again
