What's Up with Tech?
Tech Transformation with Evan Kirstel: A podcast exploring the latest trends and innovations in the tech industry, and how businesses can leverage them for growth, diving into the world of B2B, discussing strategies, trends, and sharing insights from industry leaders!
With over three decades in telecom and IT, I've mastered the art of transforming social media into a dynamic platform for audience engagement, community building, and establishing thought leadership. My approach isn't about personal brand promotion but about delivering educational and informative content to cultivate a sustainable, long-term business presence. I am the leading content creator in areas like Enterprise AI, UCaaS, CPaaS, CCaaS, Cloud, Telecom, 5G and more!
What's Up with Tech?
From Detection to Auto-Remediation: The Future of Cybersecurity
Interested in being a guest? Email us at admin@evankirstel.com
Cybersecurity is racing against time. In his compelling keynote, Nikesh Arora reveals that cyber attackers now need less than an hour from targeting to data exfiltration—a timeline that renders traditional security approaches dangerously obsolete.
The stakes couldn't be higher. Tech giants are pouring roughly $350 billion into AI infrastructure, creating models that continuously learn and evolve unlike traditional predictable software. This transformation will fundamentally reshape every SaaS application we use within 3-5 years, introducing AI assistants, agent-to-agent communications, and entirely new interfaces. For security professionals, this represents both an extraordinary challenge and opportunity.
Arora details how Palo Alto Networks has "flipped the bit" from merely identifying security problems to actively solving them. This paradigm shift follows the autonomous vehicle blueprint: progressing from basic assists to co-pilot functionality, and eventually toward fully autonomous security operations. By ingesting 11 petabytes of security data daily through their XIAM platform, they're enabling not just wartime incident response but also peacetime security optimization.
The path toward truly agentic security requires building trust through demonstrated reliability. Just as we gradually accepted self-driving vehicles, security automation must earn our confidence through increasingly sophisticated assistance before we grant it full agency. This journey demands close collaboration between vendors and customers to refine these capabilities safely.
Have you considered how your security strategy needs to evolve for this AI-powered future? Join us in exploring cybersecurity's next frontier where protection happens in real-time and machines protect machines.
More at https://linktr.ee/EvanKirstel
Please welcome Chairman and CEO Nikesh Arora. All right, welcome everybody and thank you for being here. As Kelly said, you have a lot of options to look around, see all kinds of different cybersecurity solutions, and we're glad you chose to come to the platform vendor of the industry. We appreciate it. The good news is we're going to talk about what everybody's talking about, which is called AI. The bad news is my team's told me they're going to do all the demos and tell you all about the cool stuff, so I'm supposed to keep you entertained for 15 minutes without actually saying anything substantive. It's not hard to do, but we're gonna talk about AI. We're gonna talk about AI. We're gonna talk about data. We're gonna talk about the fact that our platform vision is still alive.
Speaker 1:A few years ago, about 18, 24 months ago, we told you that we felt the time for best of breed was slowly going to migrate towards the time of the platform. Now we're seeing that in spades, everywhere. We have come to a point where we have two platforms our network security platform and our Cortex platform, which, effectively the platform which, in our mind, replica replaces the next generation sim or the sim of the future, because that's kind of where all the action is now. What's changed the last 12 to 24 months is that, with this conversation about AI, two major changes have happened. One, ai is becoming a tool not just for the good guys, but also for the bad guys. As a consequence, the time from when a bad actor decides to focus on you as one of their people who want to go after the time from when they decide that the time when they can get in and expel treated data is compressed under an hour, which means we're getting more and more close to real-time and real-time protection, as you need to be. As a consequence, the entire industry has to pay attention to how do we go from the traditional mechanism of protect what you can, send everything else somewhere else and have that analyzed and eventually take some time to figure out what actually happened out of media. You don't have the luxury of time anymore. So what you're going to see is a recurring theme, not just today but over the next few years is how the industry has to pivot and go towards more and more real-time as possible, and what you will experience is that we have been on this journey of what we cannot stop at the edge. Let's make sure we can analyze and go back and protect as quickly as we can. We can remediate, we detect, remediate, protect as quickly as we can. So one theme which I expect you're going to constantly see is the idea of getting as close to real time as possible. The second thing which you're going to hear about which I think you already know, but you'll keep hearing about more and more, and that's in the broader context of AI.
Speaker 1:All of us in cybersecurity exist to go deliver AI solutions to our customers because we hear the big, thundering noise of people wanting to spend $350 billion to build infrastructure faster than any piece of infrastructure has ever been built in technology. Think about it 24 months ago. We're all wondering what are we going to do with chips? What is going to happen with the supply chain crisis? What's going to happen with the pandemic? And today we're talking about where most large tech companies are boldly claiming they're going to spend $70, $100, $150 billion building data centers where there was no inkling that this was going to be something that was going to be relevant about any year or two years ago. What's going to happen? What is going to happen when $350 billion of AI infrastructure is built? Well, I get it. They're going to build some amazing models. These models are going to get smarter and smarter and smarter and they'll, you know, will achieve AGI at some point in time. It's not my job to figure out when that's what they will do, but our job as cybersecurity professionals is to figure out when those models, when that AI that's being built, starts getting used on a more sort of ubiquitous basis.
Speaker 1:I'm pretty sure that every one of you, whether you work in cyber security, outside of cyber security or you work in traditional enterprise, you have some experiments going on in AI. How do I take what's being built by these amazing companies, these models? How do I translate that into something useful for our enterprise? We've all heard the use cases. There's a whole bunch of work going on.
Speaker 1:I predict the next three to five years, almost every sas application that we know today is going to have a different manifestation. Some of them will have ai assistance. Some of them will have ai agents that will talk to other agents. A lot of the ui that we know today as our ui, our front end for sas, is going to have to morph. Now, when that begins to happen, that means we're all going through a large transformation, whether we're a tech company or not a tech company, whether we're a traditional company. In that transition, we're going to be looking to see how do we take the fundamental building blocks of AI and embed them in everything we do. When you embed them in everything you do, that makes all of us in security wonder well, what's different about AI? What is it that is unique about it, and how do we need to prepare for a future where we, as cybersecurity professionals, have to figure out how this is going to impact our lives? How is it going to impact what we do?
Speaker 1:The most fascinating thing about it your SaaS application outcomes are predictable. You know what you program. You know the output you expect. In the case of AI, it is going to be constantly learning. The answer tomorrow will be different and the answer in two weeks will be different, perhaps better, perhaps even better, more precise. But when you have something that has quote, unquote a mind of its own, you know how that works with a mind of its own. You've how that works with a mind of its own. You gotta inspect it as you go, talk to it. You gotta inspect the output it brings out. So the whole idea of security will change. You have to constantly test those models, test those applications, make sure they're not going to go rogue on you in some way, shape or form.
Speaker 1:So it's that kind of thinking that needs to be deployed amongst the entire cybersecurity industry to try and figure out how AI is going to change our products. Our products will become very different because we're also, in some version, a SaaS business in cybersecurity. Our products will have to start dealing with natural language interfaces and some version of co-pilots or AI co-pilots or autonomous AI drivers. At the same time, we also have to make sure we understand when our products start building a mind of their own, a brain of their own, how does that impact what we do? That's what our team is going to talk about today in terms of how do you make sure that these developments in AI can be harnessed by our customers in a way that they can go ahead and deploy bravely. So we'll talk about that.
Speaker 1:The other thing which we're going to talk about is, over the last two years, we've been building a platform, both on the network security side as well as on the core tech side. What we've started to talk to ourselves about is that the industry has spent a lot of time building analytical capability and saying here's what I found, dear customer, dear stock analyst, dear network analyst, dear cloud security analyst, look what I found. And they say, good luck, now it's your job. I did my job. I found all these amazing things for you which were problems, and good luck. And the analyst wakes up in the morning, starts going through lists, solving the problem, and the analyst goes to sleep. The analyst wakes up in the morning Next day. He says good morning, look what I found. And he starts playing whack-a-mole again, and the next morning, and so on and so forth. Well, we decided we can't do that anymore. If you want to get to real time, you have to get in the business of not just identifying problems but solving problems. So what you will see is we flipped our bit. Internally. Our products are now more inclined to say here's what I found and here's how I can help you solve. It sounds very simple. It is a fundamental shift in the way we're thinking about the future from a cybersecurity perspective. You will see, over time, all of our products will come with recommendations on how to solve the problem and, over time, allow you an embedded automation that's going to help you solve the problem.
Speaker 1:That embedded automation, the best way to think about it is remember the early self-driving cars, or which are not self-driving. You start to see some elements of technology. The car would tell you when you're about to bang into somebody in the back. The car would tell you when you should apply braking because you're about to hit something in the front. What is that? That's a little bit of an assist. Right, it wasn't called a co-pilot, it wasn't called auto pilot, it was called a little bit of help from technology. That's kind of phase one. What did that turn into? It turned to a bit of a co-pilot. So let me take the car over for you for this stretch, because I know this road. I can drive straight at 65 miles an hour. And that was called a co-pilot, then he got to a bit of an auto pilot, then he got to full service driving. So I think, if you think about autonomous cars, they're showing us the blueprint of how automation and AI is going to manifest itself in our products.
Speaker 1:And what you will see from Palo Alto Networks across our platform is we are beginning to embark on that journey. You're going to see us start recommending solutions to you. We're going to learn with our customers, our analyst friends as to how those recommendations manifest themselves into continued automation. From there we will see. But you've done this so many times the same way. Do you mind if I take over Now for a point in time? We sell this automated. We spin up, spinning up SOC agents and network security agents, but it's going to have to take that journey in industry for that to happen All the people out on the floor talking about agentic AI. We have to go through that journey. There is no shortcut. If you flip over to the Cortex side, you obviously see all this capability I've just talked about from the platform perspective and recommendations and self-driving will help you do security.
Speaker 1:But what we also discovered is, as we have now deployed and I'm going to say it once to this slide, but I'm going to tell them anyway now we're ingesting 11 petabytes of data a day for our customers and we've barely gotten started in deploying XIAM. We have deployed north of 100 XIAM solutions to our customers. We have sold close to 300 of them. So we're on a solid journey with Fortune 50 customers who are actively deploying our XIAM technology. But we've discovered something very interesting. We've discovered that all this data we've collected for our customers to help them solve the breach incident scenario is actually very useful data. This useful data can be used to solve problems when you're not in a breach, and Lee and Gunan and others and team are going to talk about how do we solve peacetime security problems using a wartime SOC, and what that is going to show you is the idea that, over time, there is going to be intelligent consolidation or intelligent integration across the cybersecurity industry.
Speaker 1:You're going to get a glimpse into how, over time, with collecting all the security data in one place, one enterprise, not only can you use it for investigations, for breach response, for real-time response in an incident. You can also use it to clean up your cybersecurity posture, your cybersecurity estate, and not just highlight, oh my God, we've got a problem, but also say how do you think I should solve that problem? So our team is going to talk about that. This is a fundamental shift. This is a three to five-year journey that is going to allow us to continue to automate and effectively create cybersecurity agents, whether they are network agents, cloud agents, soc agents, threat agents. Over time, working with our customers, these agents will be out of the box or perhaps bespoke, as our customers build their own version of these agents, but they will come with full security capability. Not just that you will hear from Lee what we are going to do from an agent's perspective, since you can't leave RSA without having talked about AI or agentic AI. God forbid that we don't talk about it. I think agents are still early.
Speaker 1:I heard that the best line in RSA is the S in MCP stands for security. Think about that for a second. Oh, you guys are a tough crowd. There's 50,000 people who are online watching this. They're laughing off their chairs, and this room has 200 people and they don't. They're not going to pickle up, all right.
Speaker 1:So the point, though, is, I think what the industry is saying is that it's very hard to think about agents having permissions, having ability to get something done, without having a full conversation around security, and we agree with that. We think a lot more work has to happen from a security, from a permission perspective and how agents will talk to each other before agents become a reality. We also think to make agents a reality, we're going to have to go through that journey of working with our customers on automation, working with our customers on assisting them, working with our customers on taking partial control, to saying I trust you. Now you can act on my behalf, because the fundamental premise of an agent has to be I give you agency and you can't give me agency until you fully trust me. And for those of you who are in San Francisco, if you go out and get yourself a Waymo, somehow you gave that car agency to drive the car. Think how long and how much investment it took for you to trust the idea that this car can drive itself. It is going to take the same amount of diligence, hard work, automation to actually build very useful agents which can take over and do tasks on an autonomous basis. So you'll see the beginning of that. We are going to give you a sneak peek into the idea of agentics, a platform that allows you to build security agents for yourself.
Speaker 1:Now, if I say any more, they're gonna come drag me off here because I've probably destroyed about 15 minutes of speeches from all the other people following me. I say any more and there won't be need for that statement. So I just want to say, since, of your customers, many of your partners, many of you are design partners who helped us think so many of these things, it takes a village to get these things done and the village not just about all the people the village of our partners takes the village of our customers for us to constantly get feedback, so please keep the feedback coming. Uh, all feedback goes to BJ Jenkins, who is our president. I just do the other stuff. He gets a lot of feedback. He likes feedback. We send it to him, all the good stuff.