Cybersecurity Insights from CISO of Glean

Table of Contents

1. Introduction
2. Neil's Role at Glean
3. Neil's Background in Cybersecurity
4. Cybersecurity Challenges for CSOs
5. The Future of Cybersecurity
6. Improving Cybersecurity Collaboration
7. Feedback on Athenia's Initiatives
8. Attending Large-Scale Conferences
9. Conclusion

Neil's Role at Glean

Neil is the Chief Information Security Officer at Glean, an enterprise search and knowledge management software company. Glean provides a single interface for searching all data sources within an enterprise, including Slack, G Suite, Office 365, Jira, and on-prem data sources. Neil is responsible for all aspects of security, including corporate security, application security, infrastructure security, compliance, and product security. Glean's product security involves developing security products that become part of the product that clients pay for.

Neil's Background in Cybersecurity

Neil started his career as a software engineer in the mid-90s. He was always interested in cryptography and the challenges that come with developing security software. He focused on companies that develop security software and started his career doing public key infrastructure and cryptography. He then moved through the entire stack, including Layer Two firewalls and web application security. Neil developed a good appreciation for the work of CISOs and CSOs during his 15 years of developing security software. In the last five to seven years, he has come to the other side and taken on the role of a CISO.

Cybersecurity Challenges for CSOs

Neil believes that cybersecurity is a mindset, and individuals should get into cybersecurity because they like the mindset of someone who likes to be on the defensive and protect critical infrastructure from bad actors. Neil thinks that cybersecurity challenges for CSOs will include more targeted spear-phishing campaigns, malware, and ransomware attacks. Neil believes that signature-Based solutions will become obsolete, and more behavioral-based solutions will become prevalent to protect against attacks.

The Future of Cybersecurity

Neil believes that with all the advancements happening, especially around Generative AI, bad actors will take AdVantage of all the advancements. Neil thinks that the script kiddies will use things like chat GPT or co-pilot to develop very pointed attacks. Neil believes that ransomware, phishing, and all those attacks will see more of those. Neil thinks that tool consolidation is top of mind, and many of the big security companies will acquire companies where they might have potentially have gaps. Neil believes that the burden is still on the big security companies to make sure that they interoperate well.

Improving Cybersecurity Collaboration

Neil thinks that the good guys need to come together and work together to fight against the bad guys. Neil believes that crowdsourcing is a good way to improve the security of each and every company out there. Neil thinks that a slack Channel where all the security professionals and CSOs could be there and have open-ended questions and discussions would be valuable. Neil thinks that if Athenia does some due diligence on vendors and shares a list of vendors that have been Vetted by the Peer community, that would have immense value.

Feedback on Athenia's Initiatives

Neil thinks that Athenia's initiatives are valuable, and he appreciates the newsletters and videos of other CSOs. Neil thinks that informal environments where people can talk about their top of mind issues and how they are solving them would be valuable. Neil thinks that a slack channel where all the security professionals and CSOs could be there and have open-ended questions and discussions would be valuable. Neil thinks that if Athenia does some due diligence on vendors and shares a list of vendors that have been vetted by the peer community, that would have immense value.

Attending Large-Scale Conferences

Neil plans to attend RSA, and he is in the Bay Area, so RSA is definitely something quite reachable. Neil hasn't made his plans yet for Black Hat, but he will definitely look it up.

Conclusion

Neil believes that cybersecurity is a mindset, and individuals should get into cybersecurity because they like the mindset of someone who likes to be on the defensive and protect critical infrastructure from bad actors. Neil thinks that cybersecurity challenges for CSOs will include more targeted spear-phishing campaigns, malware, and ransomware attacks. Neil believes that tool consolidation is top of mind, and many of the big security companies will acquire companies where they might have potentially have gaps. Neil thinks that the good guys need to come together and work together to fight against the bad guys. Neil thinks that a slack channel where all the security professionals and CSOs could be there and have open-ended questions and discussions would be valuable. Neil thinks that if Athenia does some due diligence on vendors and shares a list of vendors that have been vetted by the peer community, that would have immense value.