You know all those hacks and data breaches you read about in the newspaper? Do you understand them? It’s fine if you don’t, most people can’t figure out exactly what all that noise means. But Haiyan Song does, and it’s a good thing because as the SVP and GM of Security Markets at Splunk, she is in charge of monitoring all of that nefarious activity and protecting you and your data.
On this episode of IT Visionaries, Haiyan sat down with Mission CEO Chad Grills to dig into the world of cybersecurity and how A.I. and automation can change the game. Plus, she explains how Splunk was already able to move leaps and bounds ahead of others in terms of security.
Best advice: “I was having a conversation, I said, I had good intentions,’ and he said, ‘You know, half of the world disasters started with good intentions.’ So what I took away from that is just having intention is not enough. You’ve got to understand what the action that you’re taking, the impact of that could have on other people and be very thoughtful, be very intentional and be always sensitive to some of the things that you don’t know. That’s why you want to work with other folks to give you that perspective.”
Key Takeaways:
- The state of the security landscape
- What is the future of automation?
- Advice for securing your operation
Haiyan’s role
Using machine learning and automation, Haiyan and her team are working toward creating a security infrastructure that can preempt attacks and respond much faster than any human would be able to respond. This is not easy, and it takes collaboration between organizations, systems, and even the white hat hackers of the world working against those who wish to do harm.
“We have the support from our customers, we just as an industry need to do better in collaborating and sharing and we need the government to help with better policies and guidelines so we can expand the ability to collaborate among ourselves and the private sector and public sector.”
The security landscape
When Haiyan first started in the security space, just about every company was implementing security and event management systems, but no one was really thriving because all of the data they needed was unstructured and because computers could only analyze structured data, everyone was held back. Spunk’s ability to process, analyze and utilize unstructured data changed the way security could be done.
Customer success
Splunk has relied heavily on its customers to lead the way for innovation and priorities. Customers like NewYork-Presbyterian and AFLAC have provided use cases to Splunk, saying, “This is how we use data, help us do it better.” And Splunk has risen to the occasion to provide tools and automation to create a more efficient experience. This extends beyond security as well, Haiyan explains. Whether it’s aggregating and analyzing data to help end human trafficking or using Splunk systems to analyze water quality to ensure a higher quality of life for people in certain communities, Splunk has always asked the customer what they need, then figured out a way to provide it.
The future of automation
There is a reason to be both optimistic and pessimistic about how automation will be used in the future. Haiyan is hopeful about the future because she knows that machine learning and automation can have real, tangible effects on an organization from a security perspective and from an efficiency standpoint. That has already been proven. What gives her pause, though, is the amount of data we have versus what we need in order to implement automation and machine learning at larger scales. Machines need data and use cases to learn from. So while we have seen an explosion of data in the past decade alone, the unstructured nature of it and the lack of specific if-then scenarios to feed into the computer are slowing the growth.
In order to gather more data and analyze it in a meaningful way, Haiyan has advice to other organizations: be intentional. Set a goal for the type of data you want and how you plan to get it and use it.
“We don’t have enough data that have codified what are the things people should do when certain things happen? And that’s why the automation orchestration technology is so important. It actually helps you digitize human intelligence and the human sort of actions when you have to deal with incidents very, very early on.”
“I think AI and ML will play a big role, and the way they can play a big role actually has to be based on the fact that we are able to have a lot of data to train those algorithms and to provide that feedback.”
“I would say the recommendation would be to be very intentional about your digital journey. Be very intentional about how you want to instrument your enterprise. Whether it’s IoT or making sure your developers are developing your business applications in such a way that access control and logging, it’s very much part of it in the new world of APIs in making sure the API tracing and things are there so you can actually be able to trace your digital footprint. And that’s ground zero. The next thing is to really raise the awareness of how data can be valuable and data can be sensitive. So you not only just use the data to advance what the business needs, but also be intentional and sensitive to how data might compromise people’s privacies and do it on both sides.”
Best security advice
In terms of basic steps to securing your operation, Haiyan goes back to the idea of being intentional with your processes. Know who has access to your data and be intentional with who you allow access to.
“Be very intentional about your access control. And that starts with identity management, right? In the world of cloud, be very intentional about understanding where your data goes and making sure that where the data goes, you have proper access control. A lot of the horror stories you’ve heard around that is people didn’t even know they have a lot of data in the cloud and it turned out that whatever the storage they were using, it’s wide open.”
“Be a student of life. And if you’re going to be in the cyberspace, you’re going to be in the life of learning because things are going to change so fast and be a student of life. Not just for technology, but really sort of finding inspirations from people around you and things around you. And that really brings the perspective that you really need in cyber because cyber is multi-facets, multidimensional, and it changes every second.”
