WEBVTT 1 00:00:00.210 --> 00:00:02.430 Anna Delaney: Hello, I'm Anna Delaney and thanks for joining 2 00:00:02.430 --> 00:00:06.030 us for the latest edition of the ISMG Editors' Panel, a weekly 3 00:00:06.030 --> 00:00:08.790 show where I'm joined by three of my colleagues to discuss the 4 00:00:08.790 --> 00:00:13.200 latest cybersecurity incidents, industry news and events. And 5 00:00:13.200 --> 00:00:16.650 I'm in good company today with Tom Field, senior vice president 6 00:00:16.650 --> 00:00:20.280 of editorial, Marianne Kolbasuk McGee, executive editor for 7 00:00:20.310 --> 00:00:23.520 HealthcareInfoSecurity, and Michael Novinson, managing 8 00:00:23.520 --> 00:00:27.000 editor for ISMG Business. Wonderful to see you all. 9 00:00:27.690 --> 00:00:28.500 Tom Field: Wonderful to see you. 10 00:00:30.870 --> 00:00:35.310 Anna Delaney: Tom, are you in the sea? Like, Sebastian, the 11 00:00:35.340 --> 00:00:35.880 crab? 12 00:00:36.390 --> 00:00:39.240 Tom Field: Under the sea. Yes, this was a trip to the New 13 00:00:39.240 --> 00:00:42.540 England Aquarium last weekend. And although it was probably 14 00:00:42.540 --> 00:00:45.180 freezing temperatures outside, this might be as close to 15 00:00:45.180 --> 00:00:48.660 tropical as I get this year. But as always looking around saying, 16 00:00:48.840 --> 00:00:51.270 "What's my virtual background going to be next week?" and it 17 00:00:51.270 --> 00:00:53.790 was right in front of me or in this case right underneath me. 18 00:00:54.120 --> 00:00:56.790 Anna Delaney: Very good. Can you give us a peek of the creature 19 00:00:56.790 --> 00:00:57.240 behind you? 20 00:00:57.660 --> 00:00:59.790 Tom Field: Yes. How about my friend, the tortoise? We don't 21 00:00:59.790 --> 00:01:00.630 have these men. 22 00:01:02.310 --> 00:01:04.890 Anna Delaney: Wonderful. Marianne, looking pretty cold 23 00:01:04.890 --> 00:01:05.370 out there. 24 00:01:06.810 --> 00:01:09.840 Marianne McGee: Yeah, this was a shot from outside our back deck 25 00:01:09.840 --> 00:01:12.720 yesterday when we had like two inches of snow, which is already 26 00:01:12.720 --> 00:01:16.290 melted. Very unusual winter so far in New England. It's the 27 00:01:16.290 --> 00:01:18.510 most snow we've gotten all winter. 28 00:01:18.720 --> 00:01:20.460 Anna Delaney: Yeah, it's supposed to be spring as well. 29 00:01:21.690 --> 00:01:24.150 Tom Field: Let's qualify that. The most snow she's gotten. 30 00:01:28.080 --> 00:01:30.810 Anna Delaney: Michael, looks enchanting. You're in a in a 31 00:01:30.810 --> 00:01:32.220 gallery, I presume? 32 00:01:32.250 --> 00:01:34.650 Michael Novinson: Indeed I am. I'm at the Rhode Island School 33 00:01:34.650 --> 00:01:38.940 of Design Museum in Providence, Rhode Island. Art Museum dates 34 00:01:38.940 --> 00:01:42.570 back to 1877. They are kind enough to do every so often 35 00:01:42.570 --> 00:01:46.440 Super Art Sundays where they do crafts and scissors and all 36 00:01:46.470 --> 00:01:49.080 kinds of fun stuff for people who have two-year-old children 37 00:01:49.080 --> 00:01:52.200 who are looking for things to do so. Fortunately, she enjoyed the 38 00:01:52.200 --> 00:01:53.970 museum and did not touch any of the artwork. 39 00:01:55.560 --> 00:02:00.210 Anna Delaney: Or steal it. Very good. Well, this is a view from 40 00:02:00.240 --> 00:02:03.690 the top of one of London's most iconic skyscrapers - you'll 41 00:02:03.690 --> 00:02:06.660 probably laugh at our version of skyscrapers. But anyway, it's 42 00:02:06.660 --> 00:02:10.050 endearingly called the Gherkin by Londoners because of its 43 00:02:10.050 --> 00:02:13.350 gherkin like shape. I'm sure you'll be familiar with the 44 00:02:13.350 --> 00:02:15.840 image. And I was there moderating a roundtable last 45 00:02:15.840 --> 00:02:18.150 night so I just had to take this epic view. 46 00:02:18.750 --> 00:02:21.300 Tom Field: Okay, why are my roundtables at steak houses and 47 00:02:21.300 --> 00:02:23.280 yours at iconic landmarks? 48 00:02:26.040 --> 00:02:27.990 Anna Delaney: Come to Europe! Well, you get the good steaks, 49 00:02:28.050 --> 00:02:32.910 right? Trade off. Well, Tom, I believe you are jumping on a 50 00:02:32.910 --> 00:02:37.410 plane next week to host ISMG Engage Toronto. Tell us about it 51 00:02:37.410 --> 00:02:39.330 and what attendees might expect. 52 00:02:39.480 --> 00:02:42.330 Tom Field: Yeah, very excited by it. So second Engage event of 53 00:02:42.330 --> 00:02:46.020 the year and as we've discussed before, this is an event that is 54 00:02:46.020 --> 00:02:48.540 sort of a cross between a traditional summit and a 55 00:02:48.540 --> 00:02:51.900 traditional roundtable where we do have an opening keynote 56 00:02:51.900 --> 00:02:56.640 featuring CISOs, we break off into pairs of roundtables. You 57 00:02:56.640 --> 00:02:59.280 attend a session for about an hour, take a break, go attend 58 00:02:59.280 --> 00:03:02.100 another session. And so it's an opportunity for people to 59 00:03:02.100 --> 00:03:06.060 network and mass and in smaller groups, and take in topics such 60 00:03:06.060 --> 00:03:09.900 as software supply chain security and SOC modernization 61 00:03:09.900 --> 00:03:12.480 are the things that we're talking about. What I'm excited 62 00:03:12.480 --> 00:03:15.870 about is the keynote panel that we're going to host. Now, the 63 00:03:15.870 --> 00:03:21.210 topic of this one is about really the modern CISO and we're 64 00:03:21.210 --> 00:03:25.470 talking about - surprise - API security, third-party risk. And 65 00:03:25.470 --> 00:03:29.250 guess what's the most popular topic of conversation in any 66 00:03:29.250 --> 00:03:30.990 cybersecurity room you enter this year? 67 00:03:32.580 --> 00:03:34.140 Anna Delaney: Is it about an AI Chatbot? 68 00:03:34.680 --> 00:03:37.500 Tom Field: It will be about an AI chatbot: The impact of 69 00:03:37.500 --> 00:03:41.310 ChatGPT. So, we've got a great panel here. It includes Rob 70 00:03:41.310 --> 00:03:45.570 Knobloch, who is the Deputy CISO with Scotiabank, one of Canada's 71 00:03:45.600 --> 00:03:49.770 major financial institutions. We've got Zia Shah, CISO, 72 00:03:49.770 --> 00:03:54.030 managing director of technology with KPMG in Canada, Greg 73 00:03:54.030 --> 00:03:58.860 Thompson, CISO with Manulife and Deniz Hanley, who is the CISO 74 00:03:58.860 --> 00:04:01.860 and head of technology and operations risk with Morgan 75 00:04:01.860 --> 00:04:05.550 Stanley. So among the topics that we're going to discuss with 76 00:04:05.550 --> 00:04:08.310 this panel - and this will be a good one to kick things off - 77 00:04:08.700 --> 00:04:13.650 we're going to talk about if API is the new endpoint, then how do 78 00:04:13.650 --> 00:04:17.610 we get a handle on inventory, vulnerabilities and defense? 79 00:04:18.600 --> 00:04:22.110 Terms of third-party risk. What happens when your greatest 80 00:04:22.110 --> 00:04:25.410 vulnerabilities are through the doors of your most strategic 81 00:04:25.410 --> 00:04:28.020 service providers? Sounds like a story Marianne writes about 82 00:04:28.020 --> 00:04:33.240 every week. And then ChatGPT, not what are just the potential 83 00:04:33.240 --> 00:04:37.110 use cases for the adversary, but what are the potential use cases 84 00:04:37.110 --> 00:04:40.530 for the defender. Each of these CISOs was adamant that this was 85 00:04:40.530 --> 00:04:42.690 something that they wanted to talk about and they wanted to 86 00:04:42.690 --> 00:04:46.710 get some input from the people in the audience. So we hope to 87 00:04:46.710 --> 00:04:49.770 open this up to a broad discussion. It's a terrific way 88 00:04:50.040 --> 00:04:52.500 to kick off the event. And I look forward to getting back to 89 00:04:52.500 --> 00:04:54.420 Toronto for the first time since the pandemic. 90 00:04:54.780 --> 00:04:57.120 Anna Delaney: Yeah, wonderful. So these Engage events are 91 00:04:57.120 --> 00:05:00.360 obviously different to our traditional summit experience. 92 00:05:00.690 --> 00:05:04.560 And what are the benefits of this sort of event? And what was 93 00:05:04.560 --> 00:05:08.490 the feedback like from our first event from attendees in New 94 00:05:08.490 --> 00:05:08.910 York? 95 00:05:09.450 --> 00:05:11.310 Tom Field: I think the benefit is you're not just sitting there 96 00:05:11.310 --> 00:05:14.760 taking in information. You know, conferences are so much sit, 97 00:05:14.820 --> 00:05:17.790 listen to an individual presenter, listen to a panel, 98 00:05:17.790 --> 00:05:21.690 maybe getting a question or two. We start with the panel, but 99 00:05:21.690 --> 00:05:24.720 then we immediately break into smaller discussion groups where 100 00:05:24.720 --> 00:05:27.960 there's more interaction. So I think, for the attendee, you're 101 00:05:27.960 --> 00:05:31.350 just more, well, I hate to say it, but you're more engaged. And 102 00:05:31.350 --> 00:05:34.590 that's a good thing. And for the sponsors and the speakers is an 103 00:05:34.590 --> 00:05:38.370 opportunity not just to present information, but to take in 104 00:05:38.370 --> 00:05:42.180 information. So I think that the give and take just offers 105 00:05:42.180 --> 00:05:45.780 everyone a higher level of interactivity and engagement 106 00:05:45.780 --> 00:05:48.990 than they've ever had before. You will walk away with some new 107 00:05:48.990 --> 00:05:52.860 ideas, you will walk away with some new contacts and maybe even 108 00:05:52.860 --> 00:05:57.000 some context. So it's a terrific way to consolidate everything 109 00:05:57.000 --> 00:05:59.850 into four or five hours. It's almost like a conference. 110 00:06:00.720 --> 00:06:02.430 Concentrate, if you want to say. 111 00:06:03.720 --> 00:06:05.040 Anna Delaney: We're looking forward to hearing your 112 00:06:05.040 --> 00:06:08.010 takeaways next week. Good luck with the event. 113 00:06:08.280 --> 00:06:10.260 Tom Field: Thank you so much. Look for Anna. Next one's coming 114 00:06:10.260 --> 00:06:12.330 to your town. So pay particular attention. 115 00:06:12.810 --> 00:06:14.940 Anna Delaney: Yes, in May. I'm looking forward to that. 116 00:06:16.080 --> 00:06:20.220 Marianne, you've written this week about a U.S. Supreme Court 117 00:06:20.220 --> 00:06:23.670 hearing involving a case of healthcare fraud and identity 118 00:06:23.670 --> 00:06:25.950 theft. So it sounds pretty serious there. 119 00:06:26.670 --> 00:06:28.830 Marianne McGee: You're right, Anna. It's actually an 120 00:06:28.830 --> 00:06:33.870 interesting case. The Supreme Court heard arguments on Monday 121 00:06:33.990 --> 00:06:37.440 in a case that involves healthcare fraud and identity 122 00:06:37.440 --> 00:06:42.840 theft. And it's worth watching on several levels. Now, the case 123 00:06:42.840 --> 00:06:47.280 involved a gentleman or an individual named David Dubin, 124 00:06:47.280 --> 00:06:51.480 who is the managing partner at a Texas psychological services 125 00:06:51.480 --> 00:06:57.240 company, and Dubin, in 2020, was convicted of Medicaid fraud for 126 00:06:57.240 --> 00:07:01.680 overbilling the scope of mental health evaluations that were 127 00:07:01.680 --> 00:07:06.750 provided to a patient, and his conviction - Dubin received a 128 00:07:06.750 --> 00:07:10.590 one-year prison sentence for the Medicaid fraud. But the Texas 129 00:07:10.590 --> 00:07:14.880 Court also tagged on an extra two-year mandatory sentence for 130 00:07:14.880 --> 00:07:19.200 aggravated identity theft, because he used a patient's name 131 00:07:19.230 --> 00:07:24.390 while submitting the exaggerated bills to Medicaid. Now, federal 132 00:07:24.390 --> 00:07:28.350 prosecutors have obtained the identity theft conviction by 133 00:07:28.350 --> 00:07:33.390 pointing to a statute that makes it a felony to use, without 134 00:07:33.390 --> 00:07:38.640 lawful authority, another person's identity, and by saying 135 00:07:38.640 --> 00:07:43.230 that Dubin acted outside the law by submitting a false claim in 136 00:07:43.230 --> 00:07:47.250 that patient's name. And the patient is a minor that is 137 00:07:47.250 --> 00:07:52.530 identified in court proceedings only as patient L. So Dubin last 138 00:07:52.530 --> 00:07:55.980 year challenged the aggravated identity theft conviction in a 139 00:07:55.980 --> 00:08:00.480 Texas appeals court. But that court upheld the lower court's 140 00:08:00.480 --> 00:08:05.280 decision. To the Supreme Court, Dublin's attorney argued that 141 00:08:05.280 --> 00:08:09.720 Dubin did not use the patient's identity in relationship to the 142 00:08:09.750 --> 00:08:14.790 healthcare fraud offense, but the use of the patient's name 143 00:08:14.790 --> 00:08:19.260 was merely incidental to that. And the attorney also argue that 144 00:08:19.260 --> 00:08:22.500 Dubin did not use the patient's identity without lawful 145 00:08:22.500 --> 00:08:26.040 authority, because he had the patient's permission to build 146 00:08:26.160 --> 00:08:30.930 Medicaid for the services. And that's what Dubin did. A 147 00:08:30.930 --> 00:08:33.840 transcript of the Supreme Court hearing indicates that the 148 00:08:33.840 --> 00:08:37.350 justices were really sort of picking at the arguments that 149 00:08:37.350 --> 00:08:41.550 the attorney was making. The justices questioned other 150 00:08:41.580 --> 00:08:46.200 potential scenarios involving authorized use of identity 151 00:08:46.200 --> 00:08:50.790 versus potential identity theft committed in other sort of fraud 152 00:08:51.090 --> 00:08:55.350 examples. For instance, one of the justices asked if it would 153 00:08:55.350 --> 00:08:59.640 be considered identity theft if a waiter used a customer's 154 00:08:59.640 --> 00:09:03.870 credit card to add food items onto the bill that the customer 155 00:09:03.870 --> 00:09:07.890 didn't order, or if the waiter instead use the customer's 156 00:09:07.890 --> 00:09:11.910 credit card to pay down the waiter's mortgage. Now, some 157 00:09:11.910 --> 00:09:16.890 legal experts also say that the Supreme Court ruling to overturn 158 00:09:16.890 --> 00:09:21.450 - if it does overturn this lower court's decision - could impact 159 00:09:21.450 --> 00:09:25.170 the scope of what constitutes identity theft in healthcare but 160 00:09:25.170 --> 00:09:30.150 also perhaps in other scenarios. Also, some legal experts say 161 00:09:30.150 --> 00:09:33.960 that the federal prosecutors in the Dubin case could have used 162 00:09:34.410 --> 00:09:39.060 other legal strategies in their case such as pursuing criminal 163 00:09:39.060 --> 00:09:43.260 HIPAA charges for wrongfully disclosing patient information 164 00:09:43.290 --> 00:09:46.890 in the committing of this healthcare fraud. So it's a 165 00:09:46.890 --> 00:09:50.400 complicated case. Interesting, and we'll see what happens. 166 00:09:51.660 --> 00:09:53.640 Anna Delaney: Yeah, very interesting. I was reading that 167 00:09:54.000 --> 00:09:57.540 criminal defense lawyers have referred to the prosecution as a 168 00:09:57.540 --> 00:10:01.140 symptom of the federal over-criminalization epidemic. 169 00:10:01.710 --> 00:10:04.530 Do you think this argument has weight to it? 170 00:10:06.270 --> 00:10:10.290 Marianne McGee: Ah, well, I'm not a real expert, but certainly 171 00:10:10.290 --> 00:10:12.930 when I was reading the transcript from the Supreme 172 00:10:12.930 --> 00:10:15.660 Court hearing, there were a lot of different examples that were 173 00:10:15.660 --> 00:10:20.070 brought up. Well, if this was fraud, why would - if this is 174 00:10:20.070 --> 00:10:24.120 identity theft, why would that maybe not be? And, you know, 175 00:10:24.120 --> 00:10:28.020 kind of making the example that while maybe it's overdoing it to 176 00:10:28.020 --> 00:10:31.830 say that just because you use the patient's name, and then you 177 00:10:31.830 --> 00:10:36.810 overbuild Medicaid, that using that patient's name was identity 178 00:10:36.810 --> 00:10:43.110 theft. But you had the patient's name for lawful billing of 179 00:10:43.110 --> 00:10:46.560 Medicaid. You just happen to overbill and committed fraud. So 180 00:10:46.560 --> 00:10:48.720 was that really identity theft? And those were the sorts of 181 00:10:48.870 --> 00:10:52.590 examples that they were kind of chewing over. So we'll see what 182 00:10:52.590 --> 00:10:53.190 happens. 183 00:10:53.220 --> 00:10:55.440 Anna Delaney: Yeah, very interesting. Thanks, Marianne. 184 00:10:56.160 --> 00:10:59.610 So Michael, there's been much talk about tough economic times. 185 00:10:59.610 --> 00:11:02.730 Recently, we've discussed various layoffs at numerous tech 186 00:11:02.730 --> 00:11:05.640 companies on this program. However, you're going to be 187 00:11:05.640 --> 00:11:08.040 showing something almost at the other end of the spectrum: 188 00:11:08.220 --> 00:11:11.820 cybersecurity company Wiz is experiencing some explosive 189 00:11:11.820 --> 00:11:13.980 growth. Do share more details. 190 00:11:14.700 --> 00:11:17.730 Michael Novinson: Of course, and I'm glad to do that, Anna. So in 191 00:11:17.730 --> 00:11:21.240 terms of Wiz, it's a really interesting story. The founders 192 00:11:21.240 --> 00:11:24.030 behind Wiz had actually earlier on created a company called 193 00:11:24.090 --> 00:11:26.820 Adallom that was a pioneer in the cloud access security broker 194 00:11:26.820 --> 00:11:30.450 market. They sold it to Microsoft back in 2015 for 320 195 00:11:30.450 --> 00:11:32.550 million, which was a whole lot of money for a security 196 00:11:32.550 --> 00:11:36.750 acquisition back then. And then essentially, ran Microsoft's 197 00:11:36.750 --> 00:11:38.730 cloud security business for a number of years, both 198 00:11:38.730 --> 00:11:41.520 connections and relationships there. They leave at the end of 199 00:11:41.520 --> 00:11:45.600 2019, at 2020, they launched a company called Wiz. I really 200 00:11:45.600 --> 00:11:48.720 tried to focus on the CNAPP space, that cloud network 201 00:11:48.720 --> 00:11:52.200 application protection platform. So bringing together CASBs and 202 00:11:52.500 --> 00:11:56.100 CSPM and SIEM. So, you're safeguarding applications, data 203 00:11:56.100 --> 00:11:59.880 user workloads, all from the same platform. So they launched 204 00:11:59.880 --> 00:12:03.180 in February of 2020, which was after you'd already seen some 205 00:12:03.180 --> 00:12:05.910 other folks launch, and then they emerge from stuff in 206 00:12:05.910 --> 00:12:10.500 December of 2020, with $100 million in funding and some 207 00:12:10.500 --> 00:12:13.260 other pretty impressive accolades. We're not even three 208 00:12:13.260 --> 00:12:15.900 years out from that, or just about three years after that. 209 00:12:16.200 --> 00:12:19.920 And they are now announcing that they have 100 million in annual 210 00:12:19.920 --> 00:12:23.610 recurring revenue. And they just received a valuation of $10 211 00:12:23.640 --> 00:12:29.970 billion, which is up from $6 billion back in October of 2021, 212 00:12:29.970 --> 00:12:34.530 which was really the peak of the economic boom. So somehow, in 213 00:12:34.530 --> 00:12:38.460 the past 16 months, they have actually increased their 214 00:12:38.460 --> 00:12:43.410 valuation by two thirds or about 67%, which is really remarkable. 215 00:12:43.410 --> 00:12:45.810 I mean, you could look across the private markets, the public 216 00:12:45.810 --> 00:12:51.120 markets, nobody's worth 67% more today than they were 16 months 217 00:12:51.120 --> 00:12:55.110 ago. To give you another data point around that, when they got 218 00:12:55.110 --> 00:12:59.250 their $6 billion valuation in October 2021, they had 168 219 00:12:59.250 --> 00:13:02.610 employees. Today, they have more than 650 employees. So they've 220 00:13:02.610 --> 00:13:05.790 nearly quadrupled their headcount in the past 16 months. 221 00:13:05.790 --> 00:13:09.630 Again, I know it's of a smaller base, but you simply can't find 222 00:13:09.630 --> 00:13:15.960 anybody in cybersecurity, who is quadrupling headcount in the 223 00:13:15.960 --> 00:13:21.000 face of a recession. I'll add to that, today, at this 10 billion 224 00:13:21.000 --> 00:13:23.730 they are what's called a Decacorn status, which is 225 00:13:23.730 --> 00:13:26.340 essentially a super fancy unicorn, it's that 10 billion 226 00:13:26.340 --> 00:13:29.370 valuation rather than that 1 billion valuation. They're the 227 00:13:29.370 --> 00:13:33.930 fastest SaaS company ever to get to Decacorn status: 2.9 years. 228 00:13:33.930 --> 00:13:38.370 So that's faster than Facebook or Twitter, Uber, Airbnb. So 229 00:13:38.370 --> 00:13:42.720 we're talking about a really remarkable story here. And I 230 00:13:42.720 --> 00:13:45.570 mean, I think it speaks to the quality of the technology and it 231 00:13:45.570 --> 00:13:48.690 speaks to the quality of the relationships that these 232 00:13:48.690 --> 00:13:51.840 founders have, as well as their pedigree, given everything the 233 00:13:51.840 --> 00:13:55.020 founding team has done. I think this is going to have massive 234 00:13:55.020 --> 00:13:58.530 ramifications for the industry. So if you're to take a step back 235 00:13:58.530 --> 00:14:03.210 here, if you think about maybe the endpoint market going back 236 00:14:03.210 --> 00:14:05.880 to maybe 2017, 2018, when they entered security, there were a 237 00:14:05.880 --> 00:14:09.330 ton of these next-generation endpoint companies, you had 238 00:14:09.330 --> 00:14:12.630 CrowdStrike and SentinelOne and Carbon Black and Cylance and 239 00:14:12.990 --> 00:14:17.100 Endgame and Cybereason. So you had really six companies doing 240 00:14:17.130 --> 00:14:21.360 endpoint detection response, you fast forward five years and now 241 00:14:22.230 --> 00:14:24.570 things are really checked out. CrowdStrike is obviously one of 242 00:14:24.570 --> 00:14:27.450 the biggest companies in the industry, SentinelOne has a 243 00:14:27.450 --> 00:14:30.720 niche among smaller customers. They went public and then a 244 00:14:30.720 --> 00:14:33.660 downturn hit them a little bit. Cybereason's still privately 245 00:14:33.660 --> 00:14:35.850 held, trying to navigate through that and then the other three 246 00:14:35.850 --> 00:14:39.330 all sold, Carbon Black sold to VMware, Cylance sold to 247 00:14:39.330 --> 00:14:43.680 BlackBerry and Endgame sold to Elastic. I think you're going to 248 00:14:43.680 --> 00:14:46.680 see a really similar dynamic here in the CNAPP market. So you 249 00:14:46.680 --> 00:14:49.740 have a number of pure play startups, you have Wiz, you have 250 00:14:49.770 --> 00:14:53.010 Orca, you have Lacework you have Aqua you have Sysdig, they all 251 00:14:53.010 --> 00:14:55.980 do very similar things. And I think you're really starting to 252 00:14:55.980 --> 00:14:59.460 get some calling now. I think this $10 billion valuation is a 253 00:14:59.460 --> 00:15:03.270 sign that investors, as well as customers, see Wiz is the clear 254 00:15:03.270 --> 00:15:06.240 market leader, that they may be the CrowdStrike of the CNAPP 255 00:15:06.240 --> 00:15:08.670 market. So what does that mean for the rest of these companies? 256 00:15:08.700 --> 00:15:12.090 Do they try to maybe focus a little bit downmarket since Wiz 257 00:15:12.090 --> 00:15:14.790 is really focused on the larger enterprises? Do they look for 258 00:15:15.060 --> 00:15:18.450 financial buyer or strategic buyer, or for some type of an 259 00:15:18.450 --> 00:15:22.350 exit, or, and I think you're going to start to see a pretty 260 00:15:22.350 --> 00:15:25.230 significant reduction in the number of players here. The 261 00:15:25.230 --> 00:15:28.620 other thing I will point out and similar to what CrowdStrike has, 262 00:15:28.620 --> 00:15:30.930 where they really have to compete against Microsoft as a 263 00:15:30.930 --> 00:15:34.740 broader platform play, Wiz also faces some very stiff 264 00:15:34.740 --> 00:15:38.010 competition in the form of Prisma Cloud, which is the Palo 265 00:15:38.010 --> 00:15:41.520 Alto Networks' cloud security portfolio. And they're the clear 266 00:15:41.520 --> 00:15:44.760 market incumbent here. They built it out through acquisition 267 00:15:44.760 --> 00:15:49.440 over the past half decade. But it does speak to - I mean Palo's 268 00:15:49.470 --> 00:15:51.930 doing great, but it does speak to the sense that maybe 269 00:15:51.930 --> 00:15:55.740 customers aren't fully satisfied. Wiz has 35% of the 270 00:15:55.740 --> 00:15:58.680 Fortune 100 working with them, it's hard to imagine that 271 00:15:59.010 --> 00:16:02.010 Fortune 100 customers would work with both Prisma Cloud and Wiz - 272 00:16:02.040 --> 00:16:04.920 they do very similar things. Of course, these Fortune 100 273 00:16:04.920 --> 00:16:07.440 companies, they use Palo Alto Networks' firewalls, or their 274 00:16:07.440 --> 00:16:11.850 SOC or anything else. But it does speak to maybe that there's 275 00:16:11.850 --> 00:16:14.310 a little bit of dissatisfaction if some of these folks are 276 00:16:14.580 --> 00:16:18.300 looking to Wiz for their cloud security needs. I'll leave you 277 00:16:19.110 --> 00:16:21.840 with a quote here from Assaf Rappaport. This is the CEO of 278 00:16:21.840 --> 00:16:24.840 Wiz. He was talking about this in a press article Monday, and 279 00:16:24.840 --> 00:16:28.710 he had said that in terms of Palo Alto Networks, that from a 280 00:16:28.710 --> 00:16:31.470 customer's perspective, it's a Frankenstein mash up. It's hard 281 00:16:31.470 --> 00:16:34.920 to deploy, hard to use and more noisy than Wiz' products. So 282 00:16:35.280 --> 00:16:38.040 gives you a pretty clear sense of how they're trying to go and 283 00:16:38.040 --> 00:16:41.280 compete and win against power. But definitely, I think they're 284 00:16:41.280 --> 00:16:43.950 then - for the past couple years really the question after 285 00:16:43.950 --> 00:16:46.980 CrowdStrike kind of just overthrown Symantec overthrown 286 00:16:46.980 --> 00:16:49.830 McAfee, who's going to be the next great company in 287 00:16:49.830 --> 00:16:52.380 cybersecurity? And I think we now have our answer. 288 00:16:54.030 --> 00:16:56.190 Anna Delaney: Great, great. So overview intriguing 289 00:16:56.190 --> 00:17:00.420 developments. So is Wiz concerned and its investors, are 290 00:17:00.420 --> 00:17:03.570 they concerned by an impending recession? Do we know? 291 00:17:03.690 --> 00:17:05.370 Michael Novinson: Really doesn't seem like it. And I know I'd 292 00:17:05.370 --> 00:17:09.660 talked to Ami Luttwak in our studios at RSA Conference in 293 00:17:09.660 --> 00:17:17.460 last June on this very topic. And I mean, they at some point, 294 00:17:17.460 --> 00:17:21.030 it's kind of escape velocity. If you're growing your topline so 295 00:17:21.030 --> 00:17:24.270 fast, the things that affect others don't affect you. I mean, 296 00:17:24.300 --> 00:17:26.400 you can see that there. That's not the case of their peers. 297 00:17:26.400 --> 00:17:29.100 Lacework in the cloud security market has done layoffs, Aqua 298 00:17:29.100 --> 00:17:33.810 Security has done layoffs. And I mean, I'd actually spoken - we 299 00:17:33.810 --> 00:17:36.360 published earlier this month in interview with Assaf Rappaport, 300 00:17:36.390 --> 00:17:40.200 the CEO of Wiz, he was in our virtual studios, and he had said 301 00:17:40.500 --> 00:17:43.140 to us, "In these times, the best companies are actually growing, 302 00:17:43.140 --> 00:17:46.530 the best companies are actually winning." And people always talk 303 00:17:46.560 --> 00:17:50.280 about how Uber and Airbnb came out of their own recessions. And 304 00:17:50.280 --> 00:17:53.370 it does seem that essentially, if you're - I mean, typically 305 00:17:53.370 --> 00:17:56.010 companies want to grow revenue faster than you grow headcount. 306 00:17:56.010 --> 00:17:58.050 But if you're growing revenue fast enough, you got to add 307 00:17:58.050 --> 00:18:01.710 people. And if they're nearly quadrupling headcount in 16 308 00:18:01.710 --> 00:18:04.230 months, that really says something about how fast that 309 00:18:04.230 --> 00:18:05.280 revenue growth must be. 310 00:18:06.780 --> 00:18:09.210 Anna Delaney: You intent to interview Wiz at RSA this year? 311 00:18:09.870 --> 00:18:11.070 Michael Novinson: I'd certainly love to. 312 00:18:12.060 --> 00:18:14.280 Anna Delaney: Very good. We look forward to that. Thanks, 313 00:18:14.280 --> 00:18:18.450 Michael. Okay, and finally, I believe the month of March is 314 00:18:18.450 --> 00:18:21.510 already upon us. Can you believe? Thank goodness. And I 315 00:18:21.510 --> 00:18:24.750 seem to remember a bit of excitement last year, around 316 00:18:24.750 --> 00:18:27.960 March Madness, a reference, I believe, which will be familiar 317 00:18:27.960 --> 00:18:31.680 with the followers of men's U.S. college basketball, Tom, am I 318 00:18:31.680 --> 00:18:35.160 right? Can you help me with the explanation for those who are 319 00:18:35.220 --> 00:18:37.860 unfamiliar with this phrase? 320 00:18:38.970 --> 00:18:40.380 Tom Field: I think you've captured that well, we have 321 00:18:40.380 --> 00:18:41.670 educated you. That's good to hear. 322 00:18:42.480 --> 00:18:46.620 Anna Delaney: Getting there. So my last question is inspired by 323 00:18:46.650 --> 00:18:51.240 March Madness. What's your best or even tackiest or corniest 324 00:18:51.270 --> 00:18:53.580 sports cybersecurity analogy? 325 00:18:54.420 --> 00:18:56.040 Tom Field: I don't have an analogy so much but I have a 326 00:18:56.040 --> 00:18:58.980 saying from sports I think is very applicable to cybersecurity 327 00:18:58.980 --> 00:19:01.710 as well as to life. Believe it or not, I heard this on sports 328 00:19:01.710 --> 00:19:05.460 radio years ago from an ex-football player. And he was 329 00:19:05.460 --> 00:19:11.520 talking about how hard times don't build character. They 330 00:19:11.520 --> 00:19:15.510 reveal it. Thought about that a lot over the years. I think it's 331 00:19:15.510 --> 00:19:18.060 very applicable to life but also to cybersecurity. We've seen 332 00:19:18.060 --> 00:19:20.880 some very high-profile incidents. We've all covered 333 00:19:20.880 --> 00:19:23.220 them. We've all talked about people that have responded to 334 00:19:23.220 --> 00:19:26.220 them one way or another, poorly or not poorly. And I think it 335 00:19:26.220 --> 00:19:30.810 holds true. Yeah, times such as those, events don't build 336 00:19:30.810 --> 00:19:33.690 character as we always say, they reveal the character that's 337 00:19:33.690 --> 00:19:35.580 already there. I think that's something to bear in mind. 338 00:19:36.870 --> 00:19:39.990 Anna Delaney: Great, great. Love it. Marianne? 339 00:19:40.380 --> 00:19:43.050 Marianne McGee: Well, mine's not as philosophical as Tom's. 340 00:19:43.980 --> 00:19:48.060 Mine's a baseball analogy. You see lots of strikes and hits and 341 00:19:48.330 --> 00:19:52.530 I guess there's a home run if the attackers get a big ransom 342 00:19:52.530 --> 00:19:55.590 payment. That's all I got. 343 00:19:56.880 --> 00:19:58.590 Anna Delaney: I like that. That is actually very creative. 344 00:20:00.300 --> 00:20:00.840 Michael? 345 00:20:02.220 --> 00:20:04.290 Michael Novinson: So I will say and I will note that at long 346 00:20:04.290 --> 00:20:06.780 last, March Madness actually now it's allowed to apply to the 347 00:20:06.780 --> 00:20:09.120 women's college basketball tournament here. There is a long 348 00:20:09.120 --> 00:20:13.050 licensing argument that it lasted, can now apply to both 349 00:20:13.050 --> 00:20:16.380 sexes, which is good. But I'm actually sticking to baseball as 350 00:20:16.380 --> 00:20:19.350 well. And it's cliche but just this innings analogy when 351 00:20:19.350 --> 00:20:21.780 talking about maturity of different technology markets 352 00:20:21.780 --> 00:20:24.840 that you would say, whatever firewalls or antivirus software, 353 00:20:24.840 --> 00:20:28.890 really late innings items, and then maybe something like API 354 00:20:28.890 --> 00:20:31.410 security is really just in the first inning or software supply 355 00:20:31.410 --> 00:20:34.230 chain security is in the first inning. To answer the question, 356 00:20:34.230 --> 00:20:36.540 I'm sure that's on everyone's minds, in terms of the cloud 357 00:20:36.540 --> 00:20:38.970 security, I'll say to the third inning, I think we are starting 358 00:20:38.970 --> 00:20:43.020 to see some consolidation, some synthesis in this market. 359 00:20:43.920 --> 00:20:45.300 Anna Delaney: That's what I love about this last question. 360 00:20:45.300 --> 00:20:48.390 Everybody has a different take. Well, I'm going to recall what 361 00:20:48.390 --> 00:20:52.530 your former president Obama said about American cybersecurity, 362 00:20:52.530 --> 00:20:55.080 and this was obviously a few years back. This is more like 363 00:20:55.140 --> 00:20:57.870 basketball than football in the sense that there's no clear 364 00:20:57.870 --> 00:21:00.600 lines between offense and defense and things are going 365 00:21:00.600 --> 00:21:03.060 back and forth all the time. And I think that's a really 366 00:21:03.060 --> 00:21:05.070 interesting spot-on analogy. 367 00:21:05.550 --> 00:21:07.050 Tom Field: The game is getting faster and there aren't nearly 368 00:21:07.050 --> 00:21:07.860 enough officials. 369 00:21:08.160 --> 00:21:12.870 Anna Delaney: Yeah, very messy. Well, Marianne, Michael and Tom, 370 00:21:12.870 --> 00:21:15.240 thank you very much. This has been a pleasure and very 371 00:21:15.240 --> 00:21:16.110 interesting discussion. 372 00:21:16.110 --> 00:21:18.240 Tom Field: As always. Thanks. 373 00:21:19.410 --> 00:21:21.600 Anna Delaney: And thanks so much for watching. Until next time.