UPDATED 17:20 EDT / MAY 31 2024

POLICY

Risk management strategies: Trellix CISO, Harold Rivas, discusses combating organized bad actors

As companies navigate the benefits and challenges of rapidly evolving technologies, prioritizing risk management has become crucial.

The security industry is experiencing significant disruption, driven by the need for improved efficiency and continued investment in combating organized bad actors. The industry faces an “arms race” against increasingly sophisticated threats. This landscape demands that companies not only bolster security operations but also invest in new capabilities to stay ahead, according to Harold Rivas (pictured), chief information security officer of Trellix (Musarubra US LLC).

Harold Rivas, CISO of Trellix (Musarubra US LLC), talks to theCUBE about technology and risk management at RSA Conference 2024.

Trellix CISO Harold Rivas talks to theCUBE about technology and risk management.

“We have an opportunity to dramatically improve the efficiency of security operations teams out there, but we’re also confronted with the fact that our bad actors are going out there mobilizing, getting organized and finding new and effective ways to attack organizations,” he said. “There is quite a bit of an arms race. We’re absolutely making the investments. We’re looking at and have recently released capabilities that we think will help those operators. And it’s only the beginning.”

Rivas spoke with theCUBE Research’s Dave Vellante and Shelly Kramer at the RSA Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the need to focus on improving efficiency and investing in new capabilities to combat organized bad actors. (* Disclosure below.)

Balancing benefits and risks with technology through risk management

CISOs are facing challenges in understanding new capabilities but have the opportunity to define themselves as enablers of the business and manage risk effectively. CISOs recognize the need for sector-specific artificial intelligence adoption strategies to address unique vulnerabilities and capabilities in different industries, according to Rivas.

“The role of the CISO is still being written. It’s not totally clear to many organizations exactly where and how to leverage a CISO,” he said. “I think CISOs everywhere should be leaning into this as an opportunity to define themselves as an enabler of the business, as someone who can really transform the business, while at the same time benefiting from the fact that they then get to manage the risk more effectively.”

Security budgets are increasing much faster than average IT budgets, posing a challenge of compression and reduction. The need for dedicated security budgets is increasing as the number of security vendors in the stack is also increasing, with only a small percentage decreasing or consolidating, Rivas argued.

“Creating the right kinds of relationships to understand that while IT budgets might sometimes need to compress as a function of market forces, the risk oftentimes is only going up,” he said. “So having a platform to have the conversation with your boards, with your executive committee that allows for you to recognize that the threats are not reducing, it’s only getting worse and therefore special carve-outs for dedicated security budgets are going to be needed.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE Research’s coverage of the RSA Conference:

For sponsored segments:

(* Disclosure: Trellix sponsored this segment of theCUBE. Neither Trellix nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU