12 days of security: Day 12

Speaker 1: Hello, everyone. Welcome to the 12 days of Security. My name is Akira Brand. I am your host for today. And today we are joined by Gadi Bashvitz. Welcome, Gadi.

Speaker 2: Hi. Thanks for having me. Are you doing a day thing for Hanukkah as well, or just the 12-day thing for Christmas?

Speaker 1: You know, we’re doing the 12-day thingy for cyber security.

Speaker 2: Oh, okay. And it encapsulates all holidays. Even people who celebrate festivals can benefit from this.

Speaker 1: Yeah, absolutely. This is very neutral, as it were.

Speaker 2: So.

Speaker 1: Right. So, Getty, can you tell us a little bit about what you do at Bright.

Speaker 2: I’m the CEO of Bright. That stands for the chief executive officer. But that just means that I get to dip my toes everywhere in the company and try to make sure that everything is working smoothly, refining and driving our strategy and direction and helping everybody in the team to achieve that strategy and the direction.

Speaker 1: Guys. And one other question. I hear you have a best friend. You have a dog that you’re very into.

Speaker 2: Well, now we have two dogs. I don’t know if you saw that as of last Friday, we actually have another addition to our little pack. So, yes, we do have butterscotch. She is our OG or original Dog or Odie. She is eight and eight years old as she may, you know. So a doge for those who know. And then the latest addition to the family is his name is Baloo. He is nine weeks old today and he is what’s called the border mix that I’d never heard of before or before is half border Collie, half Labrador.

Speaker 1: Very good. All right. Well, congratulations on your new family member.

Speaker 2: Thank you. Yeah, some people were on the call this morning at 8:00 AM to see him because we decided he really needed attention at that point.

Speaker 1: So their reward certainly for waking up early. Absolutely. All right. So, Gadi, tell me what happened this year in the cybersecurity industry that really stood out to you.

Speaker 2: So I think it’s it starts actually broader than just cyber security. Right. We had a huge change in the economic landscape overall this year. And in addition to that, we have the war in Ukraine, which there were those were two very big changes, economical changes in the world overall that had an impact on cyber security directly. There were a few other things that were macroeconomic that had an impact on the world of cyber. But probably those two activities or those two things had the biggest impact. What that means is that the attacks that we’re seeing from nation-states and the attacks we are seeing from large operators have increased significantly as global stability is not as stable as it should be. And these large operators are looking to gain an angle and gain advantage as part of that war. Attacks from China, attacks from Russia, and places like that have become a lot more prevalent and they are intended to distract from some of the other facts that are happening on the ground, unfortunately. So organizations have seen an increased number of attacks. Plus, when you’re starting to look at a world that is slightly less stable, something needs to fund a lot of these military activities. And attacking corporations and ransoming organizations is a very interesting way of doing that. So we’ve seen an increase in some of those activities as well, and organizations have to be a lot more vigilant and protect themselves even more than they had to before because that attack landscape gets bigger and bigger every year. And this year was no exception, especially because of these macro things that happened. So I think it’s no different than then what we’ve seen over the last few years. But there were a few accelerants this year that stood out. And they’re important to mention.

Speaker 1: That’s actually an interesting point, that because of war and economic instability, these nation-states are taking a more active role. I personally have not thought about ransomware being used to fund nation-state attacks. That is an interesting angle to take in deemed.

Speaker 2: Well, it’s you know, nation-state doesn’t actually always mean that it’s the nation. It just means that it’s a big enough power that could be seen as a nation-state. And there are these hacker organizations and hacker groups that are massive and they’re very, very big. And they’re funding some of their activities by successfully hacking into organizations.

Speaker 1: Okay. So on that note, I’m curious.

Speaker 2: On that happy note. Yeah. Woo hoo!

Speaker 1: So on that note, happier set. I’m curious about what challenges you faced this year and how you overcame those.

Speaker 2: I think so. There I can type to that. Right. As the CEO of a cybersecurity company or a CEO of any company, when there is an economic downturn, you are concerned because when the world is frothy and everybody is has a lot of money and everybody’s feeling very, very comfortable, you know, that funding is is easy to come by. You know that growing the company is easy to come by. You know, the valuations are high when you start looking at a global downturn, whether it’s a recession or not, depending on definitions that you look at right now, we’re not in a formal recession, but we’re definitely seeing a downturn. And that is impacting both the investment community and our customers and their willingness to spend. So those are some of the concerns and challenges that, as the CEO I faced because we are looking at the long-term growth of the company and the long-term sustainability of the company. And in order to address them, we had to take very clear steps to make sure that we are securing the company for long-term growth. We were lucky that we closed a round of funding earlier in the year, right? The timing was perfect. Closing that in Q one this year right before the downturn happened. But we immediately took action. We are very cautious of our spending. We are very cautious of no, not overspending as a company and making sure that our spending ratio is aligned with the revenue that we are bringing in because we know that there’s a huge opportunity ahead of us and we need this time to get there. So those are some of the challenges that are slightly different for for us as the management team that we’re looking at this year to, to make sure that. That we are long-term viable and long-term living up to the promise that we’re all working.

Speaker 1: Yeah. Yeah. I mean, like you said, if we can bide our time and make it through, then there will be immense rewards, which is it’s very motivating, Right? So it’s worth it. But yeah, you’re right. I think companies across the board are doing the proverbial tightening of the belts.

Speaker 2: To make sure that. The other interesting thing, though, is a lot of when when when the economy is frothy, you see a lot of companies that shouldn’t be around actually raising money and taking away talented people, etc.. So when there is a tightening of the belt, as you said, it’s actually an opportunity for companies that are really viable, that have a product that provides significant value to customers, to deleverage that environment and to grow more effectively. So we’re actually excited about that.

Speaker 1: Absolutely. Yeah. It’s a good excitement for sure. And many, many good companies are excel in downturns or in recessions. And I think we’re going to be one of them. So let’s do that. So on that note, what do you predict will happen next year, the good and the bad?

Speaker 2: I wish I could actually predict what will happen next year, but I think a. Things are pretty clear. One of the. The is the path that we are we are on or the trajectory that we are on, where we are seeing specifically in the cybersecurity space that the threats level continues going up, attacks continue going up. Bad actors continue attacking and going after organizations, etc. is is absolutely going to continue. And that’s not going to slow down. That’s on the negative side, I think on the positive side and we’re seeing that shift already happening is the for us and and for organizations that are deploying our solutions, that mentality of better collaboration between teams and development organizations, the mentality of not having the abstract team try to do everything And security is not just a problem. Security is everybody’s problem. And the ability for App six to rely on developments to shoulder some of the burden around security and work collaboratively with them, I think that’s that’s a trend that is gaining momentum and will significantly continue into next year and the year beyond. And that’s exciting because organizations will become more secure, they will become more resilient and less prone to attacks. So it’s a very positive thing with the increasing global trends that we’re seeing.

Speaker 1: I agree. I think that makes good sense, like the fact that these attacks are coming on so relentlessly and at the same time, apps like teams and dev teams are realizing, oh, we have to work together, we got to collaborate. And in order to defend against these attacks, it’s kind of like all hands on deck, right?

Speaker 2: And it’s also just, you know, the measure once, measure twice, cut once. If you if you don’t do that and you don’t plan ahead of time, you are paying the price very significantly for a vulnerability that actually happened that made it into production. Either it was exploited. And obviously as an organization, you’re paying a lot if that happens or even if it wasn’t exploited. But now you’re developers need to go and figure out a vulnerability that was introduced into your product six months ago, and it will take them two, three, four weeks to work on it and resolve it, which just killed the sprint or two that you were planning. So if you if you plan correctly and you plan for security as part of your design and implementation stage, you’re going to save a lot of resources.

Speaker 1: So the last question I have for you might actually be related to this. We’ll find out. But what security gift do you want for the holidays? This could be a literal gift or a wish you have. Like every single developer gets secret code training.

Speaker 2: So I think he tied ties to it. One of the first webinars we did this year, I ran it with one of our advisors, Omar, and one of our investors in the Amex. And the point the term we point there was the app second developer happiness factor because they, they both had the right tools and the right collaboration in order to work together in a better way. And I think the gift that I would have is that the happiness factor would go much, much higher in 2023 because the organizations are deploying the correct solutions that enable the app team and the developer organizations to collaborate in a much better way and rely on each other to to create more secure applications in APIs. So that increases significant increase in the happiness factor.

Speaker 1: I think that happiness is a is good note to end on in a and a very valiant wish. So, Gadi, thank you so much for your time. To our listeners, thank you for your time and for tuning in. We have been here with Gadi Bashvitz, the CEO of Bright Security two. Happy holidays to everybody. And thank you again, Gadi, for joining us.

Speaker 2: Thanks, Akira. And happy holidays, everybody.