The CISO Says So: A Fireside Chat with Yassir Abousselham

UPDATED 6/21/2020: Splunk Data Fabric Search (DFS) is no longer available for purchase as of May 20, 2020. Splunk Enterprise 8.x customers may continue to use the free version of Splunk DFS included with their Enterprise license. Version 1.1 is the final release of Splunk DFS, and version 1.2 is the final release of the accompanying Splunk DFS Manager app. There will be no additional major or minor releases of either product. Splunk DFS 1.1 and the Splunk DFS Manager app 1.2 will be supported until the October 22, 2021 end-of-support date of Splunk DFS 1.1. See the Splunk Software Support Policy for details.

Last week at RSA Conference 2020, I had the pleasure of sitting down with our new CISO, Yassir Abousselham. 

A seasoned leader in the security space, Yassir previously held leadership roles at Okta, Google, SoFi and EY. I was delighted and honored that just a few days after learning how to spell Splunk, he was able to carve out time to engage with our esteemed industry colleagues at RSA. 

To kick things off, Yassir gave some insight into his decision to join Splunk, and what it means to be a CISO today. If you’re reading this, you probably know that Splunk is a leader in the security industry. From best of breed products, to our dedication to innovation and a customer-first approach, Splunk priorities make for an easy sell to prospective employees! But Yassir comes to Splunk with an elevated lens — a strong focus on protecting Splunk corporate, as well as our production infrastructure and customer data. In addition, he intends to invest in ensuring our products continue to help our customers get maximum value from their Splunk investments by creating a feedback loop between his team and the product team.   

As the conversation evolved, we went on to discuss the importance of progressive security teams leveraging data and driving trends such as machine learning, SOAR, Data Stream Processor (DSP) and Data Fabric Search to drive the industry forward.

For you aspiring CISOs out there, Yassir had some solid advice as you advance your careers:

1. SOAR with automation
2. Reduce user friction to encourage technology adoption
3. Leverage analytics to identify areas of improvement and focus investments

All that said, my favorite part of the discussion was around culture — something that brought me to Splunk, and quite honestly, something that has kept me here for over four years. But culture has many aspects, and when it comes to building the culture of a security organization, Yassir had a clear vision:

“We need to outsmart and outpace the attackers, while maintaining business velocity. It requires understanding of offensive and defensive techniques, while having a sense of urgency for everything we do.”

Partnership, culture, and bias for action were also mentioned as key elements of success. How do we do all of that? “Hire, develop and retain the best talent,” of course!

Thanks for another great year, RSA, and thank you, Yassir, for taking the time to participate in our fireside chat. 

----------------------------------------------------
Thanks!
Meera Shankar