Subscribe
Share
Share
Embed
In this episode of the Core Strength Podcast, we sit down with Yaron Levi, CISO of Dolby, to explore one of the most overlooked realities in cybersecurity: most companies don’t get breached because they lack the most advanced tools or controls, they get breached because of the lack of operational discipline. Yaron breaks down why the majority of security incidents still come down to the same foundational issues they did decades ago - misconfigurations, weak access controls, unpatched systems, and network complexity - despite endless innovation across the security industry. We discuss why concepts like inventory management, configuration management, change control, patching, and segmentation remain the backbone of security, even as the industry constantly chases new technologies and shiny objects.
The conversation dives deep into the operational realities behind modern enterprise security. Yaron explains how cloud, identity systems, SaaS, and AI have not eliminated networks or perimeters, but instead multiplied them exponentially, creating an explosion of complexity that organizations struggle to manage. We explore why operational rigor often loses out to speed and efficiency, how technical debt compounds over time, and why many security tools still overwhelm teams with endless lists of problems without helping them take meaningful action. Yaron also shares his perspective on the future of AI in security - not as a replacement for humans, but as a way to process massive amounts of context, automate operational discipline, and help security teams make better decisions at scale while keeping humans in control.
Creators and Guests
What is The Core Strength?
Welcome to The Core Strength Podcast, a place for network security professionals who care about getting the basics right. Each episode brings together experienced practitioners to share insights, stories, and practical lessons from the field.
Welcome to the Core Strength podcast. Every piece of data you create, every system you rely on, and now every AI agent you deploy, it all runs through one place, the network. The network is the foundation. On Core Strength, we bring together people who actually secure modern networks, security engineers, network architects, leaders, and builders. Together, we break down how it really works, the decisions, the trade offs, and the lessons learned from operating at scale in the real world.
Richie Hartnett:Let's get into it.
Ross Haleliuk:Welcome, Yaron. Excited to have you.
Yaron Levi:Thank you. Glad to be here.
Ross Haleliuk:Let's dive right in and try to answer the most critical question in security. Why do companies get breached? I know you have this concept that I wholeheartedly agree with, the fact that the number one reason why companies get breached is the lack of operational discipline. Talk to me about this.
Yaron Levi:Oh, yeah. So this is something I've been thinking about for a while now. And I've been in the industry for, I don't know, nearly twenty years doing a bunch of different things. Security, you know, we always tend to, like, chase, like, the new shiny object, the the the latest sophisticated breach, you know, what have you. But I started to think about it like few like, maybe a couple of years ago now, and I started to look at some of the data.
Yaron Levi:And if we're looking at things, publications, for example, like DBIR or Mandiant or whatever, right? I mean, going to pick your favorite one. What you see and when you look like back ten, fifteen years, what you see that for the most part, these things don't change that much. Right? Take OS top 10 hasn't changed in like twenty years.
Yaron Levi:I mean, AI changed some places. I mean, whatever. But it's the same things all the time. Right? You look at like CW top 25, again, same things.
Yaron Levi:It doesn't change. So if you look like DPIR, if you look at a lot of those things, for the most part, what you will see that the way that most organization or most breaches happen, it's usually it's almost always the same things. Some kind of a misconfiguration, some kind of like compromised credentials, unpatched systems, and phishing. Right? And pretty much that's it.
Yaron Levi:I mean, not to say, I mean, there aren't some more nuances and then some more special things or whatnot. But 80% of the cases, it's relatively simple things. Yet at the same time, you have to ask yourself, okay, so why is that? Like why we have so many misconfigurations and unpatched systems and so on, right? Or compromised credentials and so on.
Yaron Levi:So that's where I got to this whole concept or idea of operational discipline, because I would argue that there are five things that we need to do. And, and again, this is not something I made up, this is not something like my wisdom. It's just like the industry standard, Inventory management, configuration and change management, patch management, access control, network segmentation. And my theory, my approach is that, look, if we do these five things well, for the most part, we're going to be okay. Again, it's not going to solve all the problems.
Yaron Levi:But I think 80% of the problems are going to be taken care of like if you just do these five things well. And and not doing those five things, that's what I call the lack of operational discipline. And I think that's where a lot of organizations kinda struggle with.
Ross Haleliuk:It's very interesting because I have the CISSP guide sitting on my bookshelf. And if you open the book that has been rewritten for a long time, it's basically the very same chapters that are relevant today that were relevant five or ten years ago. Yeah. And and it's fascinating because every security practitioner is studying the very same guidebook. Every security practitioner is going through the same exam, and every security practitioner is going through the importance of asset management, the importance of vulnerability management, the importance of of network security, and on and on and on.
Ross Haleliuk:And then we we we finish all of those exams, and we go into the wild, and we get excited about the new shiny objects.
Yaron Levi:Yeah. Absolutely. And it's funny because I was talking to somebody about it the other day, and I I mentioned five things. Right? And they're like, oh, so you are talking about like traditional IT service management.
Yaron Levi:Yeah. I mean, call it whatever you want, but essentially, that's what it is. I mean, that's not operational discipline. Like, you make sure that all you have and know how you manage it. And again, just have this rigor, that have discipline.
Yaron Levi:And it the the funny thing for me was that they refer to it as, the traditional IT service management, as in, like, something archaic, not relevant, not cool. I'm like, again, it's the same principles. It's the same concepts. How you implement, that's maybe different. You wanna implement now with AI, whatever, your agents.
Yaron Levi:Great. Go for it. But it's the same principles. So
Ross Haleliuk:So why are we still struggling? Yeah. I would assume it is not because people don't understand the importance of operational discipline. There have to be other reasons why twenty, thirty, forty years later, we are still talking about the same problems that were relevant back then.
Yaron Levi:That's a great question. I I think I think it has to do with maybe incentives, maybe focus, maybe prestige, fame, how you get promoted. I don't know. I mean, like so did you watch the movie Top Gun Top Gun Maverick?
Ross Haleliuk:Yes.
Yaron Levi:Great movie. I mean, I don't know how many times I watched Top Gun Maverick. Right? And and the main focus of that was this whole operation, I mean, they pulled and incredible odds and and just crazy. Right?
Yaron Levi:And how they did that and, I mean, and, like, the epic scene in the in the end. I mean, unbelievable. Right? And all the focus is on Maverick and the pilots, but mostly Maverick. Right?
Yaron Levi:But what you don't think about is all the thousands of in that in that setting. Right? All the thousands of people who operate the carrier and prepare the missions and the the cooks who prepare the meals for all the soldiers and the sailors on the ship and on and on and on and on. And Maverick couldn't have done anything. No matter how good of a pilot he is, if all these thousands of people were not there, I mean, just to support this entire operation and to enable this entire operation.
Yaron Levi:Now, you look at it, you compare, okay, an elite fighter pilot to a cook. Nobody is giving, like, battles to the cook. But the pilot couldn't do anything, I mean, if he wasn't eating well. Right? I mean, so I I think a lot of people, again, when when you're in the spotlight or or, like, where where the spot shines, they don't shine on the back office operation and all that discipline that's happening behind this thing that actually enable the whole machine.
Yaron Levi:When it shines, I mean, shines on like an old edge. So again, what what we want to deal with? We want deal with the new stuff. We wanna deal with the interesting stuff. We wanna deal with AI.
Yaron Levi:We wanna deal with, like, all, you know, these shiny things that are coming. And and nobody care about I don't say nobody care, but a lot of people get less excited about, you know, the back office stuff. But that's where a lot of the magic happens.
Ross Haleliuk:Well, I would argue probably this. One of the reasons why that is the case is because people have tried everything possible and impossible to solve those foundational problems. Right? Every security leader you talk to would have probably had, I don't know, 10 attempts to solve inventory management, and they may or may not have succeeded. Probably, haven't succeeded because they know that even in the environment where they've allocated hundreds and thousands of hours, they still don't know what they have at the level of fidelity they would like.
Ross Haleliuk:Every CISO out there and every head of IT has probably tried solving the problems of network complexity and gaining visibility into how things are configured. And they've tried. They've hired the people. They've they've had multiple projects. And, again, it they didn't achieve what they wanted to do.
Ross Haleliuk:And and this same is true when it comes to identity, when it comes to these other foundational areas. And I feel like a big part of the reason why the operational discipline is at the level at which it is today is because it's just hard to do well at scale.
Yaron Levi:Oh, yeah. I mean, a 100%. I mean, this is not easy. I'm not claiming, I mean, these are easy the easiest things to do. The question is more around how much do you focus and how much do you focus on doing those things.
Yaron Levi:Right? Because, again, for me, kind of goes back to the eightytwenty rule, right? Where do you put your focus? And what are the goals? What are the incentives?
Yaron Levi:What are you aligned on? So if you think about, take IT as an example, right, for the most part. What is IT's optimizing? In most cases, IT's optimizing for efficiency. Right?
Yaron Levi:Looking continuously for, hey, how work can we save? Where where can we cut? Where can we automate? And rightfully so. You look at security on the other hand.
Yaron Levi:What security is optimizing for? What security is focused on? Effectiveness. These are two different things. So I think that's also where that conversation comes to.
Yaron Levi:How do you align those incentives? How do you align those those focus areas? Because sometimes when you focus on the efficiency side of things, you sometimes tend to what's the word I'm looking for? Make some compromises in order to, again, be more efficient, cut more cost, what have you. When you look at effectiveness, it's a little bit different.
Yaron Levi:You look at the efficacy of the control, the efficacy of the tool, the efficacy of the process, right? And I'm not saying that the efficiency doesn't matter. It does, but it's not the first priority. So I think that's kind of part of that. Now, to your point, yes, I mean, it's a complex process.
Yaron Levi:I mean, it's not easy, I mean, to do those things at scale. And it requires work. It requires discipline. It requires people. It requires architecting, designing.
Yaron Levi:It takes time. And this is something that we constantly, constantly accelerate. Again, if you look at the last fifteen, years, even when we moved from things like, I don't know, waterfall to agile. Right? And now if I look at down waterfall, it's like, my god.
Yaron Levi:It's a bad word and don't do that and slow and whatever. Right? But we look at agile. And and what did we do agile? Well, we can go to the scrum.
Yaron Levi:I mean, can decide whatever we want and we can just decide and we do it. Right? We iterate. This is great. But does it really fit to what you are trying to do?
Yaron Levi:So for example, the Hoover Dam. Could you imagine building the Hoover Dam in an agile fashion iterating through building the Hoover Dam? Probably not. And it's in critical infrastructure component. Right?
Yaron Levi:So probably you need to have a little bit kind of more architecture, more design, more gates, more structure, more quote unquote bureaucracy if you will to build something like that. Right? Again, I'm I'm going between two extremes just for just to to illustrate the example. But I I think in many ways it's kind of the same it's kind of the same thing. Right?
Yaron Levi:I mean, you look at foundational infrastructure type of things, it may be harder. I'm not saying it's impossible. It may be harder to iterate through those unless you have a very good picture and strategy of how you're going to address it and where you're going. And and I think that's that's something that we often missing because of speed and because of, like, the amount of change and the rate of change, we tend to make compromises. And again, that's okay.
Yaron Levi:You're trying to enable the business. But when you compromise and compromise and compromise over time, it compounds. And then the question, what are doing with that?
Ross Haleliuk:So how does this concept of operational discipline look like in real world? Let's just talk about like, let's pick a segment of security. Let's just say identity and access management. How would you take this concept and apply to to identity and access?
Yaron Levi:Yeah. It's again, it's the same thing, right? I mean, so first and foremost, I mean, your identities are, where the identities are. Do you know what those are? Like, how they're being used?
Yaron Levi:How they're configured? What's the life cycle of that identity? How do you manage that life cycle? How it aligns back to your business processes? How it aligns back to your HR roles and disciplines?
Yaron Levi:I mean, things like that. How does it align to what you have to do from the job function perspective? And then it's not enough you're just setting up once. How do you manage that at scale? So for example, if you make a change, how do you make that change?
Yaron Levi:Do you log it somewhere? Do you audit it in some way? I mean, it's so it's good. It's the same inventory management, configuration management, change management. Right?
Yaron Levi:You find something. How do you quote unquote patch it? I mean, how you correct that? Right? So all of those things, again, it's it's kind of as part of the same rigor.
Yaron Levi:And we had very similar problem again with identity management, not just the inventory of of devices and boxes, but also identity management. Same thing. Cause there's a lot of them. We're moving very fast. We make trade offs as we move forward in supporting the business.
Yaron Levi:With these trade offs, it means that we are accumulating technical debt. And the question is, like any debt, at what point are you going back to address that debt? Because if you're only going to pay it, I mean, interest eventually is going to crash you. I think that's what we're seeing. Right?
Yaron Levi:So it's kind of the same in my mind, I mean, it's the same analogy. And again, I'm not saying it's easy. I'm not saying it's simple. But all I'm saying is it's something that we, number one, can't ignore. Number two, we have to dedicate it to have dedicated the the resources, the the discipline, you know, the focus to go and address those to address those things as well.
Ross Haleliuk:Yaron, I can't help but wonder, is this a tooling problem? And take asset management as an example. You mentioned inventory and and needing to understand what the company has. I think for a while, companies simply didn't have the tools to do it. And then Axonius came in and said, hey.
Ross Haleliuk:We actually solved this for you. And then Jupyter One came in and said, hey. We also solved this for you. Is this what you are talking about, or is it more than that?
Yaron Levi:I I think it's more. So also, definitely, I mean, the tooling is is important. But I I think like everything else, it's it's people and process and the technology. And obviously, I mean, technology changes, the process changes, the business changes, so we all we have to adapt all the time. But, yes, I I think part of it is is the tooling problem.
Yaron Levi:Because historically, if you look at a lot of the security tools that we have, most of them have the same approach, let's call it this way. That I will give you a list of bad things. I'll give you visibility to to, you know, to a list of bad things. Rows and rows and rows. Here's another bad things.
Yaron Levi:A lot more vulnerabilities, more alerts, small things, small things. Just rows and rows and rows. And like, then what? What do do with it? Right?
Yaron Levi:And and years and years and years ago in in a company far, far away, I had a COO that told me, look, last year I gave you money to buy a tool to tell us how bad we are. And now you're coming back to me and asking for more money to buy another tool that will tell us how much worse we are. We still need to fix that and all the things you found from last time. Right? And I was pissed.
Yaron Levi:I'm like, you know, he doesn't understand. It's a different part of the stat, whatever. Right? But then I thought about it. I'm like, he was actually right.
Yaron Levi:Because we we know we have gaps that we need to address. And if we're not addressing those gaps, and then we're getting more and more and more tools that tell us more and more and more gaps, and and what are we doing? Right? And I'm not saying that we should ignore those things, but do we have an approach? Do we have a strategy?
Yaron Levi:I mean, do we have the discipline to actually go and methodically just going go and address the things that we have? So yes, it's a tooling problem in one in one sense because a lot of the tools give us more and more bad things to look at, but not really good actionable advice to what to do with it. A lot of people say now, Adjentica AI is going to help us with that, I mean, so we can take some actions. So I'm hopeful, especially when it's trying to do that at scale. But, yes, I mean, that's that's the other part that is usually kind of missing.
Yaron Levi:It's that the other part that is missing is basically that, again, actionability. Right? And and maybe the automation to go and and and address those problems. But then there's again, it's the it's the people and the process. So you have to have the skills, and you also have to keep the discipline, the the rigor to actually go into that.
Ross Haleliuk:It is interesting because when you're talking about the discipline, when you're talking about the rigor, neither of those sound like necessarily security problems. Right? The security teams aren't the ones making changes. The security teams aren't the ones implementing the configuration updates. So is this like, is is this topic of operational discipline, is this a security problem, or is this an IT problem?
Yaron Levi:I would say as a whole, it's not a security problem. And because we were gonna before everybody jumps on me and say, oh my god. How can you say something like that? It's a security risk. And we definitely very much care about the security risk.
Yaron Levi:Right? But as a problem, when you refer to the problem, when you refer to something as a problem, you say, okay. Something or someone created that problem. And usually, these are the people who can actually go and do something about it because they're probably closer to you to have the most knowledge, know, and so on. So I would say at the end of the day, whether it's a security risk or security problem, right, it's it's the two sides to the same coin.
Yaron Levi:It's it's an IT problem probably or technology problem. And again, I I don't use the term IT as the IT department, just IT as a discipline in general. Right? It's definitely an IT problem. It's also a security risk because the two sides deal to the same coin.
Yaron Levi:Right? So I'll I'll give you an analogy. I I was having a similar conversation with one of my architects on my team this week. His name is Doug. And he kind of gave this analogy that he said, well, let's say you roll a car off the assembly lot.
Yaron Levi:And they didn't do something with two wheels. Something wasn't done right there. And then the car goes on the highway and like two wheels going to fall off. Is that a security problem or is that who were kind of manufactured like, you know, the car problem, right? And if you think about it, we talk about it in the context of vulnerability management.
Yaron Levi:If security would have scanned this car, they may basically would found these vulnerabilities that need to be addressed. But is that a security problem? But it is a security risk, right? Because I mean something can go bad. I mean the car can fly off the highway.
Yaron Levi:But on the flip side, if there was a quality process where, okay, we validate during the production line or during the production process that all the bolts on the wheel are properly tightened and so on and so forth, We didn't have to worry about the security problem. Now, we would still have what we would like to maintain the other side where we are validating and ensuring that the first process is going to work properly. So it's always it's the yin and yang. Mean, it's always going to work together. And I think we need to have both.
Yaron Levi:But the focus should not be, well, we'll do whatever you want and someone in security will fix it later. No. We have to build that discipline from the core, from the beginning, and we have to manage it through the entire through the entire process.
Ross Haleliuk:Yaron, let's shift a bit to network security, and let's double click on this on this specific area. What does network security look like from that operational discipline standpoint? Where are the majority of the companies that you've seen, the majority of the companies that you've, I guess, people at? What is their stage of maturity when it comes to network? What are they struggling with and why?
Yaron Levi:I think, again, it's the same thing. Right? It's it's complexity. It's scale. It's it's size, scale.
Yaron Levi:I mean, things like that. So every time you're trying to do something at that size and scale and and and velocity, it's not easy. And then the question is like how do you adjust to it? So network, same things. Historically, a lot of organizations still have flat networks.
Yaron Levi:We have over the years, because of how network evolved and technology has evolved and things like that, we added more and more controls and capabilities to the networks. We have a lot of devices, wireless gateways and firewalls and next generation firewalls, you know, and so on and so forth. Again, the complexity is growing, but all of those things have to be managed. Well, do you know the inventory of those things? Do you know the inventory of the configuration of those things?
Yaron Levi:All the different ACL rules and routing rule and so on and so forth, right? And how do you manage them? So somebody say, hey, I need an exception because I need to route this packet from this point to that point, I mean, for this experiment we're doing. Okay, great. You got the exception.
Yaron Levi:They're working. They did experiment. The experiment was over. Did they notify the experiment of all those over and you went and closed that or, you know, delete that route? Maybe, maybe not.
Yaron Levi:Right? So again, it's going back to the same technical debt that is accumulated over time, again, in ways to enable the business to run faster and so on. But do we also have the loop backwards to go back and address and close, hey, we no longer need that, or we may need to adjust it, or things have changed, and so on. So again, it's, again, going back to the same thing in my opinion of that operational discipline of inventory and change and control and how you patch and who has access to it. Same thing, same principles.
Ross Haleliuk:It's always interesting to talk about network security because there is a category of people that are struggling with some really, really, really serious challenges around network. And then there is the category of people that believe that networks are gone, and we are now living in this, like, cloud only, identity only world. Could you talk to me more about about that? Because I know I know you've had experiences at some of the largest enterprises out there, and you've you've been in the industry long enough to have seen how networks look like in the past, how they look like today. Is network security a solved problem?
Yaron Levi:That that's a great question. So I'm gonna date myself, but twenty five years ago, I worked for a company in the telecom space. And I was working, you know, with one of the largest telco. I wasn't working for the telco, but I we we had a project with one of the largest telco at that time. And I remember a conversation I had with one of their lead architects, And we were talking about all the advancements and data and so on and so forth and the network and how things evolve and change and whatnot.
Yaron Levi:And he said, yes. Everything is correct. And and all the advancements and the software and and everything we're gonna build on top of that. But the end of the by the end of the day, all of that software, all that, you know, knowledge, all that information, whatever, has to transfer will transfer on some cable from port a to port b. And now, it became obstructed, it became software based, it became whatever, but it's still, there's a cable somewhere when it goes from point a to point b.
Yaron Levi:Now largely, all of that is obstructed from the view of a lot of people. They don't even think about how it works or how it, what it does and so on. And they don't necessarily need to, but the network hasn't changed. I mean, it changed obviously, it evolved. It's doing way more cool things that it used to be in the past.
Yaron Levi:But even if we look at cloud and and we all say, oh, you know, cloud was born in, I don't know, 02/1967, whatever, right, or whatever AWS started. Well, actually, no. I mean, cloud existed in telecom on the network layer like way, way, way before that. And you think of, take the internet. The internet was created nineteen late sixties, right?
Yaron Levi:Harp on it. The model essentially was the initial was the original cloud. Full mesh networks, that's cloud. What is cloud? Cloud is a full mesh infrastructure.
Yaron Levi:Right? That can grow, can shrink. Right? It's the same principles of cloud. On demand, pay as you go, elasticity.
Yaron Levi:Right? I mean, things like that. All of that, if you think back to the telecom days, that's what you had. I mean, that's how the telecom networks were created on demand. Pay as you go.
Yaron Levi:You had elasticity. You had scalability. The concept's gonna came came from that. I mean, long, long time ago. Right?
Yaron Levi:Even back then, I mean, were cases where we were drawing like we but you draw like a network diagram. And we drew a a fully full mesh network or full mesh switch sometimes. How do you draw it? You draw it as a cloud. So that's where it started.
Yaron Levi:But these are again, the concepts are the same and you know, the same principles. The implementation is different, or the problem it solves is different. We like to name things, so sure, yeah, let's call it cloud. It's mixed mixed. But but again, the network is there.
Yaron Levi:And, you know, it may it evolved. It changed. It allows way more things that we didn't have before. We introduced wireless networks. Again, we had wireless networks in the past.
Yaron Levi:Slow and so on. But now we have Wi Fi. We have a lot of other things everywhere and everything is covered. So, yeah, network is there. It's the same packets.
Yaron Levi:It's the same packet who move from point a to point b. It's the same IPv4 that we all been told is going to run out in 2011, and here we are 2026. And we're still using IPv4. And I remember like this in 2001 that like, oh my god, we have to be ready for IPv6 because we're going to run out and what is going to come to a halt and so on. Okay.
Yaron Levi:We have IPv6 today, but largely we're still using IPv4. Right? I mean, so network hasn't changed very much. And we are routing the the the the traffic and packets from different points and different ways, you know, in different speed and so on and so forth. It's the same network.
Ross Haleliuk:Well, and yet, we like to say that the perimeter is gone. We like to say that because the perimeter is gone, now the only way to or the main way companies have to manage access is the identity layer, and then we can just forget about networks. Can we?
Yaron Levi:No. No. I I don't think we can. I I think, you know, when the networks were created and there were some things that we didn't think about. And, course, again, it's like everything else.
Yaron Levi:Right? I mean, you cannot foresee the entire future and things get a development change or whatnot. So, maybe if you had to develop TCP IP from scratch today, maybe you would have done it differently. Okay. But that's what largely we have today and sure we're making incremental improvement all the time.
Yaron Levi:But largely, again, it's the same. So we still have the challenges. We still have some flaws. We still have things that we have to address. Don't so I don't think that those problems are gone from a network perspective.
Yaron Levi:By no means, our networks are not. But the other thing I would say is, yes, a lot of people say, oh, the perimeter has gone. Let's dive into that a little bit. Okay? So what does it really mean?
Yaron Levi:Let's go back to cloud. Right? Because it's really a people's side talk about like perimeter is gone during cloud. Right? So before cloud or let's call before like 2006, what have you.
Yaron Levi:Right? Organizations were for the most part pretty authoritarian. In other word, from an IT perspective. In other words, whatever you need from a technology perspective, network, box, whatever, device, you know, whatever, somebody has to give it to you, and then diff and they define what you can get. Right?
Yaron Levi:And you don't have much choice. Like, okay. I mean, that's what you have and that's about it. Right? And and when you think about an authoritarian organization, what do they optimize?
Yaron Levi:They optimize for efficiency and they optimize for governance. Right? Because we need to control what we have or do we have energy and so on. When cloud came, it started to democratize part of that let's call it the part of the IT function. And I remember discussions from back in the day.
Yaron Levi:Oh, yeah. We there's no now with cloud, there's no need for IT people anymore, and that's all professionals are gonna be gone. And what are those IT people gonna do? And like, look where we are. And await more IT people and engineers than ever before.
Yaron Levi:And, you know, a lot of interesting and cool things were created that we couldn't even imagine back then. Right? Kinda reminds all the conversations we have today. Oh, I would take over everything, and there's no IT people anymore and whatever, but we'll see. But the democratization of of so we start to have kind of more democratized approach, you know, to IT.
Yaron Levi:Right? So now users didn't have to go necessarily to IT and ask for something. They could just swipe their credit card and get whatever service they want, infrastructure, software, know, etcetera. Well, those democratized organizations, what are they optimized for? Well, optimized for effectiveness and speed.
Yaron Levi:Now it doesn't say like one is better than the other. It just depends on your use case. So are you more authoritarian? Again, optimizing for effectiveness and governance. Or you're democratized, optimizing for efficiency, for effectiveness and speed.
Yaron Levi:So how does that go back to the network? Kind of the same thing, right? Because you had in the past a perimeter, I. E. You had a very defined network controlled centrally by somebody, the IT department for that perspective.
Yaron Levi:But the more we decided to democratize, we start to create more things, more networks, more different places, right? So the perimeter is not gone, it multiplied exponentially by a lot. A lot of organizations still today, I mean, have their network and the networks are managed and the networks have the edges firewalls. I mean Palo Alto is a very big company and for a reason. Right, so the network is not, or the perimeter is not gone.
Yaron Levi:We have a lot of perimeters. We have perimeters in other places. If anything, maybe the perimeter has shrunk to maybe smaller boxes, smaller services, what have you. You think about microservices and so on, right? I mean, so it depends on how you want to scale that or size that.
Yaron Levi:But multiplied exponentially. Going back again to inventory. How do you manage that in scale? How to manage that configuration? How to manage those changes?
Yaron Levi:Who has access to it? And that complexity created a lot of those challenges that we see. So organizations still have networks. Many of them still have flat networks. Micro segmentation is a great idea, not easy to implement, and a lot of companies are working hard doing to implement that and and sometimes even struggling.
Yaron Levi:But even we talk about micro segmentation, again, we're talking about smaller parameters or more parameters. So, no, it's not gone. It's still there.
Ross Haleliuk:How are companies securing their networks today? I know a lot has been tried. A lot has been tested. A lot of the approaches have have proven to work well at scale. Some of the approaches have proven to work less well at scale.
Ross Haleliuk:Obviously, there is firewalls. Obviously, there is SASE. There is all of the new cloud native networks network and network security constructs. How does it all look like at an enterprise scale?
Yaron Levi:Yeah. I think it's all of those things that you mentioned. And I think if historically, again, we'll go back twenty years or so. If historically, I mean, of the most of the protections or most of the management and defense was at layer two and layer three for the most part. We have seen now more and more things in upper layers.
Yaron Levi:Right? You know, layer seven protection, and and that's, for example, companies like Palo Alto, you know, and so on. Right? I mean, how they created the what they call next generation firewall is because we start to look at things and start to secure things at layer seven. And now you start looking at some other companies that, Okay, now we move to cloud and the workforce is way more mobile.
Yaron Levi:Because again, going back to the same perimeter, it used to be that all the employees or the users are sitting with the same perimeter every morning when they come to work and they go home and they are no longer in the perimeter. But then we gave them VPNs. So now we extended the perimeter to include them in their house, the coffee shop, what have you. Then we took away VPNs or now we enabled SASE or we enabled some other tools, solutions, web gateways, so on. And now we put the firewalls in the cloud.
Yaron Levi:So again, we expand and create more gateways or more parameters. So because of the variance of where we are, where we operate from, how do we operate, we had to extend all those capabilities. And again, that's where I'm thinking about the shrinking of the perimeter, right? So I shrink the perimeter maybe around my laptop, but that laptop can move everywhere around the world, including on airplanes now while flying, connecting through styling as an example, and great, great performance or whatnot. You have to carry those controls with you.
Yaron Levi:And for that, we had to add more and more capabilities to to manage those controls. So yes, more complex, more places, more perimeters, maybe smaller perimeters. We had to address small layers beyond two and three. We have to go up the stack. And that's what added a lot of the tools and the tooling and the complexity that we have to manage.
Ross Haleliuk:How do you see companies navigate that complexity, navigate that, manage it, do it at scale? How does the whole concept of a pro operational discipline come into play here?
Yaron Levi:No. Not well. I mean, so if we look at breaches and we continue to get breached, and I think we're always going to get breached one way or the other. But I think that goes back to what we talked about before, that the breaches for the most part, the type of incidents don't change much and they follow the same patterns. Because not only we, not only we struggle to solve those problems in the past, we're struggling even more now to do them at scale and speed given the complexity, given, you know, everything that that we have to do.
Yaron Levi:So I think this is something that we definitely need to dedicate more power, more brainpower, and more innovation, I mean, to think how to solve at the scale because the world is not slowing down. And not only that, I mean, especially now in the era of AI, agentic AI, we see what's happening with that. When you have somebody that released a tool like OpenClaw, for example, after like, I don't know, a few weeks of coding that, and that within like a week got like 200,000 plus stars on GitHub and everybody are adopting that. That's telling you like, you know, where we're going. It's an open source project, right?
Yaron Levi:And everybody wants to use that. So it will be really difficult then, again, we know that also from the cloud era, but it's just a natural progression. It's going to be difficult to manage that at scale and speed. At the same time, we have to do that. We have to secure that and manage that at scale and speed.
Yaron Levi:And the way to do that, in my opinion, is that operational discipline that we have to focus on. Now that operational discipline, we also have to scale, you know, at speed, you know, and so on. But that's that's, I think, how we I think how we need to think about it.
Ross Haleliuk:As we are moving towards the end of the episode, my last question is going to be about the future. Yaron, you have seen the evolution of the industry. You have seen the evolution of network security. As you've said, now there is a lot of excitement about the potential AI is is is creating for reinventing a lot of those complex, sometimes even forgotten spaces, forgotten problem areas, problems that were really unsolvable several years ago that have now become solvable or at least potentially solvable. What challenges and what opportunities do you see AI creating for network security?
Ross Haleliuk:I know that network security engineers, unlike most other types of security professionals, tend to be more skeptical about tech like AI and for a good reason. Because making a mistake doesn't just mean generating a false positive. It may mean shutting down the ability of people to do the work and and really impacting the the operations. So what what's coming, and what do we need to be prepared for?
Yaron Levi:Well, first of I'm flattered that you gave me the the opportunity to be a prophet. I don't know if I'm gonna be a good prophet, but what what did they say? Like, after the destruction of the second temple, prophecy was only given to fools. So I don't know if I'm gonna be a prophet or a fool, probably probably the latter one. But I I think if you if you look into the future, and and again, we think about a lot of those challenges and a lot of the complexity, really the question is like, do we deal with that again at speed and and at scale?
Yaron Levi:You know? And the challenge to do that is or or the way to do that most likely is to be able to process massive amount of data and do that within the right context. And this is something that, again, given how much data is generated, given the complexity, this is something that it's really difficult for us as humans to do in our brain, again, at scale and speed. So I think this is where AI potentially can help, help processing that data, help doing simulations, help doing a bunch of different things, and kind of reason how we can take some actions or help us take some actions based on that reasoning that AI potentially can do faster, but while considering a massive, massive amount of context that for us it's going to be difficult to do. So I think it will be really interesting and really cool to yes, we need to consume a lot of information, which we already have.
Yaron Levi:I think we're enriching a lot of those genetics not just with our information, but also information that is coming from other places. We can also take the learnings that we have from the history and the experiences that we have and feed that into the models as well. And with all of that, really leverage that to help us make decisions again and implement that operational discipline at scale and at speed. So maybe we're not going to hand the keys to the to the network and and let necessarily the tool to do everything automatically on day one. And maybe we're going to use it more as a adviser, if you will, or or something that will give you the the rules or or give you like the script of what to go and run what to go and do and still the human in the loop will have to supervise, will have to check and what have you.
Yaron Levi:But over time maybe you guys just gonna do more and more things One once you understand or when you have once you have the the process working well, then yes I mean you can decide how much you want to dial up the the automation. And again even with that things are not going to perfect, mean some things are going to go sideways, and like always, we'll do with them.
Ross Haleliuk:Fantastic. Thank you so much, Yaron.
Yaron Levi:You're very welcome.