Transcript
who's been leading the charge to build for resilience as an inevitability of the evolving AI-powered threat landscape. Bipul, thank you so much for making the time today. I'm excited to have this conversation with you. Kal, very excited to be here. Thank you. Now, I know you've characterized the idea of a cybersecurity threat in today's world as inevitable. It's no longer if you'll get breached. Actually, assume you'll be breached. Can you talk to me a little bit about what it means to be operating in a zero-trust environment right now? Cybersecurity has been prevention and detection. And we came and said five years ago that however much you try to prevent and detect, you can't prevent the unpreventable. You need to have cyber resilience as your core strategy. But having a cyber resilience itself is not enough when you have AI-based attack. In today's world, the distance between intrusion and breach is almost zero seconds. And in this environment of zero second and no ability to actually detect anything, cyber resilience becomes the number one issue, specifically cyber resilience that allows you to recover at machine speed. Absolutely. Well, the threat is twofold. You have the adoption of AI accelerating the enterprise. So it's an explosion of opportunities for threat actors to take advantage of. And then you also have these threat actors using AI-based tools. Can you unpack some of the threats that the industry is facing today? As you said, Cal, there are two aspects to cyber attack, AI-based attack and agentic systems that we are deploying for productivity. In terms of the AI-based attacks, it is impossible to detect anything, as I said before, because all the toxic combination of vulnerabilities that these attackers are finding, all you can do is to patch and recover very, very quickly. But in terms of the agentic deployment, agents are new things because if agent hallucinate, you will have bad business outcome. And if agents get compromised by, say, a cyber actor in North Korea, you have a massive insider attack. So AI is both 100x more opportunities and 100x more risk. Well, and then once the AI system is compromised, it can operate at 1,000 times the speed of a human actor that's doing the same on the inside. 100%. That's why I say the cybersecurity industry, as we knew it, is gone, is dead, because it was built for human attackers and human operators. Now you have AI attacker and agentic operators. And I know you've written a lot about this recently, but what does it mean today to then be a cybersecurity team if we have to use automated tools, if we can't play this game without using automated detection? What is the role of cybersecurity teams? Number one cybersecurity strategy is cyber resilience, but it is not your cyber resilience that takes two, three weeks to recover, because if you take two, three weeks to recover, then you can't cope up with machine speed attacks. By the time you recover, somebody else is already in. You could have hundreds more attack. So for machine speed attack, you need to have machine speed cyber resilience. Got it. How do you deliver machine speed cyber resilience? By preemption. Doing the work in the peacetime to be able to deliver machine speed recovery after an attack. Got it. So the role of the humans essentially evolves into the architect of resilience and preemptive recovery. A hundred percent. Humans' job is to do judgment. Judgment around how to deliver machine speed recovery, how to design an architect, a platform that is ready for machine speed attacks. Now you get to interact with some incredible people and I saw that you were at Davos this year. Can you give us a behind the scenes? What are some of the top public company board members, directors, and executives asking their teams today about their capacity for resilience? Number one business risk in the world today is cybersecurity. But what we are also seeing is because of AI, there is a singularity in AI and cyber attacks. So everyone is thinking about how do they bounce back after a cyber attack? How do they keep their businesses up and running in this new digital threat landscape environment? You have cyber warfare, you have geopolitics, you have attacks on digital infrastructure, you have issues around data center being attacked physically in the case of a kinetic war. So we are living in a very dangerous world and AI has just made this world even more dangerous. Well, you've built rubric around counter consensus ideas. You saw this moment coming and that the only way forward was resilience. And so we have forward coming up in just a few weeks and we're coming back in person for the first time in a few years. What are some of the counter consensus ideas you're really excited to share with the world? Number one is agentic cyber resilience. How do you operate in a world where attacks are AI driven and operators are agents? And how do you keep your business up and running? How do you, how does hospitals keep their patient service up and running? Banks can continue to operate even when they have machine speed, AI speed cyber attack. That's the new era of agentic cyber resilience and I'm very excited to be discussing that. I love it. Well, Bipul, this has been an incredible conversation. Thank you so much for sharing some of these insights with our audience. Kal, so glad to talk to you. Thank you.
