The Pressure and Potential of a Career in Cybersecurity

I started working at Palo Alto Networks almost exactly a year and a half ago. It was my first exposure to the industry, but certainly not my first experience with the result of a lack of prevention within it. At this point in our global world, most have experienced a brush against a cyberattack, if not the directly impacted by a breach. The reality is that this industry is a household conversation, and being a part, no matter how small, has been one of the most incredible experiences of my career.

This week at Ignite, Palo Alto Networks’ user conference, I heard from Nikesh, our CEO and chairman. This conference’s purpose is bringing together the brightest minds in cybersecurity to tackle tough challenges, and hit new trends head-on as we navigate the evolution of cybersecurity.

During Nikesh’s keynote speech at Ignite, he shared his one-year journey of learning the ins and outs of the industry and wanted to share where we were headed as an organization. And I wanted to bring you in - to show you the potential of this industry as it relates to our opportunities in our careers.

Nikesh started the speech by citing that we are living in the “biggest technological revolution of our time. That has been enabled by mobility, ubiquitous availability of data, the ubiquitous availability of bandwidth.”

The reality of the world we live in is that with incredible opportunities, we live simultaneously with an enormous amount of risk. These two things evolve together - bringing about a new level of connectivity, a new level of innovation - and an entirely new level of terrifying risk.

As part of this unique dichotomy of balance, Nikesh shared a few observations with us in his keynote.

His first observation was one of innovation.

“Our adversaries are constantly innovating. They can’t use the same attack as our systems evolve to address them. And as a result, on the cybersecurity side, we have to be even more innovative. That’s an asymmetrical challenge. They have to go off the lowest common denominator. We have to deliver innovation ubiquitously at the same time. It’s not good enough to be 95%. The challenge as an industry isn’t innovation, it’s how do we constantly deliver innovation with our customer at the same time with no delayed response.”

I’ve often heard the word “innovation” - in several capacities. But never before has innovation meant a precarious balance of the world around us as much as it does within cybersecurity. This security we feel in our daily lives is only enabled by the innovation created within the industry, and it’s a security we take for granted.  

“As innovation appears on the adversary side, innovation appears on the industry side, and we have to deploy as rapidly as possible. If we don’t aspire to do that, we won’t ever get there. We want to be that company that delivers innovation as quickly as possible to our customers. It’s hard to do -and we won’t do it ourselves, alone.”

But cybersecurity is changing - and rapidly. Every large company in the world is hosting information in the cloud, migrating to the cloud, or considering the cloud - and security is behind. The pressure to perform, to provide protection in a world that exists in the cloud is heavy on our minds, and to protect our digital lives, we must get there quickly.

“Almost good enough isn’t good enough. The perversity in our industry is that the more we work together, the more we give the blueprint to our adversary. The paradox is how do we create a system that works together that is both open enough to collaborate, but closed enough to protect our systems.”

And that’s where we’re headed - the undefined, unstructured, advanced and evolving cloud. Why? Because we don’t shy away from a challenge.

To combat this challenge, though, we need data and automation. It’s a hitchhiker’s guide conundrum: we know the answer is automation - but we aren’t positive of the question. We’ve touched the edge of what data is being collected around our behaviors, and more data is being fed in and out of systems.

"There’s so much data that is being collected about every instant, everything. Data is everywhere, it’s being collected all the time. As data gets collected, the way we need to address the problem within security is by addressing it within the zero trust model."

Processing this level of data requires a multitude of machine and brain power, read: automation.  

"You have to automate that noise of the alerts driven by the data away. You have to become more opinionated. Part of the challenge is our industry, ourselves, we’ve been less opinionated than we need to be. We have to automate the noise away so that the only things you're left with is no false positives."

The data being collected around us indicates our way of life in the digital age. It’s as versatile, evolutionary, and unique as each individual person. It’s why I love (and am slightly intimidated by) this industry. The ability to make an impact followed on the heels of the sheer impact you make (or miss). (see “We don’t shy away from a challenge statement above).

"Cybersecurity is nondiscriminatory. People attack whoever, whenever, wherever. We have to be an industry that works together. That has to be represented across the room. And inclusion comes in many ways. I’ve personally made a commitment to our management team. I’m committed that we will be the most inclusive company in cybersecurity."

One and a half years ago, I understood the value of hard work - but I wanted to find an industry of global impact, potential. The organization is full of individuals working towards one mission, one vision. It’s an uphill battle that requires a different level of commitment, but it’s one each and every one of us would give twice over every day - because at our foundation, we have the opportunity and the honor to change the world.