On 28th September, 2023, I joined the Cybersecurity Market Analysis Conference organized by the European Union Agency for Cybersecurity (ENISA) in Heraklion, Crete, Greece. The objective of the conference was to promote a policy debate in the area of cybersecurity market analysis.
I had the pleasure to moderate a panel on the “Threat Landscape and Industry Response”. The panel comprised of four panelists that provided their insights on how the threat landscape and emerging technologies impact product security and development. Mikko Karikytö (Ericsson) , Siddhartha Rao (SAP ), Natalie Kilber (HARMAN International ), and Mark Woods (Splunk ).
See below the panelists’ bios and their presentations during the panel:
Natalie Kilber
Affiliation: Harman International – Senior Director, Product Security / Nabla Co – Founder & Owner
Short Bio: Natalie is a cybersecurity and emergent technology expert, leader and researcher – working with leading cybersecurity firms, government organizations and Fortune 500 companies. As an independent voice on emergent technology in cybersecurity, she established Nabla Co – A Natalie Kilber Advisory and currently resides as a senior researcher at the Institute of Software Engineering, University of Stuttgart. She recently joined Harman International as Senior Director, Product Security.
Siddartha Rao
Affiliation: SAP
Short Bio: Vice President in-charge of Product Security at SAP SE and an author of best selling books. Extensive experiences in leading complex security projects with CxO reporting at the highest levels. Advises business strategy decisions on conflicting geopolitical requirements and incidents with media exposure. Defines global policies on application security, DevSecOps and transparency. Defines the SAP Product Security strategy and drives company wide execution. Business Owner of the Information Security Management Systems (ISMS) ISO 27001 for development.
Author of “Sams Teach Yourself C++ In One Hour a Day,” Siddhartha’s books are sold in the USA, Canada and China; and have been translated in to French and Chinese. Siddhartha was awarded Most Valuable Professional by Microsoft for three consecutive years in recognition of his voluntary contribution to the software development communities, and has held the honorary position of a Moderator at Codeguru.com.
Mikko Karikytö
Affiliation: Ericsson
Short Bio: “Security is both my passion and my profession. I believe that “it should be personal, before it becomes professional”. If you don’t care passionately about your topic, then you shouldn’t work in that field. In a cyber security world, focused on break and protect, this is especially true.
As Chief Product Security Officer, I’m responsible for all security requirements, standards, strategy and architecture, relating to product development and management, and I’m accountable for overall product security and product privacy. I’m proud to be part of a growing community of 100+ security professionals within Ericsson who work together to protect the products and networks which play a vital role in our digital society.
Security is about combining the right technology with the right people, supported by strong leadership from the top. Throughout my career I’ve focused on building competent teams and fostering a culture that allows people to be their best and achieve their full potential. I’m proud of what we’ve created together, and how we’ve overcome challenges side by side. Leading a significant and successful security organisation isn’t simple. I’ve approached it by building a superb leadership team with complementary talents.“
Mark Woods
Affiliation: Splunk
Short Bio: Mark is a passionate technologist. Innovative technology (in all shapes and colors) has always been the backbone of Mark’s career, from mission-critical delivery to innovation acceleration, global portfolio optimization to fundraising and acquisition selection to business building.
At Splunk, he helps leadership teams and international policymakers understand the seismic impact that data-driven approaches can create and get the right mix of enabling technology, expertise, empowering guidance and practical governance to bring about positive change.
“Strategy is useless without a general decision-making framework, a framework is useless without resilient processes that adapt to changing priorities – leveraging data is the only way to close the loop.”
Finally, I would like to thank all the panelists for the awesome session, Louis Marinos for the invitation, and the ENISA team for the very nice organisation of this conference. Definitely see you next year :)
Tilting at windmills 