In this episode, Theresa Lanowitz from LevelBlue shares key insights from their 2024 Futures Report, exploring the critical balance between innovation, cybersecurity, and business resilience across seven industries. From the importance of cross-functional collaboration to adopting "secure by design" practices, this conversation offers actionable strategies for navigating today’s interconnected digital and operational challenges.
In this Brand Story episode, Theresa Lanowitz, recently joined Sean Martin to share valuable insights drawn from LevelBlue's comprehensive 2024 Futures Report, a global study involving over 1,050 executives from C-suite levels across industries. The report offers a unique lens into the critical alignment between innovation, cybersecurity, and resilience. By examining seven key industry verticals—healthcare, retail, finance, manufacturing, transportation, energy, and state/local/higher education—LevelBlue highlights actionable strategies for building a resilient business ecosystem.
Cyber Resilience: Beyond Technology
Lanowitz emphasizes that cyber resilience extends far beyond IT and cybersecurity; it represents the organization’s ability to withstand and recover from disruptions affecting its entire digital and operational footprint. For instance, industries like manufacturing illustrate how sensors and IoT devices on production lines are now vital to efficiency. A single cyber event disrupting these systems could halt production, leading to cascading impacts. Lanowitz underscores the importance of cross-functional collaboration—between cybersecurity, application development, and operations teams—to ensure systems are brought back online effectively and seamlessly.
Innovation vs. Security: A Delicate Balance
One of the most striking findings from the report is that 73% of organizations prioritize innovation over mitigating risk, and 85% are willing to accept security risks in the pursuit of innovation. This trend spans industries, with examples ranging from healthcare’s increased use of robotics in surgeries to transportation companies leveraging AI for optimizing fleet routes. Yet, Lanowitz points out a concerning disconnect: cybersecurity teams are often brought into projects late, treated as an afterthought rather than an integral part of the innovation process. This fragmented approach weakens resilience, leaving organizations vulnerable to threats.
The Case for Secure by Design
Lanowitz stresses the importance of adopting a “secure by design” approach, where security is integrated from the start. Treating security as a core architectural requirement prevents costly redesigns later and supports operational and performance goals. She draws a parallel between neglecting security during development and building a house without planning for heating or cooling systems—essential but often deprioritized elements.
Trusted Advisors and Cybersecurity as a Service
Lanowitz also highlights the growing reliance on cybersecurity-as-a-service (CSaaS) and trusted advisors to bridge gaps in skills and resources. From setting up Security Operations Centers (SOCs) to conducting tabletop exercises and securing IoT networks, organizations increasingly turn to external partners like LevelBlue to fast-track initiatives. By leveraging these advisors, businesses gain industry-specific expertise, enabling tailored and scalable solutions that align security with innovation.
Looking Ahead to 2025
As LevelBlue prepares for its 2025 research, Lanowitz notes an increased focus on software supply chain security and the convergence of IT and operational technology (OT). These areas, coupled with a deeper exploration of how cybersecurity and business functions must align, will shape the next wave of insights into resilience and innovation.
Theresa Lanowitz’s expertise and LevelBlue’s research underscore that building resilience requires more than just technical fixes—it demands an integrated approach where innovation, security, and business goals coexist seamlessly.
Learn more about LevelBlue: https://itspm.ag/levelblue266f6c
Note: This story contains promotional content. Learn more.
Guest: Theresa Lanowitz, Chief Evangelist of AT&T Cybersecurity / LevelBlue [@LevelBlueCyber]
On LinkedIn | https://www.linkedin.com/in/theresalanowitz/
Resources
To learn more, download the complete findings of the 2024 LevelBlue Futures Report: Cyber Resilience in Retail here:
Learn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblue
Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs
Newsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/
Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-up
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
Sean Martin: [00:00:00] And here we are. Thank you everybody for joining me for a new brand story here on ITSP Magazine. This is Sean Martin and I'm joined by the one and only Teresa Lenovitz. Thank you Teresa for being on again.
Theresa Lanowitz: Hi Sean. Thanks so much. It's great to be here with you.
Sean Martin: Always a pleasure chatting with you about all kinds of things.
Cyber, cyber security included.
Theresa Lanowitz: Definitely.
Sean Martin: Yes. And, uh, I love that we get to meet up in person at, at, uh, some events as well. Um, but you've had a busy year, you and the level blue team, uh, putting together some reports. It's called the futures report. And there's, there's one report. That's an aggregate of seven.
Uh, verticals and we've had some conversations about the about that report in the past. Um, they've all culminated at the end of 2024. And, uh, so we're going to kind of get a view back on all the stuff that you saw and found [00:01:00] and and also heard as you, uh, as you connect with some of the customers at level blue.
So. I'm excited for this chat. And, uh, what do you think?
Theresa Lanowitz: Definitely. And indeed, we did have a busy, busy year at Level Blue. And if you look at that futures report, we launched that core futures report in May of 2024 was the first day of RSA. We launched it at the RSA event. You and I actually got to meet up at RSA and have a nice chat, but we launched that futures report at RSA and that futures report, what we did with it was we went out, we surveyed 1, 050 people across the world, and we were looking for C suite executives, C suite minus one, C suite minus two, so those decision makers inside of organizations.
And what we found out was that. There's a lot of disconnect inside of organizations into in terms of how the C suite works together in terms of how silos are built up inside of organizations. [00:02:00] But what we also did was when we went out and did that survey, we looked at seven different vertical industries, healthcare, retail, finance, transportation, energy and utilities.
Healthcare and US led, state, local, and higher education. And then what we did over the course of the year, every couple of months, was we released an individual report. So we did a report on healthcare and cyber resilience, manufacturing and cyber resilience. So it was just great to be able to take all of that Data that we had and then break it down by those specific industries and find something that was really, again, vendor neutral, forward looking and actionable for each of those seven industry verticals that we, that we spoke about.
So we did have a busy, busy year.
Sean Martin: Absolutely. And, uh, I guess where I want to maybe start, cause we, we use the term cyber resilience and I [00:03:00] think we've had the conversation in the past that it's not. Just cyber that organizations are looking at. Yes, we'll talk about some of the disconnects. They're still in terms of how security is maybe not as integrated into the business as we'd like.
But I think from the C suite perspective, we've talked about resilience being a broader. Business resilience that is, of course, driven by tech resilience, which, of course, is driven by cyber risk and all that. But can you maybe kind of highlight some of that that big picture for us here? And I don't know if you want to pull on some strings from different verticals here.
Maybe if there's some differences, but kind of the big picture of the cyber resilience,
Theresa Lanowitz: certainly. And when you say cyber resilience, Yeah. It is looking at how that entire I. T. estate comes together when when that entire I. T. estate has some type of problem, whether it be a cyber security attack [00:04:00] or a man made event that takes down our entire I.
T. estate or some type of natural disaster that takes down that I. T. estate. How does that? Organization that and that organization supply chain, how do they come together to make sure that everything is brought back online? And additionally, how do they cope when that I. T. estate might be offline? And if you look at our overall I.
T. estate, you know, it is Well documented over and over and over that the perimeter is dissolved, that we are going beyond the four walls of our organization for computing. So we're looking at things such as edge computing, bringing in Internet of Things devices. If you look at areas such as manufacturing, manufacturing is a great example of where cyber resilience really comes into play.
Manufacturing floors are controlled by a series of cameras and sensors now. And what if something happens on the production line? [00:05:00] Those cameras and sensors are saying, Hey, there's something going on here. We're out of variance on a part size or something to that effect. That entire production line can stop.
Or what if you have some type of cyber event that comes into, let's say, your financial services, and you have some type of cyber event that comes in, and let's say there is an attack on your network, and the adversary is somehow able to breach that network. How does that entire organization the application development team, the networking team, the operations team, the security team.
How do they all come together to remediate what's going on and bring the business back online? And that's where this idea of cyber resilience comes in. And that's why it's so powerful that we have to make sure that we're dealing with, with being a resilient organization. And if you peel back the layers just a little bit, In the case of, let's say, somebody, uh, an adversary breaching a network, the cybersecurity [00:06:00] team is not the group that's going to go and fix that network.
It takes a whole host of organizations, a whole host of people belonging to that organization to come in and actually remediate that. But those teams have to work together. They have to understand. How to work together, they have to communicate effectively and that's where we came. That's some of the other interesting bits of data that we that we found was that cyber security teams often work alone.
They're really not thought of at the beginning of a project. They're typically an afterthought. Oftentimes, the budget is separate for cybersecurity from the rest of the project. And if we have cybersecurity teams that are an afterthought, not integrated with the business, that's where we get into some problems because you have to look at things holistically.
Sean Martin: Yeah. And I can only, I mean, even just to quote unquote, typical business, um, The cyber security [00:07:00] team is expected to know the threats and the threat landscape and the threat actors and where the vulnerabilities are in the organization. Um, and some of that starts to bleed into. Well, what are the systems?
What are the tech? What's the tech stack that supports it? Where's the data that makes it run? Um, how are they connected? What are the features of the systems that we're using that might be vulnerable to, to compromise? They're not the experts in those systems. They're the experts in the threat and the vulnerabilities of the systems and where they might be compromised.
Keeping so you have two teams kind of keeping up with these fast moving things and I want to talk about the business side of it and the opposite of it were just like the threat actors are pushing the vulnerability piece that cybersecurity on top of the market and the business is pushing the limits and the edge on what they can do.
Right. So finding [00:08:00] new technology, AI was a big thing last year. So can you talk about, and I think one of the things you uncovered in this and these reports is the idea that innovation is still a big driver for the business and security is kind of lagging behind that. So if you need to talk through maybe some examples of where innovation is really pushing the limits and how that impacts cyber.
Theresa Lanowitz: Innovation is key. And let me give you two interesting stats that we pulled from our research. What organizations told us across the board. Remember, this is a global survey. 1050 survey participants. What we found is that 73 percent of organizations say that innovation. Beats out risk, beats out security.
Anytime they want to innovate more than they want to be worried about security. And what we also found out is that 85 percent of organizations said, you know what, we're willing to take on this risk because innovation is so much more important than what we're [00:09:00] doing. And you look at innovation. So in Each of the seven vertical markets, each of the seven industries that we covered, there are innovative activities going on.
If you look at things such as healthcare, we see so much use of robotics, for example. So robots to be able to come in and disinfect. either exam rooms or patient rooms after a patient has been discharged from the hospital. So you're using robotics maybe to, to go in and change the bedding, wipe down the exam table, that sort of thing.
They're also in, in healthcare using a lot of robotics, a lot of robotics to help with surgery and so on. So healthcare, there's a lot of innovation going on in healthcare. You look at manufacturing again, as an example, the manufacturing floor is no longer all manual labor. It's definitely controlled by robots, a series of cameras and sensors with upper limits on what could actually be [00:10:00] acceptable in manufacturing.
Manufacturing is also using a lot of robots on the factory floor to be able to move parts around. And you look at things such as transportation. Transportation says just the ability to do fleet tracking effectively really helps us. Some of the other things transportation is looking at doing is they're saying, you know, we want to find the most effective route to get from point A to point B once we get to a city to deliver whatever it is we may have in our, in our truck.
And you may not be able to go on some of the smaller streets that a car may be able to go on. So. How can my truck, knowing the dimensions of it, get through these city streets, maybe at rush hour during a gridlock time more effectively. So there's a lot and lot of innovation going on out there. And we can see that it is definitely beyond our traditional way of thinking of.
laptops, desktops, phones, and tablets. We've moved on [00:11:00] to robots, cameras, sensors, a lot of IOT types of devices. And these all need to now be included in that attack surface as well, because the adversary is looking at this and they see, Oh, these things are attacking. Attached to the network, connected to the network.
Is this something that I can potentially attack? So from a security perspective, we have to make sure we're taking care of that to mitigate risk and manage risk as well. But from the innovation perspective, oftentimes those teams that are on the innovating side, mostly those. Reporting into the CTO, for example, into the chief technical officer may not necessarily be communicating with the chief information security officer.
So those two teams are going about things maybe just in a little bit different way of thinking. So having those teams come together, having the CTO team say to the CISOs team. Hey, here's what we're thinking of doing and the CSOs team say, okay, here's what we have to be able to worry about. Here's what we have to make sure [00:12:00] that we're protecting from a connection perspective.
Here's what we have to make sure that we're able to build and you know, bringing in the application development team as well. So it becomes a completely synergistic way of working together. And that's really where we need to get to rather than saying security, you're off on your own and we'll bring you in when you're called.
Sean Martin: Yeah, you mentioned that. Application development, which is perhaps even another segment that I was speaking with some seasons the other day, and they often feel that they can see into that world and see some of the challenges, but have even less, less of an impact and even less control over what happens there versus a traditional network.
And the other thing I want to touch on is. Maybe this, the idea of IT versus OT, um, different technologies, different communications, different protocols, different types of data, different speeds of things moving, uh, compared to, uh, to an IT network, [00:13:00] let's say, and, and systems and applications running there.
Did you have any, do you find anything interesting from that perspective of, are those still separate? Do you see some convergence there? Um, how does the application layer fit in on one or the other? I don't know any, any interesting things to call out there. Maybe even from the field, talking to customers.
Theresa Lanowitz: That's a lot, right? That is a lot to take in. If you look at ITOT, a couple of years ago, organizations were saying these are separate. We don't want one to have anything to do with the other. And we're starting to see a lot more convergence, especially when you look in the manufacturing area. We're starting to see a lot more convergence there, and there are benefits to that convergence.
And I think that both sides, the traditional IT side, as well as the OT side, the operational technology side, those two teams have a lot that they can actually learn from one another and work together collaboratively and figure things out. So we're starting to see some convergence there. And then you brought up the application development side.
And as you [00:14:00] said, that's a whole different. story because as you, as you mentioned, the CISO has visibility into what's going on in the application development side and application development teams. There are still a lot of cross site scripting, SQL injection defects that are going out into production and just being able to make sure that you're managing and testing for cross site scripting and SQL injection, two really big things that are not necessarily malicious, but we see in source code all of the time.
Is a big issue. And one of the things I'll tease this out a little bit. One of the things that we're going to be looking at extensively in 2025 and our research in 2025 is what the supply chain looks like. So think about what that software supply chain looks like. Not the physical supply chain, but the software supply chain.
Where are you getting your source code? Are you getting it from an open source repository? Are you writing it yourself? Do you have somebody maybe in your [00:15:00] supply chain writing it and you're now integrating it into your overall application that's running your, your system? So looking at where that software supply chain is, what's going on with that software supply chain with the different components and different pieces of it, that's something that we'll be delving into quite a bit in 2025.
Sean Martin: I can't wait to talk about that one. It's a topic that I've explored quite a bit and, uh, looked at it from the application, from the system. There's CMMC and all that. So there's lots of fun things to, uh, to dig into there. So I'm excited to have a chat with you on that. As you start to uncover, uh, what, what folks have to say from the business perspective.
Theresa Lanowitz: Absolutely. That's interesting. And you look at what happened. You know, you're always able to make some predictions about the following year, based upon what you see happening in the current year. So in 2024, we saw a lot of attacks on the software supply chain. And from a research perspective, that got me [00:16:00] interested in saying, Hey, let's go out and we're all out doing our global survey.
Let's find out what people are really thinking about that software supply chain.
Sean Martin: Um, like I said, I'm excited to, uh, say again, I'm sure the different verticals have a different view. Because not, not everybody builds software. A lot of them take software, but the configurability, or buy it off, off the market, but the configurability and the extendability, extensibility, uh, makes for an interesting, interesting one.
Of course, all the, all the vendors that provide software are using third party and open source and all that fun stuff too. Um, So anywhere is so many places to go here. I want I want to talk a bit since we're talking a little bit of application, but it clearly crosses all of all the stuff we've talked about to the to this point.
But the idea of being secure by design, um, not a new concept, but by any stretch of the [00:17:00] imagination, um, what are some of the findings that you got in the futures report? And maybe and again, maybe some of Some examples from from working with customers over the last year.
Theresa Lanowitz: Secure by design is critical. And that's one of our recommendations for organizations to be more on the road to being more resilient.
Be secure by design, along with understanding what your cyber barriers, what your cyber resilience barriers are, and also making sure that you're bringing in this trusted third party ecosystem to help you. But being secure by design is critical. And If you think about the systems that you're building, you want to make sure that security is included initially from the beginning that security is not an afterthought, because from an architectural perspective, if you say, I'm going to go ahead and do everything I need to do, because security is.
And let's just face it, security is difficult. [00:18:00] If you say, well, I'm going to do the easy things first and then bring in security, the hard thing at the end, you've already architected for something without security. So you have to go back and modify that architecture. It's like saying, I'm going to build a house and I'm going to wait until the end to put in the heating or cooling system because it's hard to do.
You want to make sure that you're doing that. Right at the beginning that you're designing it to make sure that you have security in it. And if you think about what security is from an application, we were talking a little bit about application development from a software perspective, security, along with performance.
There are non functional requirements, meaning you don't necessarily have to have them to operate, but if you don't have them, you're going to end up with a lot of problems. So, software has to do three things. It has to work functionally. It has to be fast enough. performance and it has to be secure enough that people are going [00:19:00] to want to use it.
So if you're able to take care of those non functional requirements and performance comes along with security That's critical. So being secured by design is something saying make sure that your architecture is correct from the beginning make sure you're building security and from the beginning because it's It's far too difficult, far too expensive to go back and re architect for security at the end.
Sean Martin: So I want to go back to the, the innovation wins out over, over security. And you made the comment that Organizations are accepting the risk. So pushing the limits on innovation and expect accepting the risk for for the vulnerabilities. Do they, I don't know if the research surfaced this or if you have any conversations that kind of point to this, but do they know?
The risk that they're accepting. [00:20:00] Um, because because
Theresa Lanowitz: that is that is the question, right? That's really really interesting because they're saying we want to innovate because the business is saying we want better business outcomes We want to be able to so for example Energy and utilities they're saying we want to be able to harness energy better.
We want to get More gallons per minute in terms of oil that we're pumping out of the ground. Healthcare organizations are saying we want to be able to deliver better health outcomes to our patients. Financial services institutions are saying, we want people to be able to. bank, when, how, and where they want.
And they're not, that caveat isn't, we want them to be able to do this business function, but oh, by the way, we want to make sure that all these different, you know, security controls are put in place. That kind of goes without saying that you want it to be secure. Nobody's saying, Oh, we want to [00:21:00] deliver better patient outcomes, but we're not too concerned about the security of the patient records or the security of the network of the hospital that goes without saying so.
Security has to be built into what you're doing. So that idea of innovation is coming from the line of business by saying, here's what we want to be able to do to build these better outcomes for whoever our customer is and working in conjunction with the seat, with the organization of the CTO and the chief technology officer to say, Hey, here's how we can do it.
Doing ideation to say we can do this possibly through A new piece of software, a new software application, or doing this through maybe, um, a new type of Internet of Things type of connection. When you're having those ideation sessions, it's important for the security team to be there. The security team, and this is one of the things that the security team needs to do as well, the [00:22:00] security team can't say, Oh yeah, it would be great if you said you want to be able to build out banking systems so people can bank when, where, how they want, on any platform they want, any time zone they want.
The security team can't say you can't do that because the security team needs to be able to say great idea and here's how we can help. So the onus comes back to the security team as well. And the other teams, the CTO teams. Saying, hey, we need to bring in the security teams to make sure during this ideation phase that they're on board.
There's that bit of collaboration, but the other collaboration has to be the security team saying, yes, we want to be the enabler of this. We don't, because oftentimes the security team is seen as the department of no rather than the department of yes.
Sean Martin: And I'm wondering if you have any. Any engagements or experience with customers or with [00:23:00] some of your peers, perhaps even where security is perhaps able to lead some of the innovation.
So not just be part of it and not just be integrated and not just be there to say, if you do this. Here's what we have to do in response, but I suspect that security teams have data and experience with different technologies. And I'm thinking of, uh, just like something big, like, or we want to achieve X.
Therefore, we're going to move from on prem to the cloud, or we need to get Y. Therefore, we need to move from desktop to mobile ages old examples here. But, um, or we need to respond more quickly with Yeah. Do our customers. Therefore, we're going to move from distributed, disconnected data sources to combined connected AI enabled data lakes or whatever.[00:24:00]
So, I'm wondering, I guess my question really is, do you see security having an opportunity and have you, have you seen this at all where they can say. If we don't just try to transform our internal systems the way they have 'em, but if we move to a new platform or new move to a new technology, or if we new move to a new network style or makeup, we can actually achieve that.
What you're looking for plus more perhaps, I don't know, bring up anything like that.
Theresa Lanowitz: Yeah, you bring up such an excellent point. Security teams have a lot of data and I think that is an understatement, but here's the interesting thing. That we uncovered in our research. 69 percent of organizations say we're not using that data effectively.
So there's an opportunity there for security teams. And I think some of the other things you bring up start to bleed over into this [00:25:00] idea of the broader artificial intelligence. So machine learning predictive. So if you're a security team and you're sitting there, security teams are using machine learning to great to great outcomes today.
If you look at, for example, our level blue team, our level blue threat intelligence labs team, they have millions of indicators of compromise on a daily basis. There is absolutely no way that a human being could take all those indicators of compromise, look at them and enrich them and start to see patterns emerge from it.
So, Organization security threat intelligence teams have been mostly using machine learning for a long, long time. And we've been using it for the past decade at least. So there's that machine learning aspect, but then you start to start to take a look at, as you get more data, when are you going to get to that ability for prediction to be able to say, Hmm, I see all of this data coming in?
And I'm predicting that this [00:26:00] Elevator in my building is going to have a problem in a smart building, for example, or you look at it and you say, I'm going in a car. I know that this bit of the car, this piece of the car is going to need service long before it actually wears out and starts to present symptoms to the driver.
So, being able to be proactive and send that communication to the driver that, Hey, you need to go into your nearest dealership to have this taken care of. It's not urgent now, but we know it's going to become a problem within X number of days. So there's a lot of ways to be able to harness that data that security teams are collecting and be able to use it.
But I would also say that in addition to the data, the immense amount of data that security teams has, there are other ways that the security team can be impactful. And that is By making sure that they are aligned with the line of business and being able to tell the line of business, [00:27:00] what needs to, that came out a little bit wrong, not tell the line of business what they need, but align with the line of business over what those business needs are.
And I'll give you an example of a client. Uh, they knew this small company, they knew that they needed to have 24, 7, 365 coverage on what was going on. They were a small team. They were getting their sim logs every single day, taking a look at them. But, you know, at five o'clock when they went home for the day.
Everything was left uncovered and what happened was they did have a network breach and the adversary was in there for quite some time, took a look around, saw the way the activity was being managed on the network Monday through Friday. They're there from 9 to 5 weekends. They're not so the adversary was able to kind of go in there, take a look at what might be interesting.
And then when there was a 3 day holiday weekend where they knew that it'd be logging off on Friday at [00:28:00] 5. Mhm. And they wouldn't be back until Tuesday at nine, they were then able to say, all right, this is the perfect time to execute ransomware against this company. And so sure enough, they came back in and they were the target of ransomware.
And in the Months leading up to this, they had been saying, you know, we need more protection. We need to have around the clock protection. And the line of business was ignoring it thing. You're doing a really great job. You know, two people, nine to five Monday through Friday. And they were, they knew that they needed.
better protection, more protection. So that's an example of how the security team and the line of business can be aligned. And it was at that moment when they became the targets of ransomware, that the line of business suddenly said, you know what, security is no longer a technical issue. Because you have been doing an excellent job on this.
It's a business issue that we should have been aware of. And, you know, you were right. So the, the moral of that story is that the line of [00:29:00] business was able to take a look at what the security team had been saying and say, yeah, we need to do better here.
Sean Martin: I wanted to maybe start talking about having, uh, having a set of trusted advisors, um, by your side, um, and I'm going to date myself here, but I'm going to, I'm going to go back to Y2K because I love this example that I experienced firsthand.
Theresa Lanowitz: It's been 25 years since Y2K.
Sean Martin: Can you believe that? That is what's going on. That's pretty wild, actually, but the situation for those that may not know or remember, um, was systems were likely to not function come the 1st of 1st of the year, 1st minute of the year and in the year 2000. So organizations are scrambling trying to figure out which systems might fail and it would be easy to have a list of.
Systems and [00:30:00] applications to decide which ones need updating, replacing the example. I want to bring is that to the point of there's so much other data when we were working on this, there was information about hard drive size. And as the hard drive failed, how much memory did the machine have? Did it go on online and offline a lot?
Did it have networking card issues? So there's all this other data that we were able to pull together. To make a much better decision on which systems, when and why, how did they map back to the business? Did they, were they early in the four year, uh, what was it? CapEx, CapEx, CapEx, right? CapEx, CapExchange.
Where, where did they fit into the replacement cycle? All that information was used to make a better decision for the business, not just the tactical decision based on IT. Um, this is the insecurity. So I guess my. My point is, we worked [00:31:00] with organizations to kind of help bring that bigger view of what's going on here, and how can we make the most of where we're heading to, not just get out of the situation, not just protect ourselves, not just do whatever we need to for the moment, but is there a way to do that?
Change for the better long term, and I think that's where advisors like, like you and your team at level blue really come in, um, to say, what are you trying to accomplish? You want to lead with innovation, you know, it has the unspoken. It has to be safe and secure and reliable and resilient, you know, That you need to be ready for something that comes and respond to that.
Let us help you figure that big picture out. So talk to me about, is there anything in the report that says they're willing and ready to, to have those conversations? And then again, something. Some examples from working with customers that [00:32:00] say they're appreciative. Absolutely.
Theresa Lanowitz: The trusted advisor notion is extremely important because if you look at what we do here at Level Blue, we're a strategic extension of your team.
And what we're really aiming to do is simplify cybersecurity. So that strategic extension of your team. And that's what I talked about with that example of a client that we have who was the target of ransomware and the security team. Was able to talk to the line of business team and say, Hey, we need to do more because we're small.
We're in. We're in a remote geographic location. We don't have the resources to go out and hire people. We don't have the resources internally to staff up our own sock, our security operations center. So let's bring in level blue. There are trusted advisor now. So we're now in there. We're acting as a strategic extension of their team.
And this idea of trusted advisors goes. Beyond the sock, you may say, you know, [00:33:00] we need someone to come in and help us with, for example, tabletop exercises, bring in a consultant who has done this before. And as we start to see more and more innovation, you may say, you know, I want to bring in a consulting team who saw a company.
Bring in a lot of different IOT initiatives and how they were able to secure all of those IOT devices and how they're able to manage all of those endpoints. We want someone who has done this before. So you bring in consultants. Level Blue has a tremendous team of cybersecurity consultants as well. Also, the SOCs, as I mentioned, oftentimes it is, it is too difficult with skills.
It's too expensive to spin up your own security operations center. Bring somebody in like a level blue to help you with your security operations center. That is that idea of the trusted advisor. In many cases, you may say, you know, I want somebody to come in and help me ideate on how to build out this new system.
Again, you can [00:34:00] bring in consulting team, global systems integration. You might bring in a, a telco to help you with networking. For example, if you're going from, let's say a 4g network and you say, you know, we need these 5g types of networks. In order to handle the types of applications we're building, so bringing in those trusted advisors from the global systems integrators to the security operations centers to cybersecurity consultants, telcos and so on.
So, working with somebody who has done this before. Is in your best interest looking at a way to strategically extend your own team if you're in an area where Maybe you don't have the skills and we all know that cyber security skills are at a premium So skills gap, maybe there is just not a lot of talent in the area where you are Maybe it's too expensive to build up your own environment That's where we can certainly help and that's why you should really look at that trusted advisor
Sean Martin: Yeah, I know it and [00:35:00] I mean So many thoughts in my head here, but the one that immediately comes to mind is not shortcut, but fast track.
Theresa Lanowitz: Yeah, definitely. That's a, that's a really great word. Fast track versus, versus shortcut. Most definitely. And we were told over and over in our research that people are saying exactly what I just said. You know, we couldn't do this on our own. So we are, we're, we know we're using these, this trusted advisor model.
One of the big things we learned in our research is that organizations are moving to this. Cyber security as a service. So C. S. A. A. S. You know, so we have everything as a service these days, but organizations are moving to cyber security as a service. So it's the whole idea of as a service. You have the elasticity has been up.
It's been down when you need it. So to bring in more cyber security professionals when you need it. Take them away when it's not needed. And we certainly offer cybersecurity as a service as well. But that was the one thing in [00:36:00] 2024 that really stood out to us, that people are making this strategic move to cybersecurity as a service.
Sean Martin: And I think the other thing that as you're describing this and the value of having these trusted advisors is. That it's not, not just a blanket of cybersecurity, it's, it's tailored to industries, verticals, technology stacks, new innovations that are coming, new technologies that are becoming available, and having experience doing that.
Correct. So not, not just. Yeah, we're cyber security and we're going to apply the same thing to every situation we encounter. It's the seven plus the many more that you, that you're engaged in from financial services to marketing, manufacturing and telco and whatnot.
Theresa Lanowitz: And we do that at scale for so many companies and the visibility that [00:37:00] we have because we are doing this at scale for so many clients really helps the next client, you know, because we can say, Oh, we saw this with, you know, in financial services, maybe this is something that retail is going to encounter or, Oh, we just saw this last week.
This is something, you know, that we see going on here. So that idea of being able to have that economy of scale. It, it, it helps to be that strategic extension of your team with the economy of scale and plus to be a force multiplier inside the organization.
Sean Martin: I could talk to you for hours, Teresa, and dig into all these scenarios.
I'm sure everybody listening and watching would want to do the same. So hopefully they can meet, meet with you at one of the events coming up that you'll be at. RSA? RSA. Will you be there? We'll have a good chat there too.
Theresa Lanowitz: Yeah.
Sean Martin: And, uh, Between now and then, if they want to reach out to you, of course, you can do that directly and chat with you in the level blue team.[00:38:00]
As we wrap here, you mentioned the supply chain piece is one of the areas that you'll be looking at in 2025. Anything else you want to tease out?
Theresa Lanowitz: So we talked in 2024. Our main concept of the report was cyber resilience. Now that is a big, big topic to undertake. We're going to be exploring cyber resilience in far more detail, but we're going to look, take a look at the business impact, because one of the things that we see is that cybersecurity and the business.
Have to align, have to be able to communicate with one another. So, watch for cyber security and what's going to happen with business and cyber resilience.
Sean Martin: That's exciting, fun stuff. And, uh, yeah, hopefully you have a good collection of folks contributing and, and, uh, I'm excited to see, see what the outcome is.
One of the first, before it was called Redefining Cyber Security, the name of the [00:39:00] show was Business of Security, which is, I still hold the theme and the idea. Close to my heart and in the conversations of how we're actually driving business value with cyber security. But, uh, yeah, I guess the point is it's all about the business.
Ultimately.
Theresa Lanowitz: Ultimately. Yes. I
Sean Martin: love it. Well, Teresa, it's always, always a pleasure. And hopefully everybody enjoyed this conversation and took a few nuggets with them. Of course, we have links to, uh, To the futures report and all the, all the vertical versions of those for the, for the folks that want to access them and, uh, encourage everybody to connect with Teresa and stay tuned for what's coming in 2025 from the love blue team.
Thank you so much.
Theresa Lanowitz: Sean. It was wonderful
Sean Martin: to
Theresa Lanowitz: be here.
Sean Martin: Thank you. And, uh, I'll see everybody on the next one. Thanks for joining.