O futuro do Zero Trust e do SASE é agora! Assista sob demanda

fechar
fechar
  • Por que Netskope chevron

    Mudando a forma como a rede e a segurança trabalham juntas.

  • Nossos clientes chevron

    A Netskope atende a mais de 3.000 clientes em todo o mundo, incluindo mais de 25 das empresas da Fortune 100

  • Nossos parceiros chevron

    Fazemos parceria com líderes de segurança para ajudá-lo a proteger sua jornada para a nuvem.

O mais alto nível de Execução. A Visão mais avançada.

A Netskope foi reconhecida como Líder no Magic Quadrant™ do Gartner® de 2023 para SSE.

Obtenha o Relatório
A Netskope foi reconhecida como Líder no Magic Quadrant™ do Gartner® de 2023 para SSE.
Ajudamos nossos clientes a estarem prontos para tudo

See our customers
Woman smiling with glasses looking out window
A estratégia de comercialização da Netskope, focada em Parcerias, permite que nossos Parceiros maximizem seu crescimento e lucratividade enquanto transformam a segurança corporativa.

Saiba mais sobre os parceiros da Netskope
Group of diverse young professionals smiling
Sua Rede do Amanhã

Planeje seu caminho rumo a uma rede mais rápida, segura e resiliente projetada para os aplicativos e usuários aos quais você oferece suporte.

Receba o whitepaper
Sua Rede do Amanhã
Introducing the Netskope One Platform

Netskope One is a cloud-native platform that offers converged security and networking services to enable your SASE and zero trust transformation.

Saiba mais sobre o Netskope One
Abstract with blue lighting
Adote uma arquitetura Secure Access Service Edge (SASE)

O Netskope NewEdge é a maior nuvem privada de segurança de alto desempenho do mundo e oferece aos clientes cobertura de serviço, desempenho e resiliência inigualáveis.

Conheça a NewEdge
NewEdge
Netskope Cloud Exchange

O Cloud Exchange (CE) da Netskope oferece aos clientes ferramentas de integração poderosas para tirar proveito dos investimentos em estratégias de segurança.

Saiba mais sobre o Cloud Exchange
Vídeo da Netskope
A plataforma do futuro é a Netskope

Intelligent Security Service Edge (SSE), Cloud Access Security Broker (CASB), Cloud Firewall, Next Generation Secure Web Gateway (SWG) e Private Access for ZTNA integrados nativamente em uma única solução para ajudar todas as empresas em sua jornada para o Secure Access Service Arquitetura de borda (SASE).

Vá para a plataforma
Vídeo da Netskope
Next Gen SASE Branch é híbrida — conectada, segura e automatizada

Netskope Next Gen SASE Branch converge o Context-Aware SASE Fabric, Zero-Trust Hybrid Security e SkopeAI-Powered Cloud Orchestrator em uma oferta de nuvem unificada, inaugurando uma experiência de filial totalmente modernizada para empresas sem fronteiras.

Saiba mais sobre Next Gen SASE Branch
Pessoas no escritório de espaço aberto
Desenvolvendo uma Arquitetura SASE para Leigos

Obtenha sua cópia gratuita do único guia de planejamento SASE que você realmente precisará.

Baixe o eBook
Mude para serviços de segurança na nuvem líderes de mercado com latência mínima e alta confiabilidade.

Conheça a NewEdge
Lighted highway through mountainside switchbacks
Permita com segurança o uso de aplicativos generativos de IA com controle de acesso a aplicativos, treinamento de usuários em tempo real e a melhor proteção de dados da categoria.

Saiba como protegemos o uso de IA generativa
Ative com segurança o ChatGPT e a IA generativa
Soluções de zero trust para a implementação de SSE e SASE

Conheça o Zero Trust
Boat driving through open sea
Netskope obtém alta autorização do FedRAMP

Escolha o Netskope GovCloud para acelerar a transformação de sua agência.

Saiba mais sobre o Netskope GovCloud
Netskope GovCloud
  • Recursos chevron

    Saiba mais sobre como a Netskope pode ajudá-lo a proteger sua jornada para a nuvem.

  • Blog chevron

    Learn how Netskope enables security and networking transformation through security service edge (SSE)

  • Events and Workshops chevron

    Esteja atualizado sobre as últimas tendências de segurança e conecte-se com seus pares.

  • Security Defined chevron

    Tudo o que você precisa saber em nossa enciclopédia de segurança cibernética.

Podcast Security Visionaries

Eleições, desinformação e segurança
Este episódio analisa os aspectos da segurança eleitoral relacionados ao registro de eleitores e aos controles físicos nos locais de votação.

Reproduzir o podcast
Blog: Eleições, desinformação e segurança
Últimos blogs

Read how Netskope can enable the Zero Trust and SASE journey through security service edge (SSE) capabilities.

Leia o Blog
Sunrise and cloudy sky
SASE Week 2023: Sua jornada SASE começa agora!

Replay das sessões da quarta SASE Week anual.

Explorar sessões
SASE Week 2023
O que é o Security Service Edge?

Explore o lado de segurança de SASE, o futuro da rede e proteção na nuvem.

Saiba mais sobre o Security Service Edge
Four-way roundabout
  • Empresa chevron

    Ajudamos você a antecipar os desafios da nuvem, dos dados e da segurança da rede.

  • Liderança chevron

    Nossa equipe de liderança está fortemente comprometida em fazer tudo o que for preciso para tornar nossos clientes bem-sucedidos.

  • Customer Solutions chevron

    Estamos aqui junto com você a cada passo da sua trajetória, assegurando seu sucesso com a Netskope.

  • Treinamento e certificação chevron

    Os treinamentos da Netskope vão ajudar você a ser um especialista em segurança na nuvem.

Apoiando a sustentabilidade por meio da segurança de dados

A Netskope tem o orgulho de participar da Visão 2045: uma iniciativa destinada a aumentar a conscientização sobre o papel da indústria privada na sustentabilidade.

Saiba mais
Apoiando a sustentabilidade por meio da segurança de dados
Pensadores, construtores, sonhadores, inovadores. Juntos, fornecemos soluções de segurança na nuvem de última geração para ajudar nossos clientes a proteger seus dados e seu pessoal.

Conheça nossa equipe
Group of hikers scaling a snowy mountain
A talentosa e experiente equipe de Serviços Profissionais da Netskope fornece uma abordagem prescritiva para sua implementação bem sucedida.

Conheça os Serviços Profissionais
Netskope Professional Services
Proteja sua jornada de transformação digital e aproveite ao máximo seus aplicativos de nuvem, web e privados com o treinamento da Netskope.

Saiba mais sobre Treinamentos e Certificações
Group of young professionals working
Miniatura da postagem

Este episódio apresenta uma entrevista com Marilyn Miller, Chief People Officer da Netskope. Marilyn é responsável pelas funções globais de recursos humanos da Netskope, incluindo experiência de funcionários e aquisição de talentos. Ela tem mais de 20 anos de experiência em funções de RH de alta visibilidade, incluindo Anaplan, Alfresco e Cisco Systems.

Neste episódio, Mike e Marilyn discutem a criação de segurança na estrutura de sua organização, trabalhando em colaboração com CIOs e CISOs e usando histórias para atrair talentos.

Eu acredito muito em perguntar, como a gente educa, como a gente se inscreve, como a gente fala da importância, como faz a segurança fazer parte do tecido e da cultura da empresa? E todos entendem sua responsabilidade em relação à segurança dos dados e à proteção deles.

—Marilyn Miller, diretora de pessoal da Netskope
Marilyn Miller

 

Carimbos de data/hora

*(02:33): A jornada de Marilyn para se tornar Diretora de Pessoal*(26:45): Como a pandemia mudou o trabalho híbrido e o que Marilyn espera que permaneça
*(04:44): Como Marilyn trabalha com líderes de segurança ao recrutar talentos*(33:56): Conselho de Marilyn para Chief People Officers em outras organizações
*(11:55): Como Marilyn viu a segurança cibernética se tornar um valor da empresa*(36:42): Como podemos obter mais diversidade em segurança
*(18:58): Exemplos de higiene de segurança pessoal traduzida para o escritório*(39:38): Acessos rápidos
(21:53): Exemplos de parcerias de CIOs e CISOs com líderes de RH e Pessoas

 

Outras formas de ouvir:

mais verde

Neste episódio

Marilyn Miller
Chief People Officer na Netskope

chevron

Marilyn Miller

Marilyn Miller tem responsabilidade global por todas as funções de recursos humanos da Netskope, incluindo experiência de funcionários e aquisição de talentos, em apoio à força de trabalho em rápido crescimento da Netskope.

Marilyn atuou mais recentemente como diretora de pessoal da Anaplan, onde ajudou a escalar a empresa em vários estágios de crescimento, incluindo uma oferta pública inicial bem-sucedida. Ela traz para a Netskope mais de 20 anos de experiência em RH de alta visibilidade e funções de aquisição de talentos, incluindo Alfresco, Quotient Technology, AECOM, BMC Software e Cisco Systems.

Conecte-se com Marilyn no LinkedIn

Mike Anderson
Chief Digital & Information Officer na Netskope

chevron

Mike Anderson

Mike Anderson atua como Diretor Digital e de Informações da Netskope. Nos últimos 25 anos, ele construiu e liderou equipes de alto desempenho em várias disciplinas, incluindo vendas, operações, desenvolvimento de negócios e tecnologia da informação. Ele ingressou na Netskope vindo da Schneider Electric, uma empresa global da Fortune 500, atuando como vice-presidente sênior, CIO e líder digital para a América do Norte. Em 2020, a Constellation Research o nomeou membro da Business Transformation 150, uma lista de elite que reconhece os principais executivos globais que lideram os esforços de transformação de negócios em suas organizações. O Conselho Nacional de Diversidade também o reconheceu como um dos 50 principais CIO por diversidade e inclusão em 2020 e 2021. Antes da Schneider Electric, Mike atuou como CIO da CROSSMARK, onde transformou digitalmente os recursos de negócios para o provedor de serviços de 40.000 funcionários para o setor de varejo e bens de consumo. Além disso, ele ocupou cargos de liderança executiva na Enterprise Mobile, uma joint venture da Microsoft que agora faz parte da Honeywell, Insight, Software Spectrum e InVerge, pioneira em serviços da Web que ele fundou em 1999. Mike atua em vários conselhos consultivos de tecnologia e indústria e trabalha como voluntário com organizações sem fins lucrativos focadas em saúde mental e prevenção do suicídio e aquelas que beneficiam o desenvolvimento de nossa futura força de trabalho em ciência, tecnologia, engenharia e matemática.

Marilyn Miller

Marilyn Miller tem responsabilidade global por todas as funções de recursos humanos da Netskope, incluindo experiência de funcionários e aquisição de talentos, em apoio à força de trabalho em rápido crescimento da Netskope.

Marilyn atuou mais recentemente como diretora de pessoal da Anaplan, onde ajudou a escalar a empresa em vários estágios de crescimento, incluindo uma oferta pública inicial bem-sucedida. Ela traz para a Netskope mais de 20 anos de experiência em RH de alta visibilidade e funções de aquisição de talentos, incluindo Alfresco, Quotient Technology, AECOM, BMC Software e Cisco Systems.

Conecte-se com Marilyn no LinkedIn

Mike Anderson

Mike Anderson atua como Diretor Digital e de Informações da Netskope. Nos últimos 25 anos, ele construiu e liderou equipes de alto desempenho em várias disciplinas, incluindo vendas, operações, desenvolvimento de negócios e tecnologia da informação. Ele ingressou na Netskope vindo da Schneider Electric, uma empresa global da Fortune 500, atuando como vice-presidente sênior, CIO e líder digital para a América do Norte. Em 2020, a Constellation Research o nomeou membro da Business Transformation 150, uma lista de elite que reconhece os principais executivos globais que lideram os esforços de transformação de negócios em suas organizações. O Conselho Nacional de Diversidade também o reconheceu como um dos 50 principais CIO por diversidade e inclusão em 2020 e 2021. Antes da Schneider Electric, Mike atuou como CIO da CROSSMARK, onde transformou digitalmente os recursos de negócios para o provedor de serviços de 40.000 funcionários para o setor de varejo e bens de consumo. Além disso, ele ocupou cargos de liderança executiva na Enterprise Mobile, uma joint venture da Microsoft que agora faz parte da Honeywell, Insight, Software Spectrum e InVerge, pioneira em serviços da Web que ele fundou em 1999. Mike atua em vários conselhos consultivos de tecnologia e indústria e trabalha como voluntário com organizações sem fins lucrativos focadas em saúde mental e prevenção do suicídio e aquelas que beneficiam o desenvolvimento de nossa futura força de trabalho em ciência, tecnologia, engenharia e matemática.

Transcrição do episódio

Aberto para transcrição

Marilyn Miller: We talk about security as a team sport and a shared responsibility and accountability. I think the more that you can drive it from it's instilled in your culture and your values, you have less of a dependency then on the policing and the policy requirements of it. You still need to have those things in place. But I believe a lot in how do we educate, how do we enroll, how do we talk about the importance? How do we make it part of the fabric and culture of the company? And everybody understands their responsibility around data security and the protection of it.

Speaker: Hello and welcome to Security Visionaries. You just heard from today's guest, Marilyn Miller, chief People Officer at Netskope. Establishing security as a team sport is more than just implementing policy requirements. It starts with weaving it into your culture and values. From hiring to onboarding to employment, people need to be educated on the critical responsibilities they hold in keeping their organization safe. Before we dive into Marilyn's interview, here's a brief word from our sponsor.

Sponsor: The Security Visionaries podcast is powered by the team at Netskope. At Netskope, we are redefining cloud, data and network security with a platform that provides optimized access and zero trust security for people, devices, and data anywhere they go. To learn more about how Netskope helps customers be ready for anything on their SASE journey, visit N-E-T-S-K-O-P-E.com.

Speaker: Without further ado, please enjoy episode 16 of Security Visionaries with Marilyn Miller, chief People Officer at Netskope, and your host Mike Anderson.

Mike Anderson: I want to welcome everyone to today's episode of our Security Visionaries podcast. I'm Mike Anderson. I'm the Chief Digital and Information Officer at Netskope. I'm excited today to be joined by our Chief People Officer, Marilyn Miller. What's interesting about this is when Marilyn first joined, she was on a town hall and she was introducing herself and she talked about how she had partnered with the CIOs in her past companies as they thought about security policies and how those impacted the organization and how they could work together on that change. And it was at that moment when we thought about our theme for this year has been security as a team sport, I said, "All right, Marilyn is coming down on the podcast. We're going to talk about this." So Marilyn, welcome. Why don't you tell the audience a little bit about yourself and maybe your journey to Netskope and maybe your journey as a Chief People Officer?

Marilyn Miller: First of all, thank you so much for having me. I was very excited to be able to have this conversation with you today. So yeah, I've spent my entire career in human resources. I've been a chief people officer for probably the last decade. I grew up as an HR business partner, but I think when you get to the chief people officer side of it, you get to see all aspects of the function. When I think about what my role as chief people officer, I'd probably talk about it today in two different contexts. The first one being, ultimate responsibility, can we attract and retain the necessary talent for our stage and size and growth, the business models and how we execute the business strategy? So that's one big piece of it.
But I think the other side of it is setting the policies and the procedures as well as the culture of the company. And I think it's that culture piece, blending the talent, attraction and retention as well as the policy side of it that I think is going to be most interesting for today's conversation is how do you craft a company culture that's inclusive of all the responsibilities that each of our employees have?

Mike Anderson: I totally agree, and it was interesting when I was at Schneider Electric before this, we'd always start every meeting with a safety briefing where we talk about where is the exit, how do you get out of the building, what are all the things you need to be mindful of, especially in a manufacturing environment? And always had this ambition. I'm like, "I want to have cybersecurity be part of that safety briefing. How do we be safe at this meeting?" Remember when we're at a hotel where the exits are but also remember, put your laptop in your safe. That's one of the things I want in the safety briefing. I'm really interested in your perspective as we get more on this topic.
So you brought up a good point right there around talent. And I know that today if we look in cybersecurity IT across all positions, we have a workforce challenge trying to find the right talent, how do we retain the people we have? How do we up-skill them? How do we attract talent? Talk to me a little bit about when you're partnering up with CIOs and security leaders around recruiting talent, how are you helping them think about that problem in bringing those people on?

Marilyn Miller: Yeah, and you mentioned it at the very beginning. My own journey with Netskope started with the partnership that I had at my previous organization with the CIO. We were getting ready to roll out a whole new set of security technology inclusive of Netskope. And when the CIO came to me and said, "Hey listen, we're going to get a lot of questions around, particularly from our engineering teams of, 'Gosh, how much visibility are we going to have into their own traffic if they were using any of the company devices to check the movie schedules or online shopping?'" And so one of the things we talked about was, "Listen, what's our responsibility as an organization? Our customers expect that we keep their data secure. Our employees expect we keep their data secure. And so this whole culture of security started to reveal itself and we had to talk about it and put it in the context of the culture for the organization.
One, it's everybody's responsibility. We have a duty of care and a duty of responsibility to a number of these different constituents. How do we enroll them in being part of the solution and the decisions and the requirement and the understanding and how it does fit into who we are as a company and the kind of employer that we want to be? And so I think that's what's really shaped the way that I think about the partnerships. We talk about security as a team sport and a shared responsibility and accountability. I think the more that you can drive it from it's instilled in your culture and your values, you have less of a dependency than on the policing and the policy requirements of it. You still need to have those things in place. But I believe a lot in how do we educate, how do we enroll, how do we talk about the importance, how do we make it part of the fabric and culture of the company? And everybody understands their responsibility around data security and the protection of it.

Mike Anderson: Yeah, that's a good point. I think about tech companies, especially in the Valley area. We've got a lot of companies that are pre-IPO tech companies. The source code is the most sensitive data they want to protect. And I think about developers and if that developer that's across from me decides to leave, do I really want them taking our source code and going to a competitor or someone else, because that then impacts the value I have as a shareholder, which is part of the reason I probably came to the startup is I'm hoping there's an exit at some point, whether it's an IPO or an acquisition. When you've had those conversations with developers, has that ever been something that's come up around protecting their own, the value of what they have as a company?

Marilyn Miller: Yeah. And I think it comes from people want to be part of a values-based, mission-driven, high culture company. At the heart of that is the trust, the transparency, the accountability that comes with it, and the software developers that they want the work that they do to add value to the customers, to add value to their own career goals and enhancements. And they expect that the company is keeping that protected. It's very rare that I'm involved with the security team in the pace of the bad actors, if you will, people trying to steal our data or download company confidential, whether that's customer data, intellectual property source code, or any of that. That's such the rare exceptions. But like I said, you want to make sure you have everything in place in the event that does happen.
I think the majority of our software developers and the people that work on our intellectual property, they're doing it to not just make us, but our customers obviously more secure, the pride that they have in that work and then the trust that they have in us as an organization to be able to protect that work and put it to the highest use and greatest value.

Mike Anderson: No, 100%. I mean, I think, you hit the nail on that. I think I always say 99% of people are well-intended every day when they come in the office. There's that small 1% that have some mal-intent for whatever reason. But generally, most people wake up every day and they go, "I want to do a great job at work." Most people don't walk up and say, "You know what? I want to do a crappy job at work today," which always becomes, it's not the intentional person. We have lots of ways to find them. It's the unintentional person that just happens to make mistakes because they don't know better or they didn't retain 100% of what they heard in that 30-minute training. What is the stat? I think it's like hear something 22 times before you remember it. I think it's just that it doesn't become brainstem until 22 times. And we're not going to make people do security awareness training 22 times in a year. They probably have a different set of words back for us. So I think it's that unintentional person that concerns me the most.

Marilyn Miller: Yeah, and I think you said it really well, Mike, but we try to start with how do we be proactive on the front end? And so as employees are joining Netskope, we talk about what we do, why we do it, the difference that it makes, that's kind of that mission driven culture, values-based organization. We reinforce that in the onboarding process, like the accountability and responsibility of each and every one of employees, we have the business leaders come in and talk about the solutions that we provide to the marketplace, who our biggest customers are, why they buy from us? We continue to reinforce that through the ongoing training that we provide to employees. And again, we have a backstop there as well where we've got actual written policies around security and data protection.
So we try to build this into the fabric of the organization and I think that's where the strong partnership across the organization, what are we trying to protect? What are we to get in terms of outcomes? How do we have the shared accountability around that? How are we clear about our expectations as well as what the consequences are in the event that we would have someone who intentionally was trying to take data or download things that they shouldn't be. And I think that complete framework is really the place where the chief people officers, along with the CIOs and the chief security officers as well as the business leaders, come together to say, "We each have a role and responsibility to play in protecting our data, protecting our customers, protecting our employees."

Mike Anderson: Yeah, absolutely. I'm so glad you're doing that because as a cybersecurity company, the worst thing could ever happen is a breach, right, because the reputational harm it can cause for a cyber company as we've seen from some of the other people in the industry that have had that happen is really bad. Question I have for you. In your journey as a chief people officer, have you seen cybersecurity become part of one of the values of any other companies you've worked with?

Marilyn Miller: I think it's embedded in there. So Mike, I've been at this for so long. When I started in HR, most of what we talked about was physical security. Everybody came to an office. You had these giant campuses, you had such an emphasis on the physical security. At that time, employees weren't working as much remotely. In a lot of cases they weren't even taking the company assets and devices outside of the workplace. Then you sort of evolved to the, "Hey, these global organizations. People are on the move. They want to be working from home evenings, weekends, on occasion. They want to have their own devices." You still have to have, obviously, concern about the physical security, but on a relative basis that's so de-emphasized relative to the data security piece of this. If you think about what's happened in the last two years where overnight you might have went from a small percentage of your employee base working distributively to now in a period of time 100% of your employees, unless you are an essential worker on their own devices from lots of different locations.
So that whole aspect of, "Oh my gosh, how do we protect our data and our information?" I've seen that whole transition and then building that into, as I talked about earlier, the culture and the values and the shared accountability around it. And so I do think a lot of companies are rethinking and if it's not explicitly written in their values, it's assumed and it's communicated as I talked about what we're doing in the onboarding, in the ongoing training, written in their policies on the front end of the communication that they have with their workforce about help keep us safe, help keep our data protected. You've got a lot of global GDPR requirements, lots of things to think about as well as your globally context, which most companies that, or big data companies have a global footprint as well.

Mike Anderson: Yeah, 100%. It's interesting, you brought back going back in the old buildings, I remember when I first started as a software developer, you didn't have web mail. Was using GroupWise to take us back in the time machine and we all were forwarding our emails to our Yahoo mail because we wanted to access it from home so we could work on our home PCs and write code. So I totally remember those days. I would've been that developer probably doing a bad thing if it was in today's world, just because I was trying to get things done in my computer at home. I didn't want to sit in the office until one o'clock in the morning.

Marilyn Miller: Yes, right. I mean, how the world's changed, I remember I had the little fob where the number kept updating every 30 seconds or minute if you were going to come in through your VPN. And that wasn't distributed across the entire organization. It was sort of only assumed a certain kind of role or a certain talent was working remotely and distributively and how the world has changed in a very short period of time. And I love the way that even when you hear Sanjay talk about data is the new sort of oil, if you will, data's what drives the economy. And for enterprises to be able to protect that data and think about it from all aspects at the network level, at the device level, in a highly global and distributed environment, the complexity of it is enormous.
And so I think that I shared, again, kind of shared accountability between who's the employer that we want to be, what do we value, and then how do we actually deliver and execute against that sort of talks about that intersection between the CIOs, the CISOs, the chief people officers having to come together and really craft these kinds of solutions for their organizations.

Mike Anderson: No, 100%. I've always had such a close partnership with the HR organization because some people... HRs who I escalate problems to or HRs who I work with when I need to rethink my talent strategy in my organization, which are obviously two things that are key. But a lot of times it's HR people are so good around the psychology of change and how do you get people to absorb things and right, wrong or indifferent, a lot of people in IT tend to write these encyclopedias of policies that no one ever reads and they just set accept. And so how do you translate that into things people can actually grasp and understand? Maybe you've been doing some of those things even here. How do you take this encyclopedia and take it down to the highlights that people need to care about?

Marilyn Miller: Yeah, and I think it's such a great point, Mike, and again, you need those things. I would encourage companies to have really robust policies and have that included, but it's really the storytelling, the narratives that, what can go wrong, put it into a context, connect with them emotionally and viscerally around why these things are important. And you kind of said it, right. You can probably tell lots of stories of enterprises who had bad things happen and what the outcomes were around that. And employees relate to that kind of storytelling, that kind of narrative, that kind of putting it in context. It gives them that aha moment of one, how serious this is, how big the consequences can be if we don't protect the data or things happen. And you kind of said it too, Netskope itself, we become a bit of a target. If you're on the outside and you're trying to have a data security breach, no better company to do it than to a security company in and of itself.
And so that just raises the requirements for Netskope exponentially because we get targeted. We've got really great data. We've got a super proactive security team. I think one of the first people that, besides you, coming in was spending a lot of time with Lamont Orange and his team really understanding that environment, how they do their jobs, how we can help facilitate that and roll employees around, "Hey, it's not just one team or one group's responsibility. It's the exact number of however many employees we have." If we have 2000 employees, then it's 2000 people's responsibility to keep us safe, keep our data secure and safe. And I think that setting that as a cultural tenant and that shared accountability around it has been super successful for us. And that's getting out and talking to people and like I said, telling the stories and the narratives and the why's and the how's and who our customers are and what they expect from us as well.

Mike Anderson: Now it's interesting, one of the things that I've always felt is really important on security is connect it back to how is it helping you, not just when you're in the office, but personally as well? Because if people's individual security hygiene gets better when they're not in the office, when they're on their home computer dealing with their own financials, their own finances, their own personal information, that then will translate into what we do in the office. How have you seen maybe some good examples here at Netskope beyond where you've seen people help that, how that's played out in a positive way in their organizations?

Marilyn Miller: I think to your point, there's a lot of when you can educate, when you can make people aware, when you can help them understand why these things are important, there is a natural transference then to their personal lives and how they think about securing their own data. Everyone's heard, again, the horror stories, your identity stolen or your bank accounts or credit cards being hacked. And so I think there's a lot of parallels around that. And again, I think that at Netskope what we've done a really good job of is continuing to be out in front of our employees. You kind of said, "Gosh, a lot of times these IT policies and then you have somebody sign something on the way in." It doesn't give them context, it doesn't give them consequences, it doesn't give them accountability when you stay out in front of them and you continue to talk about why it's important.
Again, for me, I go back a lot to think about who our customers are. We have over 2,000 customers, many of them, some of the largest, most complex and/or financial institutions, you want them to be protecting your personal data and we help them protect themselves. It's all in a common ecosystem, if you will, or a connected world that the people we do business with are our customers on a personal basis. I certainly want my personal data with my bank and other institutions to have them be as thoughtful as they can about protecting my data and employees start to really understand how all of these things fit together and why it's so important in terms of not just what we do but how we do it and that we have the deep understanding of the relationships there. And like I said, to me it's building it into your culture, your values, your education, being proactive around that and only using the policy statements as kind of a backstop if something was to go wrong.

Mike Anderson: Yeah, it's kind of like in a commercial relationship, no one ever looks at the contract unless there's a problem. So how do we use that same mindset with our people? It's like we just expect they're not going to read the policy document. So what is it important that we get them to know? What are the highlights that they need to know? We talk about stories, so let me hear a couple stories from you around what are some ways that maybe some good examples and maybe some bad examples or maybe humorous around partnerships with CIOs and CSOs in past organizations. And you don't have to list the name of the company unless it was a positive just to keep people's personal brand intact. But maybe some examples of what good looks like and what bad looks like or maybe something you heard from a peer as a bad example of CIOs and CISOs partnering with their HR and people leaders.

Marilyn Miller: I'll start with some of the good examples and I think that's where we've had leaders and managers come forward and say, "Hey, proactively, how do I make sure that my team understands the environment that we operate in and the expectations that we have?" You mentioned it earlier, people want to come to work and do a good job. They show up every day saying, "Hey, how do I enable the organization? How do I make my best contribution?" And so when I get the stories of managers coming saying especially here at Netskope, how important protecting our data and understanding what we do and how we do it and how we enroll the employees around it. That proactive approach is fantastic. I have had examples at other organizations where I get the phone call of, "Hey, we have an employee who left. We can see all their traffic, everything that they've downloaded and the things that they may be trying to take with them," whether it's a pricing sheet or a customer list or copies of contracts that we have.
And I think for me, my first inclination is to say, "Okay, if I was to give them the benefit of the doubt, let's sit down and ask them, 'Hey, we can see what you've done in the network and the things that you've downloaded or emailed to an outside email address. Help us understand what your intention is and how you plan to use that.'" Most of them know right away "I've been caught." And so then you just start the recovery process as well as to start to talk about what the consequences are of taking any of that data and using it for unintended purposes or from outside of the organization. I would say over the years that's actually gotten less and less because of the education. Most employees now know they can see and they'll know and they can detect because companies have done a great job educating their employees on their security environments.
And what happens if you unintentionally lose a device, we remote wipe it, we can shut it down. All you have to do is report it, make sure that we're aware. And so I think where security used to be limited to the people who had security in their job title, it's now because everybody's responsibility and companies have done a really nice job educating everybody. So the bad actors around this I think are less frequent than what I've seen in the past because of that. They know they're likely going to get caught or someone's going to see what they've done. And even employers who, in the past, maybe an employee came and said, "Oh hey, I can tell you where I came from and the customer list that they have." They're like, "No, absolutely not. We don't even want to know that information. There's bad consequences for us for using data that we shouldn't be."
So you kind of have it coming from both sides of it where employees know better not to take it. Employers absolutely know better not to use data that they know they shouldn't have had access to or it came to them in a way that was less than high integrity.

Mike Anderson: Absolutely. It's interesting, you talk about that story. When I came on, I'd heard a story and it stuck with me. It's the whole, your brain will remember a story but it won't remember the facts and figures you put on a slide. And so someone told me the story about a customer. We were in a proof of value with and we were reviewing the results of the proof of value with a financial services customer. And we said, "Hey look, here's this person right here that just yesterday copied 1,200 files off to a personal dropbox account." And they said, "Whose that user ID and who was the person?" And then we told them. They said, "Wait a second. That person's in an exit interview down the hallway. You're going to have to give me a minute. I want to stop them before they leave the building."
I pivot that today, if I look before the pandemic, we still had remote workers. I've worked. My last company, I was at Schneider. I was traveling to Nashville or Boston every week, but then I'd work from home a day a week. A lot of people did that. And so we still had challenges, but most people were in the office. Now we've went to hybrid work with the pandemic where you said earlier, everyone went to or at work and now some companies have gone to a hybrid policy. Some have gone back to "everyone has to be in the office." I know you came from Anaplan. I know the CI over there. So as I think about that, how did you see that partnership change during the pandemic? What happened during that timeframe? How did it change and then what do you hope stays as we move forward now that we're really on the other side of the pandemic. What things got better and how do you make sure those things stick going forward?

Marilyn Miller: And as you mentioned prior to the pandemic, you probably had a small percentage of your workforce and maybe even every day. It was the overnight, 100% being entirely distributed and then distributed from there. So you weren't even co-located around hubs. People scattered across and I was at Anaplan at that time and I think one of the first things that we did was to pull everybody together. We obviously started with personal safety first and the psychological piece of the pandemic. But then after taking care of those highest priorities, the next thing was around business continuity. How are we going to continue to have the business continuity? Security was a big piece of that conversation and the connectivity, the ways that we could support our employees through that. That was a company that dealt with a lot of large scale customer data. We now had even the customer response around that.
If we had a crisis in the past, everyone come to the office and let's get in a room and solve this and figure this out. And we now had to try and solve these really complex customer problems in this highly distributed way. And so talking about how we were going to work and continue to solve problems, serve the customers, innovate, do that in a highly distributed way, kind of weaved through all that would be the security requirements of that kind of data sharing. Even the remote Zoom and WebEx and Teams environment that we went into. We had to make sure and check that all the security around all of the software, the other technology that we were using, really were going to meet the standards of the new way in which all of us were working. Like, does someone have responsibility for checking everybody who's called in here know that we know to a person who's on some of these calls when we're sharing data, having highly confidential company.
And that hadn't really been part of the pre pandemic set of protocols that you go through. But all of those, what seemingly could sound like small things, were super important in the early days of learning how to work in this new highly distributed, entirely remote environment.

Mike Anderson: So it was the start of a call with, "Please, no one takes screenshots of this information. It's not supposed to be shared." As right as you say that, everyone's taking screenshots and sharing them and then you're playing the hunting game, "Okay, who shared that with who?" And it wasn't even outside the company. It was inside the company. "It's okay, now everyone's an insider. Okay, we're just going to make everyone in the company's going to be an insider now because we don't know who's sharing this where." And all these new challenges that we had.

Marilyn Miller: Exactly. All those little things you had to think through and think about some of the security details or security solutions that we have now. It can detect if somebody takes a screenshot or an iPhone picture of highly sensitive, highly coveted, secure data and think about it. Like lots of those meetings that used to only be able to happen in person, you weren't allowed to come in virtually or remotely, board meetings. They all had to get pushed to the virtual and that became a real concern. So I expect that will be something that will really continue to evolve. I think we have to assume highly distributed hybrid, yes, there will be some companies that will ask employees to come back, but it's highly unlikely that will be five days a week because the workforce is sort of already signaled, "That's not sustainable," and it's not even necessary.
It's not an enhancer to productivity or innovation in some cases even green, like the environmental footprint of not having people commuting five days a week. So yeah, I think you're going to see the evolution of these security products continue to be imagined in a world where at least remote working is going to be the larger percentage of the way people join and stay with organizations.

Mike Anderson: Yeah, it's going to be interesting to see how it plays out because we've seen even big companies like Salesforce saying, "Hey, the facts we're not coming into an office. What's having an impact on our productivity with new employees coming in?" And we went from the great resignation, which some would say, "We're kind of maybe still in it," but at the same time, and I think we're in the force resignation right now a little bit, especially in the tech sector with a lot of the layoffs we're seeing.
That's always one where I feel like there's got to be things leaving the building when there's people feel like, "Oh my gosh, I can't believe I was just impacted with my job." Have you seen that play out in your time where you see more of that data leaving the building when there's these reductions like we're seeing today, because sometimes those are done three months, nine, six months ahead of time because of notice times you have to give in certain industries.

Marilyn Miller: So I think it's a great question. I actually think it's probably a better question for a chief people officer who's not the chief people officer at a data and security company, because again, I think our talent, our employees, our workforce is so much better educated and they're so aware of what our capabilities are that even if they were inclined to think, "Well, maybe I'll just download some of the things that I did," or "take some of this data and information with me," they know the probably absolute probability around that is we're going to be able to detect it. So like I said, it's hard for me to answer because I'm certainly not seeing an increase of that at Netskope. But I do think it's because of who we are, what we do, how much education, how much awareness, how much our employees are in tune with that so they're less likely to try and test the system around that.
Mas acho que seria uma pergunta superinteressante para outros diretores de pessoal. Mas, como eu disse, por outro lado, a maioria dos empregadores não quer ser associada ou fazer parte da contratação de alguém e então traz algo com eles. Primeiro, diz um pouco sobre quem é aquela pessoa que acabou de contratar, que se ofereceria para trazer aquilo. E eles também sabem que as consequências para eles serão altas se usarem qualquer um dos dados que obtiveram através de alguém que pegou dados dos quais eles realmente não deveriam ter tentado sair.

Mike Anderson: Não, concordo totalmente. Obviamente, sua perspectiva mudou desde que você chegou a uma empresa de segurança cibernética na Netskope e protegeu dados. Então, sabendo o que você sabe agora, já faz mais de meio ano, certo? Acho que já faz mais de meio ano-

Marilyn Miller: Sim, tem-

Mike Anderson: ... juntou-se. O tempo voa.

Marilyn Miller: Sim, cerca de 10 meses.

Mike Anderson: 10 meses. Sim. Não, eu estava procurando. Já se passaram quase dois anos para mim e pensei, “Uau, o tempo voou”. São como anos de gato. Como sua perspectiva mudou e que conselho você daria aos diretores de pessoal de outras organizações? O que você aprendeu nos 10 meses que diria: "Se você for a uma Cúpula de Diretores de Pessoal da Evanta e estiver sentado ao redor da mesa, que conselho você daria a eles ou que aprendeu desde que veio para Netskope?"

Marilyn Miller: E acho que seria isso, Mike. Mas construa essas parcerias e relacionamentos desde o início. Entenda a responsabilidade compartilhada. Acho que você disse isso melhor no início. Este é um esporte de equipe. Todos têm que contribuir para os aspectos técnicos, as soluções tecnológicas reais e os produtos e estoques de segurança de dados e a maneira como pensam sobre isso. Mas, vindo de um diretor de pessoal, seu trabalho é entender isso e então dar vida a isso, integrá-lo à sua cultura, aos seus valores. Mantenha isso na frente da organização, começando com a forma como você contrata, a maneira como você integra, a maneira como você continua a treinar e educar, a contar as histórias e as narrativas, o porquê é importante, o que seus clientes esperam, por que você como os funcionários também querem fazer parte disso. E uma vez que você obtém essa propriedade de toda a empresa, acho que isso muda sua perspectiva sobre o quão essencial isso é.
Podemos ter a melhor atração e retenção de talentos e programas de desenvolvimento e tudo mais, mas você prejudica sua marca ou reputação, muitas dessas coisas desaparecem muito rapidamente e são mais difíceis de reconstruir. Portanto, seja proativo sobre esta parte do seu papel e como você contribui para o sucesso geral da organização. E nada prejudica mais uma empresa do que uma violação de dados ou um problema de segurança de dados ou qualquer propriedade intelectual ou dados de clientes saindo de suas quatro paredes. Portanto, faça disso parte de como você pensa sobre seu valor geral e, em seguida, como você prioriza a construção de seus relacionamentos em torno de outras partes da organização que também são responsáveis.

Mike Anderson: Esse é um ótimo conselho e estou animado para que você compartilhe isso porque teremos outros fãs delirantes ou pessoas falando sobre Netskope em outras partes da organização e isso gerará mais negócios para nossa empresa para ajudar nossos acionistas. Você levantou um bom ponto aí. Um que você mencionou foi o talento. E eu olho para a segurança cibernética e sempre estive em TI tentando trazer mais diversidade para minhas organizações de TI, seja diversidade de gênero ou diversidade étnica ou apenas diversidade de pensamento e formação. Quando olho especificamente para o desafio da diversidade de género que temos hoje na área cibernética, quando olho para algumas das funções tecnológicas, quais são algumas das ideias que você pode ter sobre como podemos trazer mais diversidade? Não vejo tantas mulheres na nossa organização de economia social ou, por exemplo, em funções de desenvolvimento como gostaria de ver. Como você pensaria em algumas coisas para fazer com que mais mulheres se interessassem por esses tipos de funções?

Marilyn Miller: Então, acho que algumas coisas que gostaria de compartilhar aí. Primeiro, acho que precisamos começar mais cedo. Como podemos entrar na educação infantil e falar sobre os tipos de carreiras, o impacto, o trabalho que você pode fazer, as empresas para as quais você pode trabalhar e às quais se associar e começar a inspirar desde cedo. Quando penso em muitos dos programas STEM e em muito do trabalho que está sendo feito, você está começando a criar esse interesse e isso pode ajudar a moldar a forma como eles pensam sobre suas escolhas educacionais e os caminhos que seguem no ensino médio , pós-ensino médio, o que levará a um conjunto maior de talentos.
Outra que penso é: como você faz a narrativa em torno disso, a narrativa? Tipo, por que esses trabalhos são superinteressantes, o elemento humano e o aspecto humano disso e ter certeza de que isso também é bem compreendido.
Acho que a segurança provavelmente tem uma certa reputação de trabalhar de maneiras misteriosas. E acho que poder falar mais sobre o impacto, a narrativa, a narrativa, as formas como isso contribui também ajudará a atrair mais talentos para a área. E então, quando conseguirmos trazer mais mulheres para essas funções, como podemos garantir que elas estejam preparadas para ter sucesso? Elas conseguem ver um plano de carreira, veem outras mulheres, empregos importantes e impactantes. Acho que todas essas coisas ajudarão a contribuir para direcionar mais talentos para esse tipo de escolha de carreira realmente incrível e fantástica.

Mike Anderson: Não poderia concordar mais, esse é um ótimo conselho. Quer dizer, acho que contar histórias em geral é uma das melhores habilidades que alguém pode ter, porque pode ajudá-lo de muitas maneiras, seja traduzindo um tópico complexo ou fazendo com que as pessoas se imaginem nesse papel. E acho que isso é algo em que as pessoas desejarão ter investido mais quando olharem para trás e, eventualmente, acho que a gestão de mudanças começará a desempenhar um grande papel na segurança. Sempre esteve presente em TI, mas acho que o gerenciamento de mudanças também deve ser um grande componente de segurança à medida que avançamos.

Marilyn Miller: Sim, dar vida a esses empregos. Quero dizer, ninguém faz um trabalho melhor do que Sanjay Berry. Ele é tão atraente. Sua narrativa sobre por que o que fazemos é importante e como ajudamos a proteger o mundo, os dados e todas as coisas que vemos acontecendo. Acho que isso atrai todos os talentos para esse tipo de oportunidade de carreira. E quanto mais pudermos fazer isso, mais veremos um grupo mais diversificado de talentos surgindo após essas funções.

Mike Anderson: Sim, não poderia concordar mais. Bem, esta foi uma ótima conversa. Sempre gosto de sair do nosso podcast com alguns hits rápidos. Então, vamos examinar isso bem rápido. Então, três perguntas para você. O primeiro que tenho para você: qual foi o melhor conselho de liderança que você já recebeu?

Marilyn Miller: Eu diria que no início da minha carreira tive um grande mentor e campeão que disse: “corra riscos. O próximo trabalho pode nem sempre ser óbvio, pode nem sempre ser linear, mas se você puder aprender alguma coisa, isso o desafiará de maneiras específicas." Tenha a mente aberta e faça coisas que possam colocá-lo fora de sua zona de conforto. Isso me serviu muito bem ao longo da minha carreira.

Mike Anderson: Ah, isso é ótimo, conselho de liderança. Próxima pergunta, qual seria sua última refeição?

Marilyn Miller: Bem, tive a oportunidade de passar cerca de nove dias em Florença neste outono. Então eu diria qualquer refeição da Itália. Eu exagerei enquanto estive lá, mas foi fantástico.

Mike Anderson: Bem, teremos que conversar sobre isso mais tarde. Eu amo a Itália e também adoro comida. Portanto, esses são dois bons tópicos para uma conversa posterior. Tudo bem. Última pergunta para você, quem você mais admira e por quê?

Marilyn Miller: Uau. Essa é difícil. Eu diria que, tendo sido diretor de pessoal e pelo que observei nos últimos dois anos, admiro todos os pais que trabalham e, em particular, as mães que trabalham. Os papéis e responsabilidades que tiveram que assumir, equilibrando o lar e o profissional, só uma enorme admiração que vai para aquela população com certeza.

Mike Anderson: Não, concordo totalmente. É engraçado. Uma amiga me contou, ela falou sobre o marido que, falando sobre acordar os filhos de manhã durante todo esse período de pandemia e tudo mais. Ela diz: “Quero ser marido quando crescer”. Então eu achei isso muito engraçado. Então eu realmente gostei da conversa. Então, muito obrigado. Obrigado por investir seu tempo e obviamente estou ansioso para trabalhar com você todos os dias.

Marilyn Miller: Sim, obrigada, Mike, e muito obrigada por me receber. Tem sido divertido e também educativo para mim, só a consideração das perguntas me fez pensar realmente sobre isso. E foi um verdadeiro prazer estar aqui hoje. Então, obrigado.

Mike Anderson: Obrigado. Bem, espero que você tenha gostado do episódio de hoje do nosso podcast Security Visionaries. Foi ótimo ter Marilyn Miller, nossa diretora de pessoal aqui na Netskope, participando. Eu realmente gosto de trabalhar com ela todos os dias e sempre que a ouço, os ótimos insights que ela nos dá são simplesmente incríveis. As três principais conclusões que tirei da nossa conversa de hoje são, em primeiro lugar, que você precisa incorporar a segurança nos valores e na estrutura da sua organização. Segundo, é importante, tanto do ponto de vista do diretor de pessoal, quanto do ponto de vista do CIO e do CISO, trabalhar colaborativamente o mais cedo e com a maior frequência possível para garantir que a política se torne real e algo que seja mais do que apenas uma enciclopédia que as pessoas têm. para ler, mas algo que se torna mais prático.
E então o terceiro, que é um ótimo conselho para todos em todas as funções, que é contar histórias. Use-o para atrair talentos, use-o para transmitir tópicos complexos que você sabe que são uma habilidade crítica de se ter. Espero que tenham gostado deste episódio do Security Visionary Podcast. Sou Mike Anderson, sou seu anfitrião. Sou o CIO e Diretor Digital da Netskope.

Patrocinador: O podcast Security Visionaries é desenvolvido pela equipe da Netskope, rápido e fácil de usar, a plataforma Netskope fornece acesso otimizado e segurança de confiança zero para pessoas, dispositivos e dados em qualquer lugar, ajudando os clientes a reduzir riscos, acelerar o desempenho e obter visibilidade incomparável de qualquer atividade na nuvem, na Web ou em aplicativos privados. Para saber mais sobre como a Netskope ajuda os clientes a estarem prontos para qualquer coisa em sua jornada SASE, visite NETSKOPE.com.

Palestrante: Obrigado por ouvir os Visionários de Segurança. Reserve um momento para avaliar e comentar o programa e compartilhe-o com alguém que você conhece e que possa gostar dele. Fique ligado nos episódios que serão lançados a cada duas semanas e nos vemos no próximo.

Assine o futuro da transformação da segurança

Ao enviar este formulário, você concorda com nossos Termos de Uso e reconhece a nossa Declaração de Privacidade.