Netskope debuts as a Leader in the 2024 Gartner® Magic Quadrant™️ for Single-Vendor Secure Access Service Edge Get the report

close
close
  • Why Netskope chevron

    Changing the way networking and security work together.

  • Our Customers chevron

    Netskope serves more than 3,400 customers worldwide including more than 30 of the Fortune 100

  • Our Partners chevron

    We partner with security leaders to help you secure your journey to the cloud.

A Leader in SSE.
Now a Leader in Single-Vendor SASE.

Learn why Netskope debuted as a leader in the 2024 Gartner® Magic Quadrant™️ for Single-Vendor Secure Access Service Edge

Get the report
Customer Visionary Spotlights

Read how innovative customers are successfully navigating today’s changing networking & security landscape through the Netskope One platform.

Get the eBook
Customer Visionary Spotlights
Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.

Learn about Netskope Partners
Group of diverse young professionals smiling
Your Network of Tomorrow

Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.

Get the white paper
Your Network of Tomorrow
Introducing the Netskope One Platform

Netskope One is a cloud-native platform that offers converged security and networking services to enable your SASE and zero trust transformation.

Learn about Netskope One
Abstract with blue lighting
Embrace a Secure Access Service Edge (SASE) architecture

Netskope NewEdge is the world’s largest, highest-performing security private cloud and provides customers with unparalleled service coverage, performance and resilience.

Learn about NewEdge
NewEdge
Netskope Cloud Exchange

The Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.

Learn about Cloud Exchange
Netskope video
The platform of the future is Netskope

Intelligent Security Service Edge (SSE), Cloud Access Security Broker (CASB), Cloud Firewall, Next Generation Secure Web Gateway (SWG), and Private Access for ZTNA built natively into a single solution to help every business on its journey to Secure Access Service Edge (SASE) architecture.

Go to Products Overview
Netskope video
Next Gen SASE Branch is hybrid — connected, secured, and automated

Netskope Next Gen SASE Branch converges Context-Aware SASE Fabric, Zero-Trust Hybrid Security, and SkopeAI-powered Cloud Orchestrator into a unified cloud offering, ushering in a fully modernized branch experience for the borderless enterprise.

Learn about Next Gen SASE Branch
People at the open space office
Designing a SASE Architecture For Dummies

Get your complimentary copy of the only guide to SASE design you’ll ever need.

Get the eBook
Make the move to market-leading cloud security services with minimal latency and high reliability.

Learn about NewEdge
Lighted highway through mountainside switchbacks
Safely enable the use of generative AI applications with application access control, real-time user coaching, and best-in-class data protection.

Learn how we secure generative AI use
Safely Enable ChatGPT and Generative AI
Zero trust solutions for SSE and SASE deployments

Learn about Zero Trust
Boat driving through open sea
Netskope achieves FedRAMP High Authorization

Choose Netskope GovCloud to accelerate your agency’s transformation.

Learn about Netskope GovCloud
Netskope GovCloud
  • Resources chevron

    Learn more about how Netskope can help you secure your journey to the cloud.

  • Blog chevron

    Learn how Netskope enables security and networking transformation through security service edge (SSE)

  • Events and Workshops chevron

    Stay ahead of the latest security trends and connect with your peers.

  • Security Defined chevron

    Everything you need to know in our cybersecurity encyclopedia.

Security Visionaries Podcast

The Convergence of CIO & CISO Roles
Join host Max Havey on the latest episode of Security Visionaries as he sits down with guest Jadee Hanson, CISO at Vanta.

Play the podcast
The Convergence of CIO & CISO Roles
Latest Blogs

Read how Netskope can enable the Zero Trust and SASE journey through security service edge (SSE) capabilities.

Read the blog
Sunrise and cloudy sky
SASE Week 2023: Your SASE journey starts now!

Replay sessions from the fourth annual SASE Week.

Explore sessions
SASE Week 2023
What is SASE?

Learn about the future convergence of networking and security tools in today’s cloud dominant business model.

Learn about SASE
  • Company chevron

    We help you stay ahead of cloud, data, and network security challenges.

  • Leadership chevron

    Our leadership team is fiercely committed to doing everything it takes to make our customers successful.

  • Customer Solutions chevron

    We are here for you and with you every step of the way, ensuring your success with Netskope.

  • Training and Certification chevron

    Netskope training will help you become a cloud security expert.

Supporting sustainability through data security

Netskope is proud to participate in Vision 2045: an initiative aimed to raise awareness on private industry’s role in sustainability.

Find out more
Supporting Sustainability Through Data Security
Thinkers, builders, dreamers, innovators. Together, we deliver cutting-edge cloud security solutions to help our customers protect their data and people.

Meet our team
Group of hikers scaling a snowy mountain
Netskope’s talented and experienced Professional Services team provides a prescriptive approach to your successful implementation.

Learn about Professional Services
Netskope Professional Services
Secure your digital transformation journey and make the most of your cloud, web, and private applications with Netskope training.

Learn about Training and Certifications
Group of young professionals working
Post Thumbnail

It’s predictions season once again, and to mark the occasion, host Emily Wearmouth sits down for a conversation with Sherron Burgess, Senior VP and CISO for BCD Travel, and Shamla Naidoo, Head of Cloud Strategy and Innovation at Netskope, to talk about the hot topics they’re seeing for the year to come. Sit back for a rousing conversation about the changing relationship between CISOs and boards, the evolving world of cyber skills, the impending rise of AI regulations, and continuous adaptive zero trust.

The thing that I’m always worried about from an AI standpoint is the implications societally and what that may mean. I’m concerned that society will lose its responsibility to check machines and to really understand what’s real and what isn’t. And so I think that’s the ethos that we have to think about as we go into this new world and the promise of what AI is.

—Sherron Burgess, Senior VP and CISO for BCD Travel
Sherron Burgess, Senior VP and CISO for BCD Travel

 

Timestamps

*(0:01): Introduction*(14:03): Proposed AI regulations will face more scrutiny in 2024
*(1:30): Shamla Naidoo's Prediction: Changing relationship between CISO and the board*(23:28): 2024 will see the realization of continuous adaptive zero trust
*(9:54): Sherron Burgess’s Prediction: The evolving conversation about cyber skills*(28:08): Closing

 

Other ways to listen:

green plus

On this episode

Sherron Burgess
Senior VP and CISO for BCD Travel

chevron

Sherron Burgess

Sherron Burgess currently serves as the Senior Vice President and Chief Information Security Officer of BCD Travel as well as the VP of Strategic Development at Cyversity.

Sherron was instrumental in developing and implementing BCD Travel’s Global Security program, which supported 27.5 Billion in sales across 109 countries. Sherron also championed and supported the implementation of various industry certification efforts, including ISO 27001:2013, TISAX – VDA, SOC 2 Type 2 Compliance, PCI DSS Merchant Compliance, NIST 800-171, and ISO 9001.

In addition to their work in Cybersecurity, Sherron also co-championed and led the implementation and execution of BCD Travel’s Global Diversity & Inclusion program. Sherron also analyzed, strategized, and enabled the implementation of government security requirements to NIST 800-53 to meet government defense contractor requirements.

Sherron has a proven track record of successfully leading complex global initiatives. Sherron has a deep understanding of the ever-changing landscape of Cybersecurity and is constantly looking for ways to innovate and improve upon existing programs. Sherron is a respected leader within the industry and is known for their dedication to their team and their commitment to excellence.

Sherron Burgess has a Master of Science from the Georgia Institute of Technology in International Affairs, a Bachelor of Arts from Siena College in Spanish, and has completed LinkedIn courses in “Confronting Bias: Thriving Across Our Differences,” “Diversity and Inclusion in a Global Enterprise,” and “Body Language for Leaders.”

LinkedIn logo

Shamla Naidoo
Head of Cloud Strategy and Innovation at Netskope

chevron

Shamla Naidoo

Shamla Naidoo is a technology industry veteran with experience helping businesses across diverse sectors and cultures use technology more effectively. She has successfully embraced and led digital strategy in executive leadership roles such as Global CISO, CIO, VP, and Managing Partner, at companies like IBM, Anthem (Wellpoint), Marriott (Starwood), and Northern Trust.

Emily Wearmouth
Director of International Communications and Content at Netskope

chevron

Emily Wearmouth

Emily Wearmouth runs Netskope’s communications across EMEA, LATAM, and APAC. Working across public relations, social media, customer references and content creation, Emily keeps busy unearthing stories and telling them in a way that helps customers and prospects understand what Netskope can do for them.

LinkedIn logo

Sherron Burgess

Sherron Burgess currently serves as the Senior Vice President and Chief Information Security Officer of BCD Travel as well as the VP of Strategic Development at Cyversity.

Sherron was instrumental in developing and implementing BCD Travel’s Global Security program, which supported 27.5 Billion in sales across 109 countries. Sherron also championed and supported the implementation of various industry certification efforts, including ISO 27001:2013, TISAX – VDA, SOC 2 Type 2 Compliance, PCI DSS Merchant Compliance, NIST 800-171, and ISO 9001.

In addition to their work in Cybersecurity, Sherron also co-championed and led the implementation and execution of BCD Travel’s Global Diversity & Inclusion program. Sherron also analyzed, strategized, and enabled the implementation of government security requirements to NIST 800-53 to meet government defense contractor requirements.

Sherron has a proven track record of successfully leading complex global initiatives. Sherron has a deep understanding of the ever-changing landscape of Cybersecurity and is constantly looking for ways to innovate and improve upon existing programs. Sherron is a respected leader within the industry and is known for their dedication to their team and their commitment to excellence.

Sherron Burgess has a Master of Science from the Georgia Institute of Technology in International Affairs, a Bachelor of Arts from Siena College in Spanish, and has completed LinkedIn courses in “Confronting Bias: Thriving Across Our Differences,” “Diversity and Inclusion in a Global Enterprise,” and “Body Language for Leaders.”

LinkedIn logo

Shamla Naidoo

Shamla Naidoo is a technology industry veteran with experience helping businesses across diverse sectors and cultures use technology more effectively. She has successfully embraced and led digital strategy in executive leadership roles such as Global CISO, CIO, VP, and Managing Partner, at companies like IBM, Anthem (Wellpoint), Marriott (Starwood), and Northern Trust.

Emily Wearmouth

Emily Wearmouth runs Netskope’s communications across EMEA, LATAM, and APAC. Working across public relations, social media, customer references and content creation, Emily keeps busy unearthing stories and telling them in a way that helps customers and prospects understand what Netskope can do for them.

LinkedIn logo

Episode transcript

Open for transcript

Emily Wearmouth [00:00:01] Hello and welcome to another edition of the Security Visionaries Podcast. Audio stimulation for anyone in the cyber, data, or related industries. I'm a fill in today because I've been asked to host this conversation for my co-presenter Max who has been struck by a virus. And for clarity, I don't mean malware and Max is not an AI. He is a real boy. And as well as get well soon. I have to say that I'm really pleased that I've nudged my way into this one because today we're pulling out our crystal balls in the annual tradition of making predictions for the year ahead. And I have two guests in the hotseat, both of whom are prepared to go on record and make some predictions for us. First up, we have Shamla Naidoo. They do. Shamla has served as CISO for the likes of Starwood Resorts and IBM, and she's also an adjunct professor of law at the University of Illinois. She serves on multiple public boards, and she's also head of cloud strategy and innovation at Netskope. Welcome. Shamla.

Shamla Naidoo [00:00:54] Thank you, Emily. I'm glad to be here.

Emily Wearmouth [00:00:56] My second guest is Sherron Burgess, also a CSO at a very large organization and also a board member. And Sharon may be familiar to listeners for the work that she does championing diversity in our sector. And in fact, one of her board positions is with Cyversity, a not for profit organization that's dedicated to increasing the presence of underrepresented minorities within the cybersecurity field. Really important work. Welcome, Sherron.

Sherron Brugess [00:01:19] Thank you, Emily. Glad to be here.

Emily Wearmouth [00:01:21] So without further ado, we're going to dive right in. Polish up that crystal ball. Shamla hit us up with a prediction to get us going. What's something we should expect to see in 2024.

Shamla Naidoo [00:01:30] You know, Emily, for many years, CISOs have been reporting into boards. But I think what we're going to see is a change in that relationship. So up to now, CISOs have come into the boardroom mostly, not all the time, but mostly as a subject matter expert. The relationship was largely owned by other executives like the CIO or the chief risk officer or even the general auditor. And so the relationship was owned by those leaders while the subject matter came from the CISO. In more recent months, what we're seeing is, you know, the SEC is just one catalyst. But generally speaking, I think boards are beginning to understand that their role is very different to the CFO role. The CISO is an operational leader on the ground. And so I think what you're going to see is boards are going to lean more on the CISO. They're going to want that relationship because the CISO is the person with the information, the updates, the knowledge and also a good state of health and welfare of the organization as it relates to cybersecurity. So, you know, as I think about it, a related change that we're going to see in the industry is, you know, boards are covered by directors and officers insurance for the work they do in the scope of that role. And what we seeing right now is CISOs are beginning to ask for coverage, insurance coverage and other protections like indemnity for doing their jobs, because we think CISOs come under investigation for the results in their organizations. What I think you're going to see is boards are going to understand that request from the CSO because they have it. And where CISO is not automatically an officer, they're going to want to have some kind of endorsement on their policy to include them for investigations when they're doing their jobs. So I think those two things are going to come together really nicely where the board is going to want that relationship. They also understand the ask from the CISO for insurance coverage and indemnity for doing their jobs, that's what I'm seeing that's imminent with respect to those relationships.

Emily Wearmouth [00:03:44] It sounds Sherron, I'm interested to get your thoughts. It sounds like there's almost a point of tension where CISOs perhaps want more of a relationship directly into the board, but maybe they're being held back at the mine because they're not afforded the same protections that the other board members have in these insurances. Is that something that you've come across or conversations you've had with your peers that it factors in at all?

Sherron Brugess [00:04:05] Yeah, I really think it does. I mean, I think what we're seeing over the past year, year and a half, we've seen CISOs now on the chopping block associated with hacks and and breaches. And so, you know, in a lot of cases, it's not necessarily the negligence of the CISO, it might be the decision making of the board as a whole in terms of the risks that the business is assuming. And so the CISOs need to have, you know, among the community of peers of CISOs, we're talking about how do we do our jobs, how do we advise and consult with our businesses, with our boards, etc., but still also make room for what the business wants to do and maintain our integrity as professionals. And so I think in order to do that, and instead of just trying to trim what we, the guidance that we provide to be able to come to work fully doing our jobs as professionals, there needs to be a little bit more protection. Should in place. So, yeah, I am seeing that. And you know, obviously the situation with Joe Sullivan and seeing what's going on in all cases, just CISOs are on heightened awareness here.

Emily Wearmouth [00:05:13] Are there any big milestones we should look out for that show that we're making progress towards sort of what you're predicting here? Will there be big movements from particular insurance companies? Will there be changes in the regulations for how governments require boards to organize and protect their members? Or is it just something that we're going to see slowly filter in in less tangible ways?

Shamla Naidoo [00:05:33] You know, I think big milestones that we're going to see would be, one, CISOs beginning to ask questions on am I an officer and am I covered by the company's directors and officers insurance and other kinds of protections? Well, if you're not an officer, you're going to find out. And if you are an officer, you're also going to find out that you have coverage for doing your job. As soon as you step outside of the boundaries of your job, then you're likely to get into trouble because coverage won't protect you for doing things that are less than legal or things that are outside of the scope of your duties. So what you're going to find is CISOs are going to ask, am I an officer? They also are going to ask questions like, what is the scope of my decision making authority? And if it's not in my decision making authority and somebody else needs to make the decision because I don't get coverage for decisions that I make that are outside of the scope of my duties. And so I think you're going to see a lot more clarity on CISOs, their roles, their decision rights. And then you're going to get a little more clarity on what is covered, what's in, what's out, which insurance carriers exclude the investigation of the CSO, and they just cover the cybersecurity breach and the forensics and the response. And so I think you're going to see shifts in company executives in how they approach this. You're going to see a shift in the industry, especially in the insurance industry, creating clarity for what is in and what's out. And I think CISOs are just going to be the beneficiary of these shifts. And so the milestones are going to be do are CISOs, you know, do they feel like they're properly supported? And they do they feel like their mental health is being taken care of because they have this clarity, they have the protection and they have the opportunity and the space to do their jobs and do a really good job. Versus today, what you're seeing is there's a lot of anxiety. There's a there's a healthy dose of stress in the organization because so much of this is unknown.

Sherron Brugess [00:07:45] And maybe can I add to that? Because, you know, it's like mental health. It's funny. When we talk about mental health for a CISO, it's like, that doesn't exist, right, when you have that question. Yeah, I always get these fun questions from vendors like what's keeping you up at night? It's like everything keeps me up because there's so much going on. You know, I think what's happening here also in the space around some of the milestones. Yes, I think the the officers insurance and being named as an officer and being covered under that. But I think other nuances may include making sure that you have the right to your own legal representation. So in a lot of cases where you have officers related insurance, it's well, as long as you're going to, you know, kind of toe the line with your company, that will cover you. And so I think that those kind of additional nuances will be important. I also think you'll start seeing more contracts and more contracts with, you know, kind of employment contracts, are these things being explicitly outlined in contract? It's one thing to be named in the insurance, but I think the other part is, you know, as practitioners requesting copies of that insurance and having that explicitly written in your employment contract is super important as well. I also like how you mentioned that decision making authority. I think that's super important. You know, if this is outside of my decision making authority, then, you know, I'm not covered here, so I'm not going to to make that decision