Netskope debuts as a Leader in the 2024 Gartner® Magic Quadrant™️ for Single-Vendor Secure Access Service Edge Get the report

close
close
  • Why Netskope chevron

    Changing the way networking and security work together.

  • Our Customers chevron

    Netskope serves more than 3,400 customers worldwide including more than 30 of the Fortune 100

  • Our Partners chevron

    We partner with security leaders to help you secure your journey to the cloud.

A Leader in SSE.
Now a Leader in Single-Vendor SASE.

Learn why Netskope debuted as a leader in the 2024 Gartner® Magic Quadrant™️ for Single-Vendor Secure Access Service Edge

Get the report
Customer Visionary Spotlights

Read how innovative customers are successfully navigating today’s changing networking & security landscape through the Netskope One platform.

Get the eBook
Customer Visionary Spotlights
Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.

Learn about Netskope Partners
Group of diverse young professionals smiling
Your Network of Tomorrow

Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.

Get the white paper
Your Network of Tomorrow
Introducing the Netskope One Platform

Netskope One is a cloud-native platform that offers converged security and networking services to enable your SASE and zero trust transformation.

Learn about Netskope One
Abstract with blue lighting
Embrace a Secure Access Service Edge (SASE) architecture

Netskope NewEdge is the world’s largest, highest-performing security private cloud and provides customers with unparalleled service coverage, performance and resilience.

Learn about NewEdge
NewEdge
Netskope Cloud Exchange

The Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.

Learn about Cloud Exchange
Aerial view of a city
The platform of the future is Netskope

Intelligent Security Service Edge (SSE), Cloud Access Security Broker (CASB), Cloud Firewall, Next Generation Secure Web Gateway (SWG), and Private Access for ZTNA built natively into a single solution to help every business on its journey to Secure Access Service Edge (SASE) architecture.

Go to Products Overview
Netskope video
Next Gen SASE Branch is hybrid — connected, secured, and automated

Netskope Next Gen SASE Branch converges Context-Aware SASE Fabric, Zero-Trust Hybrid Security, and SkopeAI-powered Cloud Orchestrator into a unified cloud offering, ushering in a fully modernized branch experience for the borderless enterprise.

Learn about Next Gen SASE Branch
People at the open space office
Designing a SASE Architecture For Dummies

Get your complimentary copy of the only guide to SASE design you’ll ever need.

Get the eBook
Make the move to market-leading cloud security services with minimal latency and high reliability.

Learn about NewEdge
Lighted highway through mountainside switchbacks
Safely enable the use of generative AI applications with application access control, real-time user coaching, and best-in-class data protection.

Learn how we secure generative AI use
Safely Enable ChatGPT and Generative AI
Zero trust solutions for SSE and SASE deployments

Learn about Zero Trust
Boat driving through open sea
Netskope achieves FedRAMP High Authorization

Choose Netskope GovCloud to accelerate your agency’s transformation.

Learn about Netskope GovCloud
Netskope GovCloud
  • Resources chevron

    Learn more about how Netskope can help you secure your journey to the cloud.

  • Blog chevron

    Learn how Netskope enables security and networking transformation through secure access service edge (SASE)

  • Events and Workshops chevron

    Stay ahead of the latest security trends and connect with your peers.

  • Security Defined chevron

    Everything you need to know in our cybersecurity encyclopedia.

Security Visionaries Podcast

Data Lakes, Security, & Innovation
Max Havey sits down with guest Troy Wilkinson, CISO at Interpublic Group (IPG), for a deep dive into the world of data lakes.

Play the podcast Browse all podcasts
Data Lakes, Security, & Innovation
Latest Blogs

Read how Netskope can enable the Zero Trust and SASE journey through secure access service edge (SASE) capabilities.

Read the blog
Sunrise and cloudy sky
SASE Week 2024

Learn how to navigate the latest advancements in SASE and Zero Trust and explore how these frameworks are adapting to address cybersecurity and infrastructure challenges

Explore sessions
SASE Week 2024
What is SASE?

Learn about the future convergence of networking and security tools in today’s cloud dominant business model.

Learn about SASE
  • Company chevron

    We help you stay ahead of cloud, data, and network security challenges.

  • Customer Solutions chevron

    We are here for you and with you every step of the way, ensuring your success with Netskope.

  • Training and Accreditations chevron

    Netskope training will help you become a cloud security expert.

Supporting sustainability through data security

Netskope is proud to participate in Vision 2045: an initiative aimed to raise awareness on private industry’s role in sustainability.

Find out more
Supporting Sustainability Through Data Security
Netskope’s talented and experienced Professional Services team provides a prescriptive approach to your successful implementation.

Learn about Professional Services
Netskope Professional Services
Secure your digital transformation journey and make the most of your cloud, web, and private applications with Netskope training.

Learn about Training and Certifications
Group of young professionals working
Post Thumbnail

This episode features an interview with Dan Lohrmann, Field CISO of Presidio, a global digital services and solutions provider accelerating business transformation through secured technology modernization. Dan has more than 30 years of experience in the computer industry and is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.

On this episode, Dan covers why every security leader needs to check out his new book, the biggest vulnerability that the government potentially isn’t aware of, and his top advice for a 1st-time CISO.

Just like a fire team would practice putting out fires, you don’t want somebody’s first time they ever put on the suit to come to your house when your house is burning down. You want them to know what they’re doing and know where to go and what to do and how to do it based on different situations.

—Dan Lohrmann, Field CISO of Presidio

 

Timestamps

*(2:54) - Dan’s first job in security
*(4:42) - Dan’s current role as Field CISO of Presidio
*(5:44) - Dan’s perspective on the changing speed
of the government
*(7:19) - The biggest vulnerability that the government
potentially isn’t aware of

*(11:43) - Segment: The Deep Dive
*(25:44) - Dan’s predictions for the future
*(30:12) - Dan’s favorite security domain
*(34:16) - Top advice for a 1st time CISO
*(37:01) - If Dan could go back in time what he’d do differently

 

Other ways to listen:

green plus

On this episode

Dan Lohrmann
Field CISO of Presidio

chevron

Dan Lohrmann

Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader. Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 – August 2014, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan. He works with cybersecurity technology companies to provide insights and long-term strategic support. Dan is a Senior Fellow with the Center for Digital Government and a contributor to Government Technology magazine. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and non-profit institutions. Dan has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a U.S./UK military facility. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington D.C. to Moscow. Lohrmann is the co-author of Cyber Mayday and the Day After: A Leader’s Guide to Preparing, Managing, and Recovering from Inevitable Business Disruptions, published by Wiley in November, 2021. He is also the author of two earlier booksL: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD For You: The Guide to Bring Your Own Device to Work. Lohrmann holds a Master’s Degree in Computer Science (CS) from Johns Hopkins University in Baltimore, Maryland, and a Bachelor’s Degree in CS from Valparaiso University in Indiana.

Connect with Dan on LinkedIn

Follow Dan on Twitter

Check out Dan’s new book!

Jason Clark
Chief Strategy and Marketing Officer at Netskope

chevron

Jason Clark

Jason brings decades of experience building and executing successful strategic security programs to Netskope.

He was previously the chief security and strategy officer for Optiv, developing a comprehensive suite of solutions to help CXO executives enhance their security strategies and accelerate alignment of those strategies with the business. Prior to Optiv, Clark held a leadership role at Websense, where he was a driving force behind the company’s transformation into a provider of critical technology for chief information security officers (CISOs). In a prior role as CISO and vice president of infrastructure for Emerson Electric, Clark significantly decreased the company’s risk by developing and executing a successful security program for 140,000 employees across 1,500 locations. He was previously CISO for The New York Times, and has held security leadership and technical roles at EverBank, BB&T and the U.S. Army.

Dan Lohrmann

Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader. Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 – August 2014, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan. He works with cybersecurity technology companies to provide insights and long-term strategic support. Dan is a Senior Fellow with the Center for Digital Government and a contributor to Government Technology magazine. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and non-profit institutions. Dan has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a U.S./UK military facility. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington D.C. to Moscow. Lohrmann is the co-author of Cyber Mayday and the Day After: A Leader’s Guide to Preparing, Managing, and Recovering from Inevitable Business Disruptions, published by Wiley in November, 2021. He is also the author of two earlier booksL: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD For You: The Guide to Bring Your Own Device to Work. Lohrmann holds a Master’s Degree in Computer Science (CS) from Johns Hopkins University in Baltimore, Maryland, and a Bachelor’s Degree in CS from Valparaiso University in Indiana.

Connect with Dan on LinkedIn

Follow Dan on Twitter

Check out Dan’s new book!

Jason Clark

Jason brings decades of experience building and executing successful strategic security programs to Netskope.

He was previously the chief security and strategy officer for Optiv, developing a comprehensive suite of solutions to help CXO executives enhance their security strategies and accelerate alignment of those strategies with the business. Prior to Optiv, Clark held a leadership role at Websense, where he was a driving force behind the company’s transformation into a provider of critical technology for chief information security officers (CISOs). In a prior role as CISO and vice president of infrastructure for Emerson Electric, Clark significantly decreased the company’s risk by developing and executing a successful security program for 140,000 employees across 1,500 locations. He was previously CISO for The New York Times, and has held security leadership and technical roles at EverBank, BB&T and the U.S. Army.

Episode transcript

Open for transcript

Dan Lohrmann: I mean, it's always about the communication and how you communicate. Who's going to talk to who? When? What do you do first? In what order? How do you do it? Are you prepared? How do your playbooks work out? You bring to those exercises, those tabletops, those full scale exercises, your playbooks to really almost practice makes perfect, right?

Dan Lohrmann: And so, just like a fire team would practice putting out fires, you don't want somebody first time they ever put on the suit to come to your house when your house is burning down, you want them to know what they're doing and know where to go, and what to do, and how to do it based on different situations.

Speaker 2: Hello, and welcome to Security Visionaries hosted by Jason Clark, CSO at Netskope. You just heard from today's guest, Dan Lohrmann, field chief information security officer of Presidio.

Speaker 2: The idea of being ready for anything doesn't happen magically overnight, it takes practice, repetition, and diligence. And bad actors will always be there, with new ways to test just how prepared you are. As security leaders, it's our job to be ready for even the most unexpected challenges. Just as a firefighter wouldn't run into a burning building without proper preparation, security leaders need to view digital fires in much the same way. Putting yourself in the mind of the hacker takes training and role playing, aim to be multiple steps ahead at all times, because no company wants to be caught in their first fire without ever having tried on the suit. So before we dive into Dan's interview, here's a brief word from our sponsor.

Speaker 3: The Security Visionaries podcast is powered by the team at Netskope. Netskope is the SASE leader, offering everything you need to provide a fast data centric and cloud smart user experience at the speed of business today, learn more at netskope.com.

Speaker 2: Without further ado, please enjoy episode of six Security Visionaries with Dan Lohrmann, field chief information security officer of Presidio, and your host, Jason Clark.

Jason Clark: Welcome to Security Visionaries. I am your host, Jason Clark, chief strategy and security officer at Netskope. Today I'm joined by a very special guest, Dan Lohrmann. Dan, how are you?

Dan Lohrmann: I'm doing wonderful. Thanks, Jason.

Jason Clark: I think you and I we've probably known each other for about 15 years.

Dan Lohrmann: Exactly. I remember first meeting you back in Websense days. And back when I was Michigan chief information security officer, and you were a great customer focused executive back then, I know you are still today, so it's great to be on with you.

Jason Clark: That's one thing I love about doing all these podcasts, it's just kind of reconnecting with everybody. And especially during the crazy times of the pandemic. And so, we're going to start with kind of, what was your first job in cybersecurity, Dan?

Dan Lohrmann: So I went out of college with the Valparaiso University, got a degree in computer science and started at the National Security Agency. The old cliche we use is, if I tell you what I did, I'd have to kill you. But I was in computer networks and this is on call unclassified, but my first job back in the late '80s was really working with a variety of different vendors, interoperability.

Dan Lohrmann: So back in those days it wasn't all TCP/IP or IP version four, IP version six and all the mumbo jumbo. But it was like S&A, and we had DECnet, and we had all those different. So basically, getting networks to each other from IBM to DEC, to digital, to Sun SPARCstations and all those kinds of things. And I was running that lab. And were deploying networks all over the world really before there was an internet, which was pretty cool.

Jason Clark: That sounds a lot like my job when I kind of started in the army. It was just all about getting networks to talk. It was a heavy banian tree. And then we were kind of converting to NT 4.O and active directory. And it was a lot of fun. It's so different when you're managing the tech from being a CSO. There's days you probably miss it, I'm sure. You tell it what to do and it doesn't.

Dan Lohrmann: I agree. And a hands on piece, I missed that. But we went to England after that, I won't tell the whole story there, but just how all hands on networks and some crazy stories about how we almost brought down a satellite. And that was pretty scary stuff, but it was all good. And I love of the hands on stuff as well, I do miss some of that.

Jason Clark: I saw the news on the new role at Presidio. So, I'd definitely love to hear about that.

Dan Lohrmann: Yeah. Thanks. I'm the field chief information security officer really focusing on public sector. So, as you know, I've done a lot of different roles in CSO roles in Michigan government, and CTO in Michigan government. Last six, seven years I was with Security Mentor as a chief security officer.

Dan Lohrmann: So this role really Presidio partners with Netskope and a variety of other companies providing really guidance to C-suite mainly focused on SLED, state, local, government education, but I had some work with other governments as well. And really just hearing what their issues are, and providing solutions, working with partners to provide an end to end solution to their cyber needs.

Dan Lohrmann: And so, I'm really excited. I'm drinking from a fire hose right now. I've only been here for about five weeks, but just loving the job, loving the people, and learning a lot already. So, yeah. It's pretty cool.

Jason Clark: So governments, especially SLED has historically always been known as kind of moving a lot slower in adopting tech and transformation. What does that look like right now? How is that changing, especially with kind of some of the new executive orders around cybersecurity, just in general, I'd just love to get your perspective.

Dan Lohrmann: Yeah. I mean, just like everyone else they're getting, first of all, the threat landscape is just going crazy. So, just getting hit hard with ransomware and other things like that, and cyber attacks. And it is exciting, the good news. I mean, we don't get a lot of good news in cyber. But the good news is we just got the new dedicated cyber grants to state and local governments, it was a billion dollars over five years. I think that's really going to help a lot of state and local governments.

Dan Lohrmann: Honestly right now, what the biggest issue killing it's this bleeding state and local government, they can't keep people talent. And that's where they cross the board. We're seeing that in the private sector as well. But I'm hearing CSO say, "Dan, we just can't."

Dan Lohrmann: I mean, one team I know, big state lost half their people on the cyber team since the beginning of this year. So that's just a huge challenge. I think they're getting it, they're to really understand because with the Colonial Pipeline, all the different things have been happening this year, it's so front and center and the digital transformation that we've seen during COVID has just been so huge.

Dan Lohrmann: So, the need is there, the move to work from home is there, all of that is there, it's still just a really, really difficult challenge at the moment.

Jason Clark: So when we talk about the billion dollars, right? When you look at SLED and just the federal government in general, what do you think the biggest vulnerability that they have that they're not aware of right now? It's a kind of two part question, either they're not aware of, or where should they be putting the most of those dollars?

Dan Lohrmann: I think visibility. The old cliche we used to say at NSA all the time, you don't know what you don't know. And so, knowing there's been a huge move to the cloud, which has been great, and everything's going to the cloud now.

Dan Lohrmann: I mean, the resistance to the cloud is just not anything like it was a decade ago. I mean, everything's going to the cloud and that's great. It's just, I think the challenges are not knowing where all their data is. So the visibility in the data, not knowing all the different kind of end to end pieces of that journey. And I think people want to do zero trust. They want to do SASE. They want to do that. And I can say, I think the challenges they're facing at the moment are around the people side of it. It's always people processing technology. It is it's always that.

Dan Lohrmann: But as you know very well for what you do, just saying, "We're going to stick it in the cloud and we're going to give it over to Microsoft. We're going to give it over to AWS." Doesn't solve the problem. It's like, I hear that a lot. Well, I know AWS or Microsoft, and these are good companies. I'm not knocking anybody. I'm just saying. They think, well, they're bigger and they're more powerful so they can do it better than us, and maybe they can, but you really got to think about the configurations. You really got to think end to end. You really got to think about the whole, the end points and of course, identity management, the whole end to end piece. And I think that's really where the challenges are. And some are doing it well, there's always kind of leaders, followers and laggards. There's three groups. There's some people doing really well, and there's some people that are really struggling.

Jason Clark: Yeah. I mean, like you just said, you just talked about the big companies as we're going cloud. There is this weird, like sometimes you get the CIO is what I call. Well, we just assume they got the security, right? Versus, no, you're the one responsible for your data. They don't take responsibility for your data security, as an example for your configurations.

Jason Clark: And I think there's so more awareness that needs to be driven around that. So hopefully a lot of the, like you said, it's visibility. It's getting the full visibility, especially as things move to the cloud.

Jason Clark: How much of the effort is focused on the people though? Of that billion dollars, is anything directed towards, well, let's pay people more, or let's help you outsource more? I mean, like you said, it's the number one problem. So, how is the billion dollars going towards that?

Dan Lohrmann: Well, and I think the guidance is coming. The one thing what the law says, the act that was signed by the president says is you have to have a plan. Which is good. A lot of people don't have plans. And so, it's not clear is that going to be every state has to have a plan and then municipals can feed up into the state plan, or does every city, every county, every township have to have their own plan. That's still not clear yet from DHS and CSA, that's still coming down.

Dan Lohrmann: I think it is going to be based on outcomes. And I think part of it is going to be divvied out by population, and there's going to be lists of things you can spend the money on, and things that are eligible and things that aren't. And there's going to be a competitive pieces of this to say, "Okay, the state that has