Securing the Foundation: Cyber Strategy in the Age of Smart Infrastructure with Global CISO Anand Singh

Transcript

Anand Singh:

Don’t think of cybersecurity as a something that is kind of a meat grinder. I think of cybersecurity as, like, someone who has an active mind and an active imagination to feed their curiosity and constantly drive change. Right?

Phillip Wylie:

Hello. Welcome to another episode of the Phosphorus IoT Security Podcast. I’m your new host, Phillip Wylie. I just recently joined Phosphorus. I’m an experienced podcaster and so I’ll be one of the new hosts of the IoT, security podcast as well as our livestream, Phosphorus Live. And today, I’m joined going by one of our leaders and CISOs from our North Texas community, Anand Singh. So Anand is part of the CISO XC, conference and, community there. He’s on their board there and, doing a lot of cool things, has a really cool background, and I’m gonna let him share that.

Phillip Wylie:

So welcome, Anand.

Anand Singh:

Thank you, Phillip. Hello, everyone. My name is Anand Singh. I’ve been a very long time CISO, as you can tell probably from the state of hair on my head. Most recently, I’m with Symmetry Systems. I’m their global chief security and strategy officer. But prior to that, I spent seven years, as the global Cisco for company called Alchemy Technology, which is one of the pioneering startups in Dallas area. They do digital banking.

Anand Singh:

My career includes Fortune 10 companies like UnitedHealth Group and, Fortune 50 companies like Target Corporation. Phillip, thank you for having me, and I’m excited to be here. Yeah.

Phillip Wylie:

It’s an honor to have you. It’s, great to finally sit down and talk with you. We really hadn’t had much a chance to speak in the past. Always run into each other at CSO XC and other, community events in the Dallas Fort Worth area. We’re really blessed to have so many options. We’ve got one of the best cybersecurity communities in the country. People may not know that, but show up. I mean, we’ve got, really strong ethical hacking community with Dallas Hackers Association, a local Defcon group.

Phillip Wylie:

And then CISO XC come along and there’s a really strong CISO community there. So it’s really great to see, what those three gentlemen and everyone associated with it has done. They’ve done amazing things and it’s great to see that they’re spreading to Austin.

Anand Singh:

Absolutely. I have had the fortune of being associated with Syslexi from the very beginning. It has been almost four, five years at this point. And one of the things that Syslexi does really well is they contribute a ton to various charities, which has kind of, created a stronger sense of community. But in addition to that, you’ve, we have ISA as well, which is of of the strongest chapters in the country. And, I actually went to one of their events, and I was surprised to see there were close to, like, maybe a thousand people, in the area in in their kind of the Star Wars movie event. So yeah. Yeah.

Phillip Wylie:

It’s kind of amazing. It it and and I yeah. It’s kind of bad that I forgot to mention them because they’re like the biggest ISSA chapter in the world. And so they they put on a good, conference each year as well as the monthly meetups, and they they’re also doing happy hours. So a great place to to network. One of the things I always tell college students I’m mentoring is, you know, you go to the the OWASP meetings, the Dallas Hackers, and DC Two One Four, you know, like some of the cloud meetups to learn, and then you go to the North Texas ISSA to network with people and and to find jobs. So it’s kind of interesting. One of the things I guess you mentioned is you’re also, you’ve done some work as a professor as well?

Anand Singh:

Yes. Absolutely. So, over the years, this has been a very strong desire in me to share the experiences and, with up and coming students. So I was actually a professor at Mitchell Hamline School of Law for probably be close to four years. And, it was a very interesting, opportunity because I was talking to lawyers who are up and coming, and many of those lawyers are trying to, trying their hands at cybersecurity practice. So I was teaching them incident management and response, and some of the, niceties associated with that so that, they can be better prepared for the cybersecurity, type of legal issues and events. And so, I did that for several years. I’ve done hardcore teaching as well with Saint Thomas University.

Anand Singh:

So I was teaching object oriented analysis and design and software engineering. And most recently, I’ve also been associated with IANs, and I’m on the, faculty of IANs. So I get a chance to understand the problems faced by various companies throughout the country and throughout the world and kind of give them some advice on how they can, tackle those issues.

Phillip Wylie:

Very good. So where where did you kind of get your start before you got into management? And as a CISO, kind of what was your specialty? What area did you start out in?

Anand Singh:

Very interesting question. Because, when I started, I I started actually with pre research. Right? So growing up, like, you as early as, like, fifth or sixth grade, I heard about supercomputers and all the amazing things that supercomputers can do. Right? So I wanted to that got me excited about technology, and I wanted to work, in supercomputers. So when I graduated with my masters from Purdue, the first thing that I did was I joined Pay Research, and I was writing code for their compilers. Think about this. Right? I mean, writing c or c plus plus is hard, but if you are creating the compilers for c and c plus plus, the parsers and all that. Right? That is probably one of the hardest things that can be done in the technology space.

Anand Singh:

And so I was writing the compilers for, the crazed supercomputers. Really, really enjoyed it. I also got a chance to work on some pretty cool things like how weather data prediction happens, how, nuclear bomb simulation. Right? Because the original way to understand how nuclear bombs would detonate is to actually detonate if detonate one. Right? They used to detonate one in the Pacific Ocean by New Zealand. Right? But a lot of that can be simulated actually, via supercomputers, so you don’t need to explore a real one, which is good for environment, good for, I guess, also not wasting an actual, ammunition. Right? So, that was kind of my start in, in the technology space. But over time, I gradually migrated to cybersecurity because one of the things that I really like about this space is the fact that it’s not static.

Anand Singh:

You don’t one and done. Right? You cannot do that. Because the threats change, the attackers change, the technology changes. Now AI is everywhere. So the amount of change that this space is six years is phenomenal. And so it’s a great, I for for a curious mind like myself, this is the perfect profession. And, I started as a practitioner, and then over time, like, at Target was the first time when I migrated to being a manager of their.comsecurity. And then, at UnitedHealth Group, I led security for Optum Insight, which is one of their largest services divisions.

Phillip Wylie:

Oh, very cool. I’m familiar with Optum. That’s where I have my health care savings account through.

Anand Singh:

Amazing. Yeah.

Phillip Wylie:

Yeah. Pretty cool. That’s a that’s a really awesome background, especially starting out in the supercomputing. So you’re kind of exposed to some of the things that really have come to the forefront now. So some of the big concerns now is quantum computing and then with AI. So a lot of the things that you touched on back then was kind of a glimpse into the future and what’s now our reality. So what are your thoughts on on AI? Because I’ve noticed you really kind of gotten involved in that area. You seem to do a lot of studying and speaking about that.

Anand Singh:

Absolutely. I think this is so I I wanna take a step back and talk briefly about how the world is changing. Right? So if you think about this, Phillip, when we were younger, right, it looked like a US still young app and upon the older side.

Phillip Wylie:

Yeah. I’m kinda older than you probably think.

Anand Singh:

So so as you think about this, like, when we Internet first came out and take, like, ten to fifteen years for it to be mass adoption. Right? Ecommerce came out, like, five, six years to be mass adoption. But if you think about AI in such a short amount of time, it has just become per visit. Everyone is using AI in some way, shape, or form. Right? I I mean, think about the model context protocol. In just like, four, five months, everyone is using MCP at this point of time. Right? The larger point being that is massive amount of innovation happening in much more compressed time frame. So I’d call that innovation compression.

Anand Singh:

So, that’s what caught me excited about kind of AI, and I’ve been at the, kind of the leading edge of it from the very beginning. I’ve been a big proponent of it from the very beginning. And what I enjoy about it is, like, number one, the tech is very deep. You truly have to understand the tech to be able to make meaningful decisions. Number two, it is like a fundamental rewiring of society. Right? Meaning that, it is an opportunity for us to raise our game and be at a higher plane because mundanity can be, delegated to the AI. Right? So I think that’s the other reason. The way I think about the AI space, Phillip is can I I pipe pipe the way I, kind of tackle the bigger problems is, like, try to pass it out into multiple categories? Right? So the way I the the categories that I see in AI are, number one, AI for security.

Anand Singh:

Right? How can security, cooling, security technologies benefit from AI? Then you can flip it and say security for AI. How can you secure AI adoption by business units inside of the organization. Right? The third category would be the, RLHF. Right? Reinforced learning to human feedback. Right? Because, the there have been many studies that indicate that AI just based on data is starts to fray after some time and the quality of output decreases. Right? So there is human intervention, through learning and feedback actually improves quality of AI and keeps it real. Right? And then the fourth and final category that I’m really interested in is how attackers are using AI and, how they’re, they’re kind of, like, hardwiring their attacks using AI to make it easier and more potent. Right? So those are the four categories that I, see, AI in.

Anand Singh:

I’ve I’ve been kind of writing a ton on these four categories over over last, like, couple of years.

Phillip Wylie:

Yeah. That’s that’s very interesting. It’s cool to see all the automation. I was working for a company for a while. They had an automated pen testing solution, and I have, like, over a decade experience as a pen tester. And it really amazed me how much they could automate pen testing. And so many other companies are doing that. I’ve, learned of a company recently that they’re actually on HackerOne’s top 10 Yeah.

Phillip Wylie:

Their product. And it’s it’s web app. And that’s one of the areas some of the other automation wasn’t able to really automate well, but now they’re figuring that out. It’s just amazing. The nice thing is with these tools to be able to scale what we’re doing. But a lot of times people people focus so much on the offensive security side, the hacking piece, but I’m really excited to see what happens on the defensive side. Yeah. What happens when you can get this data in more real time, see your firewalls bring this data in.

Phillip Wylie:

There’s some new kind of attack out there and be able to change the firewall rules, I’m quickly to prevent that. Yeah.

Anand Singh:

Yeah. Yeah. Yeah. I’m really excited about it. I think there is, like, I hit that’s a good segue into another topic that I’ve been thinking about, which is, like, dynamic configuration changes in the event of, like, what is being observed, at the perimeter and inside the company. Right? I think that’s a very interesting space. I think you guys are doing some of that with, the IoT devices and what you can do for the upkeep and management and maintenance and visibility into the IoT footprint of the, of an organization. Right? So I’m I’m kind of really excited about, you know, what Phosphorus is doing.

Anand Singh:

And, I think there is a there is a, with the bright blending of AI and some of the technology associated with that, I think there’s an opportunity to significantly optimize and, reduce the complexity that because IoT is one of the most complex things that we were discussing before. Right? Yes. To be able to use AI and kind of simplify that space and, empower organizations to manage their IoT footprint. I think there is there is probably a significant amount of possibility in that space.

Phillip Wylie:

So based on your experience as a CSO and and over the years, why do you think that IoT and OT has been overlooked so much?

Anand Singh:

I I think it has been overlooked because, it has been banished by organizations, kind of outside of what security has been traditionally responsible for. Right? So think about this. Right? I mean, who manages badge leaders in most company? It could be, like, all the way from HR organization to, someone in the help desk to someone in the, IT organization. So very, very fragmented. Think about, like, datas, like, your data rooms and, the sensors in the data rooms, etcetera. Right? I mean, many times, like, they are just left there to be, like, of set once and then no one even cares about it. Cameras, set once and no one even but many times, like, cameras have stopped working and no one even knows. Right? Some of these are, like, forgotten, IoT devices.

Anand Singh:

So not getting care and feeding an upkeep. So I think, like, without realizing, many organizations have just, not put a significant amount of discipline on that. But given that, like, if if you if you look go back and look at perhaps the first major IoT attack, Phillip. I mean, it was, like, target and how the heating and cooling vendors access was exploited to perpetrate one of the marquee attacks in our industry. Right? So this is my call to my call out to listeners here to to kind of just think of but, like, if your IoT devices are connected to the Internet, they can be a gateway to your information and infrastructure. So, but, like, something to think about as you think about your strategies.

Phillip Wylie:

Yeah. It’s something worth worth mentioning. Something that is recent was that Acura ransomware Yeah. Where that ransomware game couldn’t gain a foothold in the environment. So they exploited a camera. They’re able to attach to the camera and do an SMB share. So internally, the devices trusted it because it probably thinks the cameras are not a risk. And the ransomware gang was able to do like an SMB share Yeah.

Phillip Wylie:

And then deploy the ransomware there because this is like a trust device or either an ignored device.

Anand Singh:

Yeah.

Phillip Wylie:

In a lot of cases, you also see an organizations where people don’t think about the printers.

Anand Singh:

Yeah.

Phillip Wylie:

As a pen tester, we go in and we test printers because sometimes you can get credentials from Us printers. A lot of cases, firmware is not updated. They’re using default credentials. So this is kind of a easy way for threat actors to get in. Yeah. And it’s kind of things are changing now where it’s so hard because these endpoint detection systems are so difficult to get access to workstations and servers. So I have to look for alternate solutions.

Anand Singh:

Yeah. I’ll share a couple of things in response to that, Phillip. Like, the first thing I wanna say here is that I don’t think any AI is ever gonna replace you, Phillip, because you think like a pen tester and the amount of creativity that requires to, to be a pen tester. Like, you you can do the mundane and the easy, but the sophisticated, I think, all will always require a human life.

Phillip Wylie:

So That’s good for all practitioners out there. That’s Yeah. One of my favorite quotes is you won’t be replaced by AI. You’ll be replaced by someone that uses AI. Exactly. It’s just amazing how it can scale you to do so much more. Yeah. Even thinking on the pen testing realm.

Phillip Wylie:

At one time, we did have vulnerability scanners. Just actually I’m old, but that was before I got into it. But it was all manual, and they added vulnerability scanners. Who would think about doing pen test without vulnerability scanners when you have a lot of scope to test. So

Anand Singh:

I think that that goes to kind of what I was saying earlier. Right? I mean, the opportunity that AI brings to people like us is it it allows us to raise our level and not get bogged down by the mundane of the day to day. Right? Using AI and testing, you can kind of knock off the, like, what are the access pathways, etcetera. But to conduct the actual exploit in a sophisticated way, it will probably require some kind of human intervention or some human thinking to kind of plan that in. Right? Which also goes to the, RLHF. You could continue to make, AI smarter through RLHF. But what I I wanted to share you mentioned printers. I wanted to share an interesting anecdote about that.

Anand Singh:

For one of my previous companies, I was talking to a prospect at that point of time. It had been actually banned by one of the largest, credential stuffing prevention services in the cup in the country. So and they were not sure why. It turned out that their printers were using default ID and password. They had been taken over by threat actors, and they were using that to perpetrate credentials stopping attacks. And, because the external facing IP was kind of a single IP address, their entire organization was banned by this credentials, nothing prevention service, and they had no idea why. So we actually investigated it and figured how they do exactly what was happening there. Which just goes to show.

Anand Singh:

Right? I mean, you cannot overlook this critical discipline. You have to think of you have to merge kind of how you are managing your cloud infrastructure and your on prem infrastructure servers, virtual servers, and all these. Right? You have to blend, your IoT into that mix so that you have a comprehensive framework for security. You cannot if you are not managing your IoT, all you are doing is, like, probably more than half of your assets are unmanaged at that point.

Phillip Wylie:

So do you have any advice for people to to better manage and secure those devices?

Anand Singh:

Yeah. My advice is, like, I I think you you kind of want, the solutioning that converges, the two. I mean, there’s, like, you have to think about your infrastructure as kind of one and the same inputting IoT devices, and you have to make sure that it is, like, you have all the visibility into it. You have asset management associated with the inventory of all devices including IoT devices, patching and firmware. One of the things that we discussed earlier was the default password. Right? I mean, so many even router like, not just, like, the kind of infrastructure that we are discussing. Even the routers, like, some of the switches, many of them have never seen a different password than a default password had they came with. Right? I bet I bet when you when you start your, like, pen testing activities, that’s one of the things that you test out.

Anand Singh:

Are they using Yeah. Before before credentials or not. Right?

Phillip Wylie:

So

Anand Singh:

Yeah. Because this is a

Phillip Wylie:

pen tester and and then threat actors alike, they have dictionaries or or these files with all these default credentials that they download from, like, breaches and then just some and then there’s, like, list. You can go out there and find list the default credentials for different devices. Absolutely. Absolutely.

Anand Singh:

I do wanna take an angle on on your on the conversation, Phillip, which is about you mentioned earlier. Right? I mean, how IoT devices have been exploited to get access to as many shares and data inside of the enterprise. Right? But to me, kind of, that’s the other piece of the puzzle that organizations need to manage really well. The data security knowing where all of your data resides. Believe it or not. Right? Many organizations are like people understand this level of data, but no one understands the comprehensively how the data is structured in the entire organization. Now CDOs, chief data officers, and data organizations are coming together, but they are struggling with how to kind of put everything together. And it’s also gonna be important for AI to understand where data is at because you are training this data to train you using you this data to train your AI models.

Anand Singh:

Right? And, I don’t know if you saw that study from Stanford, but they said that by 2028, most organizations will run out of training data. It’s not that they are running out of training data. It’s just that people are using their slivers of data rather than understanding, like, there’s a lot more data that resides with the enterprise. They just don’t know where it is. Right? So I think, coming back full circle here, it’s so crucial to understand the data footprint of your entire organization and use, and enable your AI teams and data teams to use that for the right purpose.

Phillip Wylie:

Yeah. It makes sense because if just like humans, these AI solutions and computing solutions try to imitate do what we do faster. And it’s just like humans, if you don’t tell someone else, they don’t know where everything’s at. Yeah. If you don’t communicate, then same thing with the these solutions. They’re not gonna be able to find out know where all this data’s at and how it intermingles.

Anand Singh:

Yeah. Exactly. Becky. And how to secure all

Phillip Wylie:

of it.

Anand Singh:

Right? So

Phillip Wylie:

Yeah. So it’s, pretty pretty interesting. So as a CSO, what are one of the some of your biggest concerns?

Anand Singh:

Yeah. I think we talk about, the IoT, and we talked about the data security and all the considerations associated with data security. The third key feature that we need to talk about, Phillip, is the identity side of it. Right? I mean, how does a typical attack start? A typical start attack starts by, social engineering or password spraying and figuring out credentials, taking advantage of forward privilege that these credentials have to perpetrate the decks. Right? So, I think the the third key problem is just passive overprivilege. And I know the nonhuman identities is the buzzword of today in the cybersecurity practice. But the fact is that, the risk associated with NHI has been around for a long time. But to me, that’s the 30 factor.

Anand Singh:

You need to understand what your identities are. You need to figure out a way to, fertile down the identities to the need to know and least privilege rather than passive privilege that, many identities are not even using. But when they get popped, this extra privilege actually is really hurtful to organizations because that’s what attackers are using to go exfiltrate data or go encrypt data for ransomware purposes. So, the identity to data mapping having a fuller context, I think that’s kind of the third, crucial piece of the puzzle. And the fourth thing also we have discussed, which is the AI side yeah. Securing AI and, ensuring that, you have kind of trained your organization to use AI in a productive fashion.

Phillip Wylie:

Yeah. Very good. Because one of the things people overlook sometimes is just basic hygiene and then we don’t think one of the one of the best trainings I ever took, actually before starting my security career when I was a sysadmin, is I took the NSA’s infosec assessment methodology training.

Anand Singh:

Yeah. And the

Phillip Wylie:

cool thing about it was it wasn’t just based on digital files, it’s based on paper files. Yep. File classifications. And so it really helped me understand. I was working in the digital realm, but it just made me think, okay, this is relatable to paper files and you need to kinda look at the same way even Yeah. Taking seriously paper files and stuff, making sure that they’re stored properly of a clean desk

Anand Singh:

Yeah.

Phillip Wylie:

Procedure in place, policy in place that you lock the stuff when it’s not in use and you control access just much like you do the digital, assets.

Anand Singh:

I I love what you said, Phillip, because I think, in the chase of shiny objects, people forget that, you can achieve a massive amount of security assurance by doing the fundamentals really, really well. Right? What are those fundamentals? Making sure that your users are with trade. Making sure that your infrastructure and wealth is well maintained and you have insight into company infrastructure. Right? Making sure that patch and vulnerability management practice is very strong in the company. As you think about, designing new solutions, making sure that security is built and not bolted on at a later time, which is always more expensive and, less effective. Right? So, I I cannot agree with you more on, like, how important it is to focus on fundamentals and do it right.

Phillip Wylie:

Yeah. Some sometimes, I think we’re bad at you get into the all this technology and it’s very complex, but I think we overthink things sometimes. Absolutely. Sometimes Yeah. Yeah. You need to take a step back and look at it from just a basic view and figure that out. You can get deep as you need to, but Yeah. I think we over complicate things.

Anand Singh:

Yeah. Absolutely.

Phillip Wylie:

So as a CISO, you know, I know it’s a very stressful role these days. I know you guys are on the hook for a lot of things. If companies gets breached, you’re the one to blame, or you get you know, you’re the scapegoat, and there’s a lot of pressure. With that much pressure, how do you deal with the stress? What do you do to relieve the stress? What do you do to enjoy things and get your mind off of it once you step out of the office?

Anand Singh:

Yeah. Great question, Phillip. So, you are right. The Cisco jobs are extremely stressful. There have been nights where I’ve had the phone next to me, and I had the timer set to wake me up every two hours so that I can understand what the current situation of a particular incident or the situation is and talk with appropriate folks. Right? So, that’s the level of stress that we live with. I have some very interesting hobbies that I’ve developed over the years to, you know, keep my mind fresh and active. So one of the things that I, love is kind of just going on a walk with my dog.

Anand Singh:

And, he, like, and I wrote actually a post on this, for on LinkedIn for those of you who are interested, but my post type topic was why every CISO needs a dog.

Phillip Wylie:

I actually think I remember that post. Yeah. I read that. Yeah.

Anand Singh:

So, I I kind of, he he keeps me in that discipline where every evening I have to walk him. If I don’t walk him, he will stare constantly at my face for, like, maybe hours on end. So, that’s my time to clear up my head, think about things other than cybersecurity, about family, about kids, and all all those things. Right? One more thing I like to do, Phillip, is, and and probably not a hit in on the home front with my wife, but I love to ride a motorcycle. And, I have a old Kawasaki Vulcan from, 02/2009. And, it, like, that’s kind of my escape from, the, the stresses of, the cybersecurity world. And lastly, like, because we work so much with technology, I feel like I need to do something other than technology whenever I can find spare time. So I will kind of just, like, work on some pet project, build something through tools, kind of hang the shelf, whatever.

Anand Singh:

Right? I like to do anything other than stay for at least a few hours a week just so that, that’s not the only thing on my mind.

Phillip Wylie:

You know, it’s not only important for your mental health and performing well is sometimes you have to step away from it to be able to solve a problem. Absolutely. Because you work on something for hours and hours, you can’t find it and it’s something obvious, but you step away Yeah. And come back and there it is.

Anand Singh:

I don’t know if you if you have noticed that, Phillip, very interesting, but when you’re solving a crossword puzzle and if you are hung, hung up on a puzzle, right, if you take a break and come back, like, maybe an hour or two later, you’ll find that somehow your mind has figured out what the answer to that puzzle was, that you couldn’t do before. Right? The same analogy applies here where, like, we take a break from your kind of the problem that is plaguing you. When you come back to it, you will likely because your mind is working in the background. Yeah. And you’ll likely have some figured out some way to work through it or who can help or some of those things.

Phillip Wylie:

Yeah. It’s kind of back to the overthinking thing. So your subconscious is kind of analyzing while you’re taking your mind off of something else. So it’s kinda interesting about your dog and getting out in nature because that’s one of the things I enjoyed during the pandemic because it was it was a very stressful time. And I remember just getting out at night and getting out in nature because during that time, there seemed to be more wildlife out because there’s less cars around and stuff, and it was interesting. So we would go out at night, take walks, and it was just a good way to relax and just enjoy life. And it seems like that’s one of the things we forget to do sometimes. We may be passionate and love our jobs, love the mission, but you need to to enjoy life too, you know.

Anand Singh:

Absolutely. I think that will make you a better professional, and, that will also make you better to the team that you lead. Because if you are going to be in that heightened state of anxiety or overwork, it is going to translate into a stress for all of your team as well because instead of taking into account their state of mind and how the challenges that they are dealing with, you’re actually you were telling them what to do or you are act actually, perhaps not in the nicest possible way you are asking their responses and things of that nature. Right? And I think taking a break, getting to a better state of mind, improves your relationship not just inside of your family and others, but also with the people that you work with because they are seeing, like, in in the event of an incident, the most important thing that you can do is to stay calm and to stay focused. Right? Taking the breaks and getting your mind to a better state allows you to be able to do that and that actually empowers the people around you as well.

Phillip Wylie:

Yeah. And I think it’s setting a good example for them, especially the younger folks coming into the company. They gotta learn that work life balance.

Anand Singh:

So Yeah.

Phillip Wylie:

You know, if you’re good at good example to them, they’re gonna perform better for you. And then if work life balance is in the picture, then job retention exactly be higher.

Anand Singh:

Yeah. Exactly.

Phillip Wylie:

But it’s been, great chatting with you here at RSA, 2025. So before we close it out, just a couple things. What are you looking forward to at the conference this year? Is there anything that really excites you?

Anand Singh:

I love the innovation sandbox. So I wanna go check out, like, how are, the newest startups thinking about the emerging challenges in cybersecurity space and, how are they kind of approaching solving those problems? That’s one. I think the second thing that I’m really excited about and this this is gonna be a hard thing to do because, it’s not possible to walk one or two steps without hearing about AI. But, I want to cut through the noise and get to understand the truly innovative ways of using BL AI, not the fake AI, which is rule based systems disguised as AI, but the true AI. So it’s gonna be a hard problem to cut through that noise, but I wanna get a sense of, like, what what are the innovative usage of AI’s by cybersecurity company.

Phillip Wylie:

Awesome. I look forward to hopefully, there’s some LinkedIn post or blog post about that. Absolutely. So before we close it out, do you have any parting words?

Anand Singh:

My parting words are that the best thing that you can do about cybersecurity space is to, get comfortable with the ambiguity in this space, get comfortable with the pace of change in this space. Once you get comfortable with it, I think you will in it will start to be much less of a stress and much more of an enjoyment because you’re constantly learning, and you’re constantly figuring out a way to improve, your companies, your organizations, yourselves, and, the the people around you at the country. Right? So I I really do think that, I don’t think of cybersecurity as a something that is kind of a meat grinder. I think of cybersecurity as, like, someone, who, someone who has an active mind and an active imagination to feed their curiosity and constantly drive change. Right? So

Phillip Wylie:

Oh, those are great great words. Yeah. Thank you for joining.

Anand Singh:

Thank you, brother.

Phillip Wylie:

Thanks, Anand, for joining. Yeah. And we’ll see you on the next episode.