With the new year, comes new possibilities—and a new blog series! For the rest of 2019, we’ll be continually recapping some of the top highlights and interviews from theCUBE at .conf18, starting with our first installment featuring Splunk's Haiyan Song, Senior Vice President and General Manager, Security Markets.
As we start to think more about the empty canvas that is 2019, we can begin to paint in the picture. Thanks to our prior knowledge and industry trends, we can predict some of the future hurdles we might have to overcome. However, Haiyan has been thinking about the new year far before the predictions and New Year’s Resolutions hit. She’s helped pave the way for what we should expect this year and how to handle security in the evolving digital landscape.
Today, we’re taking a look at Haiyan's theCUBE interview with Stu Miniman and Dave Vellante, as she shares her vision of what the SOC looks like in 2020, security in DevOps and the heightened security ecosystem that lies ahead.
Looking to 2020
For those that don’t know, theCUBE is a live interview show covering tech enterprise. They’ve covered .conf news since .conf11, and this year was no different, as theCUBE sat down with 17 different Splunkers, customers, partners, analysts, thought leaders and more to discuss Splunk news and the industry itself.
During her interview, Haiyan notes that an integral moment of .conf18 was when Splunk shared its vision on what the SOC looks like in 2020. At a high level, this vision foresees that one year from now, 90 percent of the technology SOC analysts use on the job will be automated. This includes analytics, operations, automation and orchestration of Tier 1 work. Automation is the vision of the future, and as a result, more than 50 percent of said analysts’ time can be focused on detection logic and really responding to things that require human skills and insights.
Haiyan also shares that she envisions a singular place for response orchestration, verses the current state of looking in twenty different places and scrambling to figure out what’s going on. Splunk has developed a roadmap of ten core capabilities that help lead to the SOC 2020 Vision and with the acquisition of Phantom, Splunk is one step closer to turning its vision into a reality.
Haiyan also discusses how security in DevOps, also known as DevSecOps, is becoming more pervasive and integrated into everything Splunk does, and DevOps as a whole. From cloud adoption, to the acceleration and the new IT, Splunk is able to play into DevSecOps in many different ways. She brings up how another one of Splunk’s acquisitions, joining forces with VictorOps, is helping bridge the gap between IT and security business, enabling coordination and collaboration within the DevOps world.
Evolving Security Ecosystem
Lastly, Haiyan references New York Presbyterian Hospital’s use of Splunk as an example of where compliance and data privacy is headed in the future. New York Presbyterian struggled with managing patient records, staff activities, etc. due to privacy constraints and compliance issues. As a result, they turned to Splunk to help power data from multiple healthcare-centric data sources and in return got a system that was built to meet their specific needs of flexibility and insight.
She notes that she thought Splunk was just going to stop there, help the organization with compliance and better their structure, but now New York Presbyterian took it one step further and is leveraging data from the Splunk platform to help battle the opioid crisis. This example reiterates that security and compliance can go farther than the typical, it can be bridged into fighting a much larger, societal issue and is evolving into more diverse and broader use cases than ever before.
Haiyan’s interview and insight is just one of the many stories coming out of .conf18. Check out a full recap theCUBE at .conf18 and stay on the lookout for more deep dives on theCUBE interviews leading into .conf19!