While Splunk has been launching incredible new products and delighting our customers by thinking ten steps ahead, I’ve had the less-visible priority to lead an extensive search for a new Chief Information Security Officer. You won’t be surprised that we were meticulous: this person will become one of the most senior protectors for Splunk, our customers, employees and investors. In the same way we serve our customers in Security Markets, Splunk is eager to stay on the cutting edge of protecting our systems and the data our customers entrust with Splunk.
I’m pleased to announce Yassir Abousselham as our new Chief Information Security Officer. He will lead our internal cybersecurity efforts, reporting into me.
Prior to Splunk, Yassir served as Chief Information Security Officer at Okta where he managed the Information Security function and chaired investments to position Okta as a leading security company. Before Okta, Yassir acted as the Chief Information Security Officer for SoFi, in addition to holding various security leadership roles at Google and EY. Yassir is also an active member in the cybersecurity industry, from co-chairing the San Francisco Evanta CISO Summit, to acting as an advisor for cybersecurity startups. Yassir also holds two U.S. patents in trusted network communication.
But rather than my telling you more about Yassir, let’s hear directly from the man himself:
Welcome to Splunk, Yassir! Could you tell us a bit about yourself, or as we like to call: your “Million Data Points”?
Thanks Tim, it’s great to be a Splunker!
I’m excited by the opportunity to lead the information security program at Splunk. For years, I’ve been a fan of Splunk products and the company itself.
To say a bit more about me, I moved to the Bay Area two decades ago and haven’t left since. Currently, I live in San Francisco with my wife and our three daughters. I thrive on everything that this region has to offer, including cultural diversity, entrepreneurial spirit and the amazing nature. Some of my favorite pastimes include cycling, hiking and playing tennis.
I can’t wait to start getting to know more of my fellow Splunkers, customers and partners.
Based on my experience, I believe that every organization must become a data-driven organization. Splunk is well poised to capitalize on the market opportunity and continue leading the industry through innovation and its customer first approach. It is my privilege to be part of the journey and to protect Splunk and its customers’ most valuable assets.
How should CISOs think about using data?
Security teams have been analyzing audit logs to detect and respond to intrusion attempts for decades. All along, IT and other business functions have been rapidly adopting more systems and platforms, which translates into an exponential increase in logs for the security team to monitor. To effectively deliver on their mandate, today’s security operations teams must use SIEM technology to identify investigation-worthy events, leverage machine learning to identify anomalies and SOAR solutions to optimize human analyst bandwidth and shrink response time. In addition, security teams should use data analytics to improve the performance of every other program within the function. In application security (AppSec) for example, security teams can use case data to derive actionable insights such as a particular engineering team needing secure coding training or a category of vulnerabilities being identified principally by bug bounty researchers rather than the in-house application security function.
Are there any unique strategies you use in your leadership style?
My leadership style is characterized by transparency and strong execution. At any one point, both my team and stakeholders need to be clear on expectations and can objectively measure their performance against goals. I rely on the OKR (Objectives and Key Results) system and formal planning to demonstrate execution, encourage accountability and allow the program to remain agile.
What is your vision for helping Splunk’s product security program?
My vision is centered around allowing Splunk to move faster, securely. To execute on that vision, the Splunk security program needs to be tightly embedded with the business, define secure standards to reduce development cost, continue investing in automation to optimize the use of precious engineering resources and identify opportunities to reduce enduser friction as a way to support standards adoption.
What lessons from your past experience will you bring to your new role as Splunk CISO?
I believe that every CISO continuously refines a personal “recipe” that is shaped by their experiences. Mine is characterized by strong partnership with the business, continuously identifying opportunities to scale the security program, hiring and developing the best talent.
What are the security trends you have top of mind? How does that impact how you’ll approach your role at Splunk?
Automated asset discovery is a trend that I’m excited about. In the security world we often hear about the “unknown unknowns” as the CISO nightmare. Security teams can only secure assets that they are aware of. Anything outside their purview represents unmitigated risk to the organization. Automated asset discovery helps security teams catalog systems and users by correlating and analyzing information from different sources.
Asset discovery is one of the tools that I’m planning to explore for security governance at Splunk. With a business in hypergrowth, we need to invest in automation and both preventive and detective controls to execute a multilayer approach to security.
If you could Splunk anything in the world, what would it be?
I would Splunk car commute data to identify opportunities for carpooling and optimize travel time for commuters.