On the 11th episode of Enterprise Software Defenders, host Evan Reiser (Abnormal Security) and special guest host Steve Ward (Former CISO at The Home Depot and TIAA) talk with Betsy Wille, former CISO at Abbott. Abbott is a Fortune 100 global healthcare company that manufactures various healthcare products, including diagnostics, pharmaceuticals, and medical devices. In this conversation, Betsy shares her thoughts on the unique challenges of defending enterprise businesses, AI’s impact on the evolving threat landscape, and how cybersecurity teams can harness AI more effectively.
Quick hits from Betsy:
On the possibility of AI on access management: “I love the possibility of AI in the access management space, role based access, RBAC, and zero trust. I've seen so many programs and none of them really deliver at scale because we don't really know what people need to do their job, particularly in this digital world and proliferation of systems…There is a lot of opportunity for that to become true, we do have the ability to enable only what's needed.”
On the emerging threats posed by AI attacks: “I do think we'll see fewer attacks of opportunity and many more specialized attacks. It takes a lot of work for the criminals to put together targeted attacks; it's a lot of resources, labor, and focus. That had been saved for the high financial gain targets. The rest of the attacks were more around a kind of soft target, a common attack to see where it lands. AI changes that so drastically. It becomes so much easier to create very individualized, customized attacks at organizations. Maybe with a very similar arc and approach, but customized on the front end of how you get in and make it very real to that organization.”
On the potential for AI to transform how enterprises understand themselves: “There is potential for LLMs to translate cyber and technical complexity into something businesses understand. If you talk about something we haven't gotten materially better at over the last 10 or so years, it's talking to the business and translating it. The hardest thing when you come into an organization, especially at a leadership level, is just figuring out how the company makes money. We have to understand the business to protect it…We haven't developed those capabilities over time, but there's potential in the translation through the LLM.”
Book Recommendation: The Art of Gathering by Priya Parker
--
Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.
Enterprise Software Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/
Enterprise Software Defenders is produced by Josh Meer.