Unifying Security & Observability: Manpower’s Unique Approach to Cyber Resilience with Splunk – Futurum Tech Webcast

Disclaimer: The Futurum Tech Webcast is for information and entertainment purposes only. Over the course of this webcast, we may talk about companies that are publicly traded, and we may even reference that fact and their equity share price, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors, and we ask that you do not treat us as such.

Transcript:

Daniel Newman: Hey everyone, welcome back to another episode of the Futurum Tech podcast. I’m Daniel Newman, your host, founder, and CEO of the Futurum Group. Very excited to be here today for this Futurum Tech podcast interview series. I got Randy Herold, he’s going to be joining me,he’s the Chief Information Security Officer and Chief Privacy Officer at the Manpower Group.

This is a big topic this year, we’ve spent all year focused on AI. I know you thought I might say security, but nope. It’s been all about AI, but the thing is that as AI continues to proliferate, the ability to keep your information, your company’s information and people’s data private, is going to become increasingly more complex. One of my favorite things to do is talk to the people that are actually facing these challenges, learning more about what they’re doing, how they’re doing it, and that’s what we’re going to do here with Randy today. So without further ado, Randy, welcome to the Futurum Tech podcast.

Randy Herold: Thank you, much appreciated. I think you set a new record, you made it seven seconds before you got the words AI out, so.

Daniel Newman: I know, I know, but did you get that dramatic pause? I set it all up about security, and then I’m like, and we’ve been talking all about AI because that’s really, feels like all I’ve talked about. Randy, I’ve been to like 100 events this year. I’m not joking, 100 tech events. I’ve seen Jensen Wong at probably 75 of them. So if you’re an NVIDIA person, and whether you’re NVIDIA or not, it doesn’t really seem to matter whether you were an ISV, whether you were an infrastructure company, whether you’re an IT ops, observability firm, it didn’t matter. Didn’t matter what you were doing, AI was in the lead. But one thing I can tell you, Randy, I think this probably has made your position even more interesting this year is, as AI proliferates the ability for the bad actors, the ability for threats, the ability for larger threat surfaces, and of course more vicious, high-paced attacks grow with it. Wouldn’t you say?

Randy Herold: They do, and it’s making entry into the bad actor world a lot simpler because AI is giving people capabilities and skills that they may not have developed on their own yet. So it’s absolutely creating an increase in problems for what I’ll call the good guys.

Daniel Newman: Yeah, I was writing code in Python yesterday, don’t ask how I did that, but it was definitely using generative AI.

All right, so let’s kick this thing off. First of all, really appreciate you just taking the time to join. I gave everybody your role, your specs, your title, big job for Manpower, but while I think Manpower is a pretty well-known entity around the world, why don’t you give us just a little bit of the background on the company. Then what is that job, or should I say jobs, Randy? Because there was at least two full titles in there. What does that entail for you on a day in and day out basis?

Randy Herold: So really it entails trying to stay informed from the outside as well as the inside, and then translating the two between one another. So I spend a lot of time working with my businesses and explaining to them what regulations are, but more importantly what the trends are. Obviously AI is in a lot of those conversations, but more importantly, translating them into our businesses. So, how can AI help us with the recruiting process, but how can it also bring risk into that recruiting process? So that’s what a lot of the job is about. It’s about that translation and identifying the risk and how does that interact or potentially interrupt the business?

Daniel Newman: Give me a little bit more about just Manpower, the Manpower Group.

Randy Herold: So Manpower Group is a global recruiting company. We put over 500,000 people to work every day. We are operating in 70-plus different countries and territories, and we live off a philosophy of doing well by doing good. We really, really are invested in the communities we work in, and we’re all about creating sustainable employment for as many people around the planet as we can.

Daniel Newman: Yeah, that’s a big job and I like that, doing well by doing good. I’ve always said when you have that consistent ethos and you believe that what you do, whether that’s driving great experiences or in your case, helping qualified people into the right roles, which is something nowadays that the world needs. I mean, look, over the last few years, despite the fact that our economy’s been a bit up and down, you could say, in terms of at least what the perception is and the perspective. The perspective has been, well, we’re about to have a really bad time, but to the credit of policy makers and probably to the credit of printing a lot of cash, we found a way to keep a lot of house with fluff but it’s also created a lot of challenges. We’ve had shortages in workforce and many industries. So being a catalyst or an enabler or conduit of putting people into roles to keep factories moving, to keep operations going, all those things, retail stores running, all the things that Manpower is able to help with is really, really important. But I want to talk more about cyber security with you. Randy, I hit you on that big question to start, but I’d just like to get your overall take on this idea of cyber resilience and how are you interpreting that as something to work on for the Manpower Group?

Randy Herold: Well, the resilience aspect is all about our ability to continue functioning and putting those people to work and keeping our clients up and running. It’s impossible to stop all the bad actors these days, so they’re going to get in, they’re going to create disruptions. The resiliency part is, how quickly can you identify and create alternative workarounds while you remediate the problem and things of that nature? So that resiliency aspect is extremely, extremely important, but the most important part of it is quick identification. We have to know about that interruption as quick as possible before it begins to balloon or snowball on us.

Daniel Newman: Yeah, that’s absolutely right. So in terms of the overall objectives of it though, have you thought, does the company have a standard, a boilerplate? What is good? What is good? What is good enough in your world, in terms of actually being able to have a level of resilience? Because I think where you started is something that we’ve said a lot on this show, and we’ve said a lot in the industry is basically that it’s not the, if you’re going to get breached, but when. I know that’s a sad state of affairs that every CSO, all your peers around the world have to be like, yeah, something’s going to happen, something’s going to happen.

But at the same time, this industry has also been one that for a long time, Randy, has teetered the boards. Not you guys, CSO’s have I think all agreed on how important this is but sometimes boards, sometimes leadership teams, management teams, insurance companies, they almost wanted to play almost a little bit of a game with how much do we have to spend to be within compliance? What’s the line? Obviously you might be in there saying, no, no, we could do so much more but obviously that comes with investment. You need more technology, more application, more hands, more people. How does that whole thing balance for you to make sure that you’re doing enough?

Randy Herold: Well, I think it really depends on the organization and the security and cyber role within that organization. What we’re finding in the… the pandemic really escalated it in my opinion is, folks in the security role have gone in one of two directions. They’ve either gone and embraced and grabbed that seat at the business table and they become business leaders and they’re integrated in those conversations and they’re helping drive overall business investments. Instead of trying to align with the business, they’re actually integrated into the business. Others are more comfortable in that tech space and they’re trying to solve all the problems on the back ends with tools and automation and things of that nature.

Quite honestly, what we’re now starting to see that we’ve come out of the pandemic and we’ve got a little bit of time and the dust is starting to settle, you’re starting to see where there’s a balance between those two pieces but it really is a driver with some of these organizations and even industries. As you said, some are just looking for a checkbox exercise, others are really trying to get ahead of the curve. I think over time, especially with AI and how it’s starting to impact and enable the bad actors, you’re really going to start to see the difference between, in my opinion, where folks are fully integrated as opposed to trying to catch up through alignment.

Daniel Newman: Yeah, and I like that you mentioned, I mean obviously I say the P word. I’m never sure anymore because of algorithms, if we should call it, if we should even say what the 2019 event was because I swear sometimes it penalizes me. But the bottom line is is one thing we know as people went remote, it changed the architecture of almost every enterprise on the planet. The proliferation of things like the SD-WAN, making sure VPN technologies and where that went. Also just the fact is that the perimeter of most enterprises changed dramatically. I mean, you just moved.

One of the things, and I like the fact that you looked at those trends more broadly. One of the interesting things I picked up on in our conversation, Randy, was that you definitely learned in into your relationship with Splunk. The observability journey, the observability topic has been very front of mind. Not as front of mind as AI, to keep our joke running from the start of this, but the fire hose of data and the fact is that moving away from these stovepipe approaches for managing data and security to having more of this kind of all-in-one fire hose that you can manage. I mean, are these the changes that drove… What drove you down the path of really looking at the integration of IT ops, DevOps, SecOps and really deepening the partnership between Manpower Group and Splunk?

Randy Herold: Well, the biggest thing is I don’t look at Splunk as a security tool. It is exactly as you talked about, it’s a capability where it enables us to have vision into all different aspects, all different trends, all different data. So for example, it’s not just providing information to my security team about things that are going on. It’s also supplying information to my people in culture teams, our HR equivalent. It’s supplying information into our operating teams and things of that nature. So the biggest reason and the biggest part of this journey is we didn’t try to sit back and just try to find a security solution or a security tool. We actually took and tried to find a visibility capability and a visibility partner, which Splunk provided. One of the challenges that I had going through this was talking about funding and costing and things of that nature. Well, when you look at it on a broader base than just a security capability and you start to bring in those other groups, those other capabilities, that cost justification becomes honestly quite simple when you start to look at it from that broader perspective.

Daniel Newman: Let’s stay on economics for a minute. You heard me, my interlude, talking about this economic teeter whirl wheel or whatever you want to call it we’ve been on. High inflation, high interest rates, low unemployment, rapid proliferation of new technology. Companies are all up against how quickly can they implement new tech. We’ve got growing threats that mean cyber resilience is more important, data protection is more important. You’ve got ransomware threats, you’ve got security intrusions, data thefts, privacy, and of course you’ve got compliance on top of that because it’s not only just the bad actors, it’s also making sure that even with the good data, you don’t do something bad with it. How do you balance the economics of this, because that’s a lot of things you’re trying to solve, Randy, at one time. I’m guessing even as large as Manpower is, you don’t have an unlimited budget, and if you do,give me a call for the show because No, it’s serious. How do you balance? What do you do first and how do you measure that what you’re doing is effective within the constraints of the economic challenges?

Randy Herold: Well, it all comes down to risk profiles. You’re right, we don’t have an unlimited budget. We’re facing economic challenges. We’re facing resource challenges, which means we have skillset challenges just like any other organization. So it comes down to that risk definition. The risk definition is really driven by the visibility and understanding the context. The age-old question, is it bad to lose? Is it worse to lose 1,000 records or one record? Well, it depends on what was in the 1,000 records and what was in the one record. It’s not just a quantity game anymore. Right now, it’s all about providing that context and that context comes from visibility. So your ability to correlate events, your ability to create association and relationships between attack at one particular area or geography or system or whatever the case may be. So it really comes down to prioritization through risk.

Daniel Newman: Yeah, and I think that’s always going to be the weight, just it seems that the risk continuum is changing almost on a daily basis.

Randy Herold: It is.

Daniel Newman: So how do you stay on top of this, though? So another thing is it’s not just, obviously you’re the Manpower Group. So you can staff up quickly, I’m hoping, but one of the things I think has got to be important and probably plays a pretty important role, whether it’s Splunk or other cyber security partners and other technology partners you pick, is also being able to train quickly. Keep people educated, informed, certified because just because you buy the tech doesn’t mean it’s easy to use. What’s your approach to keeping people trained and on top and obviously highly capable and competent to run Splunk or other tools across the organization?

Randy Herold: So I mean, the biggest challenge facing any security professional today, in my opinion, is complexity. So it’s really the biggest underlying point in training is really, if you can keep the complexity limited, your standardization, singular solutions that you’re utilizing across a broad geography or things of that nature, that’s what allows us to do quick up-skilling with the resources. You also want to make sure you’re using tools that are fairly, I’m going to say easy to use. Yes, that’s a relative term, but with the skillsets with the, I’ll say common sense interfaces that a lot of the tools you’re trying to go to, that will also enable it. But really the biggest thing is eliminating a lot of that complexity and using singular tools in order to provide the services and capabilities that I’m trying to get out there across the globe.

Daniel Newman: All right. So first of all, thank you so much, Randy, for giving us all this insight. Like I said, I really love that first-person opportunity to hear from people like yourself. These challenges are not, this is not small potatoes. What you’re dealing with are real, they’re substantial, they’re growing and if you need to play this bit back to anybody at Manpower Group as one of the world’s most read analysts in the high-tech space, I really hope companies are taking this threat seriously and investing significantly in making sure they’re able to protect their data, protect their customers. What do you see though, as we move forward? What do you see? I mentioned AI a bunch of times, but how do you see that, because like I said, I could see how it helps the bad actors, but it should help you too, right?

Randy Herold: It does. So look, any type of automation is going to provide value and opportunity, as well as challenges. The value it’s going to provide is I can create capabilities through that automation that should be able to run quicker and free up resources to do, I’m going to say, other more important task. But there are certain things you have to do every day, like check firewall logs. If you can automate that capability and put the AI capabilities into that in order to help with some of the, I’ll say low-level decision-making, that frees up your resources to do more advanced, higher-priority things, but it’s providing that same capability to the bad guys.

The opportunities that it provides is it really provides people opportunities to grow, whether it’s growth within the business, meaning through the AI capabilities that are out there. I’ve got a lot of technology and security folks that are learning the business at an even greater level and greater depth so they know how not only to integrate it, but again to make sure we’re securing and protecting it. With most organizations, the two most important things you have are your people and your data. So making sure that you have ways of protecting both of them is going to be the most important. So getting those incremental opportunities to get people to grow and learn the business, learn how that they can expand capabilities, expand opportunities in order to protect both of those critical assets is extremely, extremely important.

Daniel Newman: Yeah, I really like that. I mean, look, I think the one thing we can agree on, well, I think it seems to be a lot of things, but one thing we can definitely agree on, Randy, is that the acceleration, the pace is only going to get faster. I remember, my fourth book was a book called Building Dragons, and it was Digital Transformation in the Experience Economy. I remember doing some assessment on the rate of change and the half-life of change. I think you and I could probably come to a pretty easy consensus that the half-life of how quickly new technology can infiltrate a market and completely change the dynamics of how an enterprise runs, is run, was more visible in the last 10 months than ever before.

It’s funny because there was a date sometime last year in ’22 in November when ChatGPT was not a thing, at least as far as most of us knew. Then there was a date when it suddenly became a thing, and then there’s everything that’s happened since. You look at the evolution in software, the evolution in Silicon, the evolution in infrastructure to support this, the number of new companies in an entire economy has changed because of it. It’s changed worldwide policy, it’s changed hiring practices, productivity gains and goals, efficiency. I mean, heck, even geopolitically, our ongoing disputes and microaggressions in the Taiwan Strait have a lot to do with the fact that we all know that AI is going to be the frontier, the next frontier, which it’s not defense, it’s economies are built on. I mean, the defense is the side effect, right? We all want to lead this because it’s going to drive the world’s economic growth. So it’s a really exciting time right now.

I’d love to wrap up here though, Randy, with you and just get your future forward advice to others in your chair. You have the great opportunity and responsibility of leading a large company’s security. What do you tell your peers? What are you saying to CSOs of other companies, smaller companies, rising IT leaders in security space? What kind of advice do you give them about being able to lead through this pace of innovation and transition in your industry?

Randy Herold: Well, like any disruptor, you’re always playing catch up. It’s a major disruptor. You talked about multiple different things. Everything from political policy to capabilities within your own business, people trying to do things they had never thought of before. You finding creativity in your own organization because again, you have people that are using these tools in ways that maybe they weren’t intended but actually work quite well.

So what I tell everybody is the idea is, it’s guardrails, awareness, and then observability and response. So you don’t want to take and limit capabilities within your organization. You don’t want to limit creativity because someone may have a better way of building that mousetrap, and you don’t want to lose out on that because you told them they couldn’t have access to this new technology or capability. So what you do need to do is educate them, create awareness around the do’s, the don’ts, the best practices, things of that nature, and then you try to put some guardrails around it to protect yourself as best you can, as well as you can see into that crystal ball. Then as we talked about and started the conversation on resiliency, you need to make sure you have that remediation capability in place in the event something goes astray. So it’s really not a singular piece, it’s the combination of all of those entities that’s going to allow us to progress and catch up to this disruptor.

Daniel Newman: Randy, I want to thank you so much for taking some time here today with me on the Futurum Tech podcast, really interesting to hear the journey, the challenges, if it gives you any, if it helps you rest through these next few months, your challenges are not all unique. Now, having said that, every business is unique, but I do really appreciate hearing how you’re approaching technology, how you’re approaching the data and the exponential data growth and the conundrum that creates. Then of course how you’re looking at securing your data state and of course your enterprise at scale. Love to have you back on the show sometime soon, but I wish you all the best luck in the coming year.

Randy Herold: Thank you so much for the time. I greatly appreciate the conversation and I look forward to speaking to you as well soon.

Daniel Newman: All right, everybody hit that subscribe button, join us for all of the episodes here of the Futurum Tech podcasts, very interesting show. All of our guests always are. Let’s stay on top of this AI trend, the cybersecurity trend by being part of our community. But for now, for this episode, I got to say goodbye. See you all later.