Adaptive Security: Janis Lasmanis, CISO @Evolution

In this episode of CloudNext, Janis Lasmanis, CISO at Evolution, unveils his cybersecurity strategies, emphasizing the importance of adapting to unique threats rather than relying solely on market solutions. Delving into SIEM and SOC, Janis discusses the critical balance between securing operations and maintaining business flow, showcasing how tailored, dynamic defenses are crucial in the rapidly evolving tech landscape.

This transcript was generated automatically by AI. If you find any mistakes, please email us.

[00:00:00] Announcer: Hello, everyone. You're listening to Cloud Next, your go-to source for cloud innovation and leaders insight brought to you by Global Dots.

[00:00:00] Ganesh: It's 2 a. m. Your phone breaks the silence, signaling an alert, a [00:00:20] potential breach. The race against time begins. It's a moment every tech professional dreads, and we all know it only too well.

[00:00:27] In today's episode, we're diving into the world where strategy, technology, and the human element collide. A world where a single oversight can lead to sleepless nights and interrupted vacations. Where the line between security and operational [00:00:40] flow is razor thin. I'm Ganesh, and joining us today is Yanis Lasmanis, CISO at an online gaming company renowned for its technological innovation.

[00:00:50] Yanis has extensive experience in cybersecurity, particularly in addressing the unique challenge of the online gaming sector. Together, we'll explore the unique strategies that set apart effective [00:01:00] cybersecurity practices, and the common pitfalls that even the savviest companies can fall into. We'll delve into the nuances of SIEM and SOC, unraveling the behind the scenes stories.

[00:01:10] Peace. Yannis, before we dive into the questions, uh, tell us a little bit more about your role, uh, what it entails and what your responsibilities are.

[00:01:17] Janis: Hey, hello everyone. So [00:01:20] yes, my name is Yannis. So I am chief information security officer in Evolution Group. Uh, I'm within the company more than 10 years already.

[00:01:30] So, uh, in general, my responsibilities are taking care of information security, cyber security, physical security. So all the aspects [00:01:40] of the, the, the security.

[00:01:41] Ganesh: There's, uh, it sounds like a lot on your plate and, uh, uh, knowing quite a few CISOs like I do, that generally leads to quite a lot of sleepless nights.

[00:01:51] That's true. Let's start in a, in a, an upside down way. Uh, I'd like to start with. What not to do. So what do you think are [00:02:00] some of the most common mistakes that other companies make when approaching security?

[00:02:04] Janis: This is a really good question. So in my experience, I would say companies purely focus on the solutions they, they found in a market and buy.

[00:02:14] Or fixing some issues they have. So, and probably that's the biggest [00:02:20] problems they have, because if you choose some of the solutions, uh, some services, so you need to work with those ones. You need to find you and you need to monitor those. It's just like additional instrument for you to make sure that actually it's work.

[00:02:35] So you need to look at it. Uh, configure it, monitor it [00:02:40] on, if not daily, then weekly for sure.

[00:02:42] Ganesh: Why, why is this a mistake for them in the industries? You think this just adds, create too much noise because there's too much tooling to look at? What's the, what's the pitfall of that?

[00:02:51] Janis: Once you buy some solution, so it will not fix your problems because your problems are unique.

[00:02:58] Uh, you need to fine tune that [00:03:00] the solution works for you exactly. for your risks, for your threats, to protect your assets. And that system, which you buy, do not know about that, I would think. So, and this is why you need to tell the, the system, what actually it needs to protect.

[00:03:18] Ganesh: Makes sense. And I, [00:03:20] I would agree with you that, especially in the world of IT software sales, there is a hope or a dream that a particular tool is just going to solve all your problems.

[00:03:31] Like by taking a zero trust solution, suddenly everything will be fine, or by having the best, uh, internet firewall, gateway, web application [00:03:40] firewall, or bot protection, then suddenly your problem is solved. Whereas actually a lot of the times it's, it's not about a tool, it's about culture a lot of the time.

[00:03:50] What makes Evolution's approach or your approach to security different or unique?

[00:03:55] Janis: It's approach of dynamic mix of various things in the [00:04:00] company. It's one of those could be being adoptable of new things, of new directions companies going. Uh, of course, staying informed. So, if you know things so you can react to those one and you can start to plan your activities [00:04:20] and constant customization of your defense.

[00:04:24] Ganesh: So when you say constantly customizing your defense and staying, staying current or staying on, on top. What are some techniques that you have for that? How do you personally stay current?

[00:04:36] Janis: Security field, it's constantly growing and all [00:04:40] the tactics, all the approaches, how the bad guys are trying to penetrate the companies, get into the companies, steal the data, constantly changing from day to day.

[00:04:51] So the tool you configured a year ago, probably is already out of date today. Uh, this is why you need to [00:05:00] customize that one according to your needs, according to your data, about your tools you are using, about direction where the company's going, uh, the tools developers or the accountancy or the HR is using.

[00:05:13] So you constantly need to change that one. And of course, evolution is a company [00:05:20] who works together. to achieve the goals. So, um, the change is happening and change happening constantly. And in the security field, you constantly need to be on the top on those changes.

[00:05:32] Ganesh: And for people who don't know about Evolution, um, it's a online gaming.

[00:05:39] So you can [00:05:40] think of it as, um, an online casino with real players there in the background. And given the sensitivity and financial nature, of your site. What are the most challenging threats that you face and how do you respond to them?

[00:05:57] Janis: I would, I would give a comment on about the [00:06:00] evolution as a company.

[00:06:01] It's not the online casino. So we are the service provider for the casinos. So actually we are the IT company providing the services. About the attacks. I would like not to emphasize only one type of attacks because this business [00:06:20] area is Really, really interesting for the bad guys. So, uh, there is constantly and daily, uh, attacks in various, uh, attack kinds.

[00:06:34] Like data breaches, ransomwares, distributed denial of attacks, uh, [00:06:40] fraud and cheating. Of course, we have insider threats as well. So we have everything. And the main goal is not to lose our uptime. Mm hmm. And

[00:06:51] Ganesh: when you're, when you're looking at your, you know, you listed a very wide range of different attacks there from DDoS to fraud to, to [00:07:00] all these kinds of things.

[00:07:01] Um, I'm imagining that you see some very advanced ones given the fact that there's a real financial reward if people can beat your system. How do you balance the strategic mindset and the practical tools in cyber security? evolution. We're [00:07:20] looking at what tools you take on board. How do you do that and maintain robust security at without disrupting business operations?

[00:07:27] So how do you, how do you have a, a highly secure environment without causing any slowdown in there?

[00:07:33] Janis: I would say this is the most challenging part in security field because no one cares about [00:07:40] security once something bad happens. So only then security is brought in and this is really, Big challenge to complete, uh, to achieve.

[00:07:49] I would say one of the main aspects of that one is clear communication, uh, clear communication across all the stakeholders. It's [00:08:00] definitely user friendly policies so that everyone understands why it's needed and what will be the result of that. I will repeat myself again, it's adaptability and flexibility because We are constantly growing and the market is changing.

[00:08:17] The attack vectors are changing constantly. So [00:08:20] you need to be on the top. In other words, you need to run in the same pace as the bad guys do.

[00:08:25] Ganesh: Makes sense. I, from my own experience being involved in, um, solutions architecture at previous companies, I know that, uh, security was always, you know, The last thing, like you said, [00:08:40] that people think about it's, it's always the last thing and something that I've come up against in my past is because of the slowdown that is added by building applications to be secure by design.

[00:08:54] And so thinking about security from the very first step led to a culture [00:09:00] of secrecy, I would say, or people trying to build things. Um, in a secret way so that they, they didn't have to pass the security standards. Is that something you've come across and how do you deal with that challenge or the, the idea that you're Yes,

[00:09:18] Janis: of course, [00:09:20] being there, seeing that, uh, I guess, uh, I would say everyone, uh, Uh, have been in such kind of position, so where someone tries to hide something and not to tell something.

[00:09:33] And this is why it's this clear communication it's needed. So when, why this is a biggest challenge you need to [00:09:40] describe, actually, I would say in the company, I'm always saying the seeing is believing. So And it's a job for the security team, the red team part. You break the systems, you show everyone, so and then everyone understands.

[00:09:55] Yes, they were right.

[00:09:58] Ganesh: That's [00:10:00] possibly a, a nice tip for any other CISOs listening out there, breaking the system is often the best way to show The, the reasons why you need security. Um, I had a, a, a great colleague of mine who was the head of security and he kept on telling people [00:10:20] that the, the way they stored their passwords across multiple platforms wasn't safe and that they could be hacked.

[00:10:27] Their, their, their company, um, work, maybe mail could be hacked using a. because they'd used their password somewhere else. And, uh, he very famously set up a screensaver in the [00:10:40] boardroom with all of their passwords that he'd been able to get off the dark web. So the screensaver was all these passwords and he, he invited all of the board members in and It told them again about the importance of security and then pointed them to the, to the screensaver and said, are there any words up there that any of you recognize?

[00:10:59] And obviously all [00:11:00] the guys, their faces were looked really shocked because their passwords were floating around on the screen. But. That always stayed with me as like a very powerful way to, to win the hearts and minds. And I think

[00:11:13] Janis: that's, that's correct. So you can tell no matter how times you would like, no one will trust [00:11:20] you.

[00:11:21] One time you just show them and you get the respect.

[00:11:25] Ganesh: And I think that's it, you know, the, the, you can, you can have that clear communication why we're doing it, et cetera, et cetera. You, I, I feel like a security team and a CISO team needs to have this wow factor or [00:11:40] this, um, an unforgettable display of hacking or something like that.

[00:11:44] It needs to be seen so that. Uh, it remains part of the culture.

[00:11:49] Janis: Let's say that the security team just need to gain the respect in the team, in the company. And so, and there are many ways how to get that respect and, and, [00:12:00] and by showing by example, so that's one of the ways. So

[00:12:04] Ganesh: talking about trying to win people over or trying to get respect from the team, what's the one thing that.

[00:12:11] You wish you knew before becoming a CISO.

[00:12:14] Janis: I will, I will come back to the, the communication. So the communication is the key to success. [00:12:20] So my background is really purely technical. So I'm technical guy in the background. And when you sit with the Unix, uh, servers, there is no need to a lot of talk with them.

[00:12:33] Uh,

[00:12:33] Ganesh: I w I would say it's. I would, it's probably the biggest problem with, uh, IT [00:12:40] security is, is the relationship between security departments and developers generally. I

[00:12:46] Janis: read somewhere that, uh, and it's still in my head that security need to be, need to enable business, not to stop it. Yeah.

[00:12:54] Ganesh: I think that's the, that's the most common misconception is that the IT security is [00:13:00] there to somehow.

[00:13:01] Stop business or to somehow get in the way. Um, uh, so, and I think that's where the, the culture of mistrust comes from, or the culture of hiding comes from that. So sticking with your experience, what would you say is the biggest challenge or possibly the biggest mistake that you made as a security [00:13:20] professional?

[00:13:20] Janis: Biggest challenge and mistake. I would say the same thing as I mentioned in the third, on some of the first questions, relying. Solely on technologies only. So I have a really great story about, and I have some slides available as well. [00:13:40] Um, how we implemented the same solution in the company. And, and there is a lot of lessons learned from that one.

[00:13:47] So yes, you really, I would say put all cards. Uh, on, on, on one solution and hoping that it will fix your issues. But after the year, you understand that [00:14:00] it's not the truth.

[00:14:02] Ganesh: I, I know I have a personal, um, a personal love for seem solutions and sock solutions and soccer as a service solutions. And I know that it's something close to your heart because I've seen one of your articles on that.

[00:14:19] But, [00:14:20] um, essentially. A seam is not a sock. And, uh, to, to anybody listening, well, can you give, can you give us a simplified guide to this or what's, what's your, what's your story for that?

[00:14:33] Janis: So when companies are trying to gain this visibility. Uh, they start [00:14:40] to collect all the log files, um, all the security events, all the information they can find outside, uh, not only outside, only as well from their own systems, uh, they start to implement number of solutions like CM, where you feed in information from [00:15:00] all the available log sources.

[00:15:02] And then your expectation is that some. Magic will happen and the system will tell you where the problem is, but actually the system tells only where the problem is based on the rules that someone configured in the system. [00:15:20] And if you have not prepared for that one and have not analyzed your assets, attack vectors, and classified what's critical for you, probably it will not work.

[00:15:31] It will give you a lot of noise and that's it. And probably you will still miss the essence out of [00:15:40] that one and will not solve your problems.

[00:15:42] Ganesh: And I would say also probably Noise is one of the biggest problems that CISOs and security professionals face already. So if you're going to start pushing all your messages into a seam, and you're now collecting every [00:16:00] possible message, the chance that you're just going to increase, The, the level of noise for yourself is quite high if you don't have a system for that.

[00:16:08] Um, and again, there's, there's ways to approach that machine learning tools to reduce the amount of noise that comes out of the seam or using SOC as a service. But if you are [00:16:20] deciding what you're going to collect, it seems pretty key to me. If you decide you want to collect everything, you know, Do you actually need to collect everything?

[00:16:29] Because, um, you, you could create an awful, awful amount of noise

[00:16:33] Janis: in that scene. I would definitely recommend everyone at the beginning to define what's [00:16:40] needed and then stick to that one and configure only what's needed. Otherwise, it will give a lot of noise and not needed information at all. Yeah,

[00:16:51] Ganesh: totally agree.

[00:16:52] I know from speaking to CISOs on a weekly basis that the budget is the hugest problem for them. Um, [00:17:00] what, what advice would you give to people who are looking to prioritize their budget or to try and get more budget?

[00:17:05] Janis: Don't focus on the technologies, focus on your problems and start small and you will find a way how to achieve the All the, the, the, the cake you would like to get

[00:17:18] Ganesh: focus on, focus on the, [00:17:20] focus on the problem, start small and you will get the cake.

[00:17:23] I like that. Yes. And talking about yourself and your business and that cake. So how do you, when, how do we measure success? How do we know when we've got the cake, what KPIs? Do you use internally that you found useful, or what [00:17:40] KPIs could you share with other CISOs that you think could be useful for other companies?

[00:17:43] Janis: If you look from the security perspective, there is always a good question. Is zero identified weakness as good? Or a hundred identified weaknesses is good for the company. And no one has this answer because [00:18:00] the day to day life will just show what is a real situation and uptime availability of the systems will show how secure you are.

[00:18:10] Ganesh: So that's. That's the, the, the landscape as it is at the moment. Um, if we were to like [00:18:20] shift our view into the future, um, what predictions do you have for new security solutions in 2024 or, or the way that we're, if we're heading in it security generally

[00:18:33] Janis: predictions. So yes, artificial intelligence is coming, uh, with number of new solutions.

[00:18:39] [00:18:40] Uh, everyone will try to somehow penetrate. Uh, the, the, the, the victims network, uh, humans, humans will still stay the weakest point, especially together, together with artificial intelligence technologies like, uh, face voice. recognitions, [00:19:00] face recognitions, everything related to that one.

[00:19:03] Ganesh: Would agree with that one.

[00:19:04] And it does make me laugh that since, since ever I worked in IT, the weakest part of security was the human. And, you know, 18 years later, The, the weakest part of any system is still the [00:19:20] human. So I don't expect that's going to change at some point in the future. Um, Yes,

[00:19:26] Janis: that's true. And many companies are just focusing on one control.

[00:19:32] to fix their problems, but probably that's not enough. You need to be at least three, four, five layers of [00:19:40] the security just to be sure that actually, because humans fail and humans do mistakes and, and that's normal. And then if a human makes one second mistake, you will have still two, three more [00:20:00] additional layers of protection.

[00:20:01] Ganesh: Good, solid advice. Defense in depth, I think, is definitely, you know, this makes perfect sense. Um, DDoS is, is on the, is glowing, you know, been on the rise since forever, but DDoS is really, really, Um, [00:20:20] continually on the rise and every, every side's being attacked. And what are some of your recommendations in order to protect yourself against these kind of, uh, more advanced attacks?

[00:20:31] Janis: Yes. Our days. So there is no way you can protect your business from the volumetric business attacks without some third [00:20:40] party, uh, service provider who mitigates it for you. Uh, there is plenty of service available there outside, which you can use, but the using only the service without configuration, again, the configuration will not solve your problems.

[00:20:57] Because there is, uh, [00:21:00] packets per second, which can be used as attack. The volumetric or bandwidth, uh, attacks, which can be used. Uh, your application is unique. Uh, with specific APIs and access points on your side. So you need to tune those systems. [00:21:20] In the best scenarios, there is a solution which you can use to test your DDoS mitigation posture so that you can be sure that your configuration is proper and will mitigate your attacks on you.

[00:21:37] Ganesh: That's actually a great tip. I [00:21:40] completely agree. It's something that I'd forgotten about, but yes, the hiring a denial of service attack type tool to, to point at your own website is highly, highly advisable, um, in order that you know that your, your denial of service works. I would also add that, uh, [00:22:00] Other technologies that people possibly didn't look at, um, or is maybe just a bit more modern, um, is DAST tools.

[00:22:09] So, uh, dynamic application security testing, whereby you Uh, it's, I think of it as a pen tester in a box, really, [00:22:20] but typically companies used to only get a pen test once a year, whereas now you can just run it as part of your CICD pipeline. Um, every time you release a new API, you automatically run a pen test against that.

[00:22:34] So, you know, to, to be constantly testing your own entry points is a [00:22:40] super great tip.

[00:22:41] Janis: So you can have. Many tools as you would like to have, uh, as a controls for your system, but you need to test your systems as well. So to understand how good is your configuration, does you meet your goals? What you actually agreed before [00:23:00] buying those solutions.

[00:23:01] So, and. It's not like setting up the system, setting up the box and forget about that one. So you need to work with that one.

[00:23:09] Ganesh: Um, great. Yanis, uh, thank you so much for your time. Um, anything else you'd like to add or any closing remarks for our listeners?

[00:23:18] Janis: No, nothing came [00:23:20] in my mind. Thank you for the conversation.

[00:23:22] Ganesh: Thank you for taking the time. We really, really appreciate it. And thank you for fighting the good fight and spending the time with us today.

[00:23:31] Janis: Okay. Thank you.

[00:23:32] Ganesh: This episode was produced and edited by Daniel O'Hana and Toma Mouviton. Sound editing and [00:23:40] mix by Bren Russell. I'm Ganesh the Awesome, a Senior Solutions Architect.

[00:23:45] And if you're ready to deep dive and start transforming the way you approach security, then the team and myself at GlobalDots are at your disposal. It's what we do, and if I don't say so myself, we do it pretty well. So have a word with the [00:24:00] experts, don't be shy, and remember that conversations are always for free.

[00:24:04] Find us at GlobalDots. com.

Related Content

  • SASE Evolution: Shlomo Kramer, Founder & CEO @Cato
    Cloud Security
    SASE Evolution: Shlomo Kramer, Founder & CEO @Cato

    What does the future of security look like? Shlomo Kramer, Founder & CEO of Cato Networks, joins CloudNext to share his vision. From the rise of SASE as the next-generation network security model to the importance of convergence and simplicity in security platforms, Shlomo offers invaluable insights for organizations navigating digital transformation. Tune in to explore how legacy systems are being replaced, how to secure your operations with agility, and what’s next for the industry.

  • Prioritizing Cloud Security: Tomer Hadassi CTO @Upwind
    Cloud Security
    Prioritizing Cloud Security: Tomer Hadassi CTO @Upwind

    Too much visibility, not enough action? Tomer Hadassi, CTO at Upwind, explains how to prioritize what really matters in cloud security. Discover how real-time, runtime context slashes thousands of vulnerabilities down to a few key threats, making life easier for DevOps and security teams. We also explore CNAP’s evolution, AI-driven profiling, and how to simplify compliance for enterprises and startups.

  • Mental & Cyber Security: Peter Coroneos @Cybermindz
    Cloud Security
    Mental & Cyber Security: Peter Coroneos @Cybermindz

    Cybersecurity professionals are working in a department where someone is constantly trying to ruin their day. A security breach causes untreated trauma, which at best leads to a career change. Peter Coroneos, former head of Australia’s Internet Industry Association, argues addressing well-being will benefit companies by reducing turnover and preserving corporate memory. He founded Cybermindz, which offers neuroscience-based solutions to build resilience and prevent burnout.

  • How Yuki Achieved SOC 2 Compliance 6x Faster
    Compliance Automation
    How Yuki Achieved SOC 2 Compliance 6x Faster

    Overview A fast-growing Snowflake optimization platform was missing out on customers because they didn’t have the right data security compliance. Through multiple consultations and extensive vendor-testing, the GlobalDots team selected a solution to provide both tech and human support, helping the company achieve SOC 2 compliance within just 3 months – and win new customers […]

  • Secure Sanity: Bronwyn Boyle, CISO @PPRO
    Cloud Security
    Secure Sanity: Bronwyn Boyle, CISO @PPRO

    Dive into cybersecurity and mental health with Bronwyn Boyle, CISO at PPRO. Discover the challenges of managing risk in evolving tech environments and the impact of AI on security. Bronwyn shares insights on fostering a no-blame culture, the importance of diversity in tech, and her journey through burnout. Learn practical strategies for building resilience and supporting mental health in cybersecurity. Tune in for a compelling conversation that bridges tech and well-being.

  • Adopting to Speed of Cloud: Stav Sitnikov, CTO @StreamSecurity
    Cloud Security
    Adopting to Speed of Cloud: Stav Sitnikov, CTO @StreamSecurity

    If you are facing real-time cloud security challenges and struggling with escalating costs this episode is for you. Discover the future of cloud security with insights into AI-driven threat detection and seamless integration of security tools. Learn how to balance performance and cost-efficiency, and why early unit testing is crucial for success. Join Ganesh on CloudNext as he sits down with Stav Sitnikov, Co-Founder & CTO of StreamSecurity, to explore actionable strategies and forward-thinking solutions reshaping cloud security.

  • The CISO of CISOs: Greg Notch @Expel
    Cloud Security
    The CISO of CISOs: Greg Notch @Expel

    Greg Notch, led the NHL’s cybersecurity initiatives and now he is in some ways the "CISO of CISOs". Greg dives deep into the issue of cybersecurity tool sprawl and its impact on the effectiveness of security operations. Exploring strategic tool consolidation, he shares insights on enhancing efficiency and aligning security efforts with business goals. Drawing from his notable career, Greg provides expert strategies for managing security in dynamic environments and fostering a proactive security culture.

  • Pragmatic Cybersecurity: Alex Jilitsky, Head of Cybersecurity @Plus500
    Cloud Security
    Pragmatic Cybersecurity: Alex Jilitsky, Head of Cybersecurity @Plus500

    In this CloudNext episode, Alex Jilitsky of Plus500 and Ganesh dive into cybersecurity automation's role in transforming digital defense. They tackle the shift from manual strategies to innovative automated solutions, underscoring the need for agility in tech's fast-paced realm. Alex shares insights on pragmatic decision-making and aligning security with business goals. Tune in for a discussion on navigating cybersecurity challenges in today's dynamic landscape.

  • Transforming AppSec: Neatsun Ziv, CEO @Ox Security
    Cloud Security
    Transforming AppSec: Neatsun Ziv, CEO @Ox Security

    In this episode of CloudNext, Neatsun Ziv, co-founder and CEO at Ox Security, joins Ganesh to tackle the evolving challenges in application security. They delve into the incessant alert noise and manual triage that often overwhelm tech professionals, and how traditional methods fall short in today's fast-paced digital landscape. Neatsun shares his vision for a future where innovative solutions and strategic playbooks transform incident response, making security management more efficient and effective. Tune in for invaluable insights on enhancing your security posture in an era of endless cyber challenges.

  • AWS Innovations Decoded: GlobalDots’ Top 20 Picks
    Cloud Computing
    AWS Innovations Decoded: GlobalDots’ Top 20 Picks

    Join AWS experts from GlobalDots as they decode the top 20 cloud innovations you need to know in a 2 part Webinar. Gain insider insights on leveraging these transformative technologies to boost performance, tighten security, and reduce costs. Discover real-world applications to apply these advancements to your business. Reserve your spot now! ? Stay Ahead: Learn […]

  • Complying with AWS’s RI/SP Policy Update: Save More, Stress Less
    Cloud Cost Optimization
    Complying with AWS’s RI/SP Policy Update: Save More, Stress Less

    Shared Reserved Instances (RIs) and Savings Plans (SPs) have been a common workaround for reducing EC2 costs, but their value has always been limited. On average, these shared pools deliver only 25% savings on On-Demand costs—far below the 60% savings achievable with automated reservation tools. For IT and DevOps teams, the trade-offs include added complexity, […]

  • The Future of Cybersecurity: Shlomo Kramer’s Bold Predictions for the SASE Era
    Web Security
    The Future of Cybersecurity: Shlomo Kramer’s Bold Predictions for the SASE Era

    What does the next decade of cybersecurity hold? Few can answer that better than Shlomo Kramer—co-founder of Check Point and Imperva, and founder & CEO of Cato Networks. In a candid conversation on the CloudNext podcast, Shlomo shared bold predictions and actionable strategies for navigating the challenges and opportunities ahead. From the rise of SASE […]

  • Three Ways CISOs Can Combat Emerging Threats in 2025
    Web Security
    Three Ways CISOs Can Combat Emerging Threats in 2025

    73% of CISOs fear a material cyberattack in the next 12 months, with over three-quarters convinced AI is advancing too quickly for existing methods to combat it. But what can CISOs do to prepare for the coming wave – and access the resources they need to deal with this evolving threat landscape? To find out, […]

  • From IT Headaches to Automation with Alon Zlatkin, CEO @Dots
    Hosting, networking & hardware
    From IT Headaches to Automation with Alon Zlatkin, CEO @Dots

    From IT procurement and onboarding to IT asset disposition and offboarding, logistics is often sidelined as a hectic routine. But as Alon Zlatkin, CEO of Dots, discloses, these essentials are the backbone of smooth operations, impacting productivity and cost efficiency. Tune in as we explore the hidden logistical nightmare affecting the IT department and echoes through the whole organization. Discover how Dots transforms logistical headaches into automated solutions that fuel growth.

  • FinOps Strategies: Liat Shoil & Nastya Mor @SentinelOne
    FinOps
    FinOps Strategies: Liat Shoil & Nastya Mor @SentinelOne

    FinOps is a key driver of business growth, but what does it take to run an efficient FinOps practice? In this episode, Ganesh the Awesome sits down with Liat Shoil, Director of FinOps & Analytics, and Nastya Mor, Staff FinOps Engineer at SentinelOne. They share their journeys into FinOps, their biggest challenges, and how they built successful FinOps teams from scratch. Learn about automation tools, the importance of KPIs, and how cross-team collaboration can optimize cloud costs while aligning with business goals. Tune in to discover actionable strategies to level up your cloud cost management.

Amplify Your Cloud Security

Technology, security threats, and competition all change rapidly and constantly. Your security stack must, therefore, be ahead of every emerging threat and, just as importantly, enable full-speed business processes by reducing friction in critical workflows.

Achieve this with GlobalDots’ curated solutions:

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services