Understanding Customer Success: Beyond Support in Cybersecurity

Posted by:

|

On:

|

This podcast episode elucidates the essential nature of customer success within the realm of cybersecurity, positing that the discipline transcends mere technical proficiency to encompass a broader business perspective. I convey that security is no longer confined to IT; rather, it is a multifaceted issue that intertwines with various organizational domains such as finance, sales, and human resources. The dialogue with our esteemed guest, David Muniz, highlights the importance of understanding customer expectations and the role of trust in fostering meaningful relationships between organizations and their clients. We explore the distinction between customer support and customer success, emphasizing that the latter is a long-term endeavor focused on guiding clients toward their defined objectives. Ultimately, our conversation underscores the imperative of adopting a customer-centric approach to ensure that cybersecurity solutions not only protect but also enhance the overall business experience.

In this episode of the Security by Default podcast, Joseph Carson engages with David Muniz to explore the evolving landscape of cybersecurity. They discuss the importance of diversity in the field, the distinction between customer success and support, and the critical role of trust in business relationships. The conversation also delves into the Zero Trust paradigm, emphasizing the need for a human-centric approach in cybersecurity. David shares insights on staying updated in a rapidly changing industry and the significance of happiness in the workplace, concluding with thoughts on the human element in cybersecurity.

Keywords

cybersecurity, customer success, zero trust, trust in business, diversity in tech, human relationships, customer support, industry insights, happiness in work, staying updated

Takeaways

· Customer success focuses on long-term relationships, not just immediate problem-solving.

· Trust is a key component in building successful customer relationships.

· Zero Trust is about managing trust dynamically, not eliminating it.

· Customer success involves understanding what success means to the customer.

· Building trust requires consistent and reliable service.

· Human interactions are crucial in customer success, even in a digital world.

· Customer success can lead to increased revenue through renewals and up-selling.

· Trust in cybersecurity involves both technical and human elements.

· Effective customer success strategies can differentiate a company in the market.

· Balancing security with user experience is essential for customer satisfaction.

Sound bites

· “Customer success is about long-term relationships.”

· “Trust is not just assumed; it must be earned.”

· “Zero Trust is about managing trust, not eliminating it.”

· “Success is defined by the customer’s perspective.”

· “Human interactions are crucial in a digital world.”

· “Trust leads to increased revenue and loyalty.”

· “Cybersecurity involves both technical and human elements.”

· “Balancing security with user experience is key.”

· “Customer success can differentiate a company.”

· “Trust is a business differentiator.”

Chapters

00:00 Introduction to Cybersecurity and Guest Background

04:10 The Importance of Diversity in Cybersecurity

08:41 Understanding Customer Success vs. Customer Support

12:52 Building Trust in Customer Relationships

17:15 The Role of Zero Trust in Cybersecurity

22:07 Understanding Zero Trust and Its Implications

27:33 The Dynamic Nature of Trust in Cybersecurity

32:01 The Human Element in Building Trust

Additional Resources

The Trust Paradox: A Cybersecurity Mindset for Human Relationships

https://www.linkedin.com/pulse/trust-paradox-cybersecurity-mindset-human-david-muniz-f9fzf

The Hidden ROI of Trust in Business and Cybersecurity

https://www.linkedin.com/pulse/hidden-roi-trust-business-cybersecurity-david-muniz-7r3jc

https://segura.security/

https://segura.security/blog

https://en.wikipedia.org/wiki/The_Power_of_Now

The podcast episode delves into the intricate subject of cybersecurity, emphasizing the necessity for clarity amidst the chaos that often accompanies it. The host, Joseph, expresses his enthusiasm for engaging with industry luminaries and cultivating thought-provoking discussions that aim to enhance the safety and security of organizations and individuals alike. Joseph is joined by David Muniz, a seasoned professional with a diverse background in computer science, project management, and cybersecurity. David recounts his unconventional journey into the field, highlighting how his academic pursuits led him to realize his passion for addressing issues related to fraud detection and risk management. The conversation gradually transitions to the importance of customer success within the realm of cybersecurity. David delineates the distinction between customer support and customer success, asserting that the latter is focused on understanding the customer’s definition of success and facilitating their achievement of it. This involves a long-term commitment to building relationships and trust, as well as comprehending the various business objectives that drive customers to adopt cybersecurity solutions. The podcast underscores the need for a shift in perspective, viewing cybersecurity not merely as a technical challenge but as a fundamental business issue that necessitates the involvement of diverse stakeholders across an organization. Throughout the episode, a recurring theme emerges: the emphasis on trust as a cornerstone of effective cybersecurity practices. Both speakers advocate for a change in hiring practices, proposing that organizations should prioritize passion and willingness to learn over rigid certification requirements. As the discussion unfolds, the duo reflects on the evolving landscape of cybersecurity, addressing the concept of zero trust and the importance of a dynamic approach to risk management. They conclude by reiterating that the epitome of customer success is rooted in the cultivation of genuine relationships, where trust and open communication play pivotal roles, ultimately enabling organizations to navigate the complexities of cybersecurity with greater efficacy.

Transcript
Speaker A:

Hi everyone.

Speaker A:

Welcome back to another episode of the Security By Default podcast.

Speaker A:

It’s the podcast here to really bring clarity out of the chaos world that we live in.

Speaker A:

Cybersecurity.

Speaker A:

I’m really excited.

Speaker A:

I’m always enjoying this time that I get to spend with amazing people and guests and bringing you really kind of thought leadership ideas, being creative in order to make your world hopefully easier and safer for either the people around you or the organizations you work for.

Speaker A:

Absolutely.

Speaker A:

Always make sure if you do have other colleagues or somebody who might find this interesting, please do share it.

Speaker A:

Share the word around about the podcast.

Speaker A:

It’s always great.

Speaker A:

You know, for me it helps me keep doing the podcast every week.

Speaker A:

So hopefully this is very valuable.

Speaker A:

So today I’m joined by an awesome guest, somebody who have known for quite a quite a long time.

Speaker A:

They’ve just met this year for the first time and I’ve had lots of conversations, very interesting discussions.

Speaker A:

So David, welcome to the podcast.

Speaker A:

Since this is your first time.

Speaker A:

I always have, you know, first time guests give a little bit of background about, you know, what’s your origin story, how did you get into the industry, what do you do and maybe some fun, fun things about yourself.

Speaker B:

Excellent.

Speaker B:

Well, first of all I want to say again that I’m very excited to be here sharing my experience and my journey with you Joseph and also all of your listeners.

Speaker B:

I’m David Muniz, I am a computer science scientist by by educational formation.

Speaker B:

I did then an MBA on project manager, Product management and most recently in cybersecurity.

Speaker B:

And it’s funny you asked you asking about my background because it’s a funny story how I joined the company that I’m currently working and how I joined Segura.

Speaker B:

It wasn’t my final work on university.

Speaker B:

Well, we usually didn’t talk that much about cybersecurity.

Speaker B:

It was still an emerging topic and we started to get SOX auditing and I used to do an internship on a telecom and one of the systems that they had was related.

Speaker B:

It was SOX controlled.

Speaker B:

So it was a system that somehow controlled the revenue of the company.

Speaker B:

It was the system that you got to higher and to control the paid, the paid plans that the customers had.

Speaker B:

So this work was subject to socks 404 and we saw at the moment many cases of fraud.

Speaker B:

Still we didn’t have GSM at all.

Speaker B:

We were migrating to GSM at that time but we had lots of problems with prod.

Speaker B:

And I must tell you Joseph, I’m not a really good programmer, I’m not a coder I like management and I like risk and I like this kind of conversation, this kind of this.

Speaker B:

This side let’s say of computing.

Speaker B:

So I didn’t know how to write my final work and I said wow, I like this topic.

Speaker B:

I like fraud and I like detecting and responding to fraud.

Speaker A:

The investigation side of things.

Speaker B:

Investigation side of things.

Speaker A:

Forensics look totally.

Speaker B:

So I started to research on the cybersecurity space on how companies were doing to ensure protection and also to ensure compliance.

Speaker B:

Well, we had SoCs, but we also had other cybersecurity frameworks.

Speaker B:Sysctr CISO:Speaker B:

So I started studying these, these regulatory documents.

Speaker B:

In the end I wrote up about that how companies who should evaluate products to align with.

Speaker B:

I also 27,001 compliance controls.

Speaker B:

And I usually put this information on my resumes.

Speaker B:

What are my final work on the courses and the study that I do.

Speaker B:

So the owner of the company, Marcus he saw the title of my work which is our comparison study and that’s how I ended up in the company.

Speaker B:

He liked what I was writing about even though I didn’t have well at the time I didn’t have cybersecurity already work experience but I had studied about that.

Speaker B:

So that was I think 80 years after my.

Speaker B:

My final work.

Speaker B:

So that’s how I ended up working at Segura here.

Speaker B:

So I started at the documentation area, then I moved to the marketing area.

Speaker B:

We established the analyst relations pillar at Segura to have relationship with.

Speaker B:

To foster relationship with market analysts.

Speaker B:

And more recent, most recently I have joined the customer success team area which also deals with another kind of relationship.

Speaker B:

But instead of marketing analyst, how the company is going to foster relationships with clients which in my point of view are the ones who are bringing revenue to the company.

Speaker B:

Are the ones who we should care well also about the American analysis but we should care about in the organization, in any organization.

Speaker A:

Absolutely.

Speaker A:

I just want to come back on important point that you mentioned that I think is crucial for the audience.

Speaker A:

And we see it, we see it all the time.

Speaker A:

I see it in social media and is that I see a lot of times that you can’t be in cybersecurity if you don’t know how to program.

Speaker A:

And I always think that that is the.

Speaker A:

It’s.

Speaker A:

You know, that might have been the case maybe 20, 30 years ago.

Speaker A:

You know, that might have been, you know, you know one cybersecurity even before it was more just engineering and just kind of coding and bringing things together.

Speaker A:

So that might have been that’s, that’s might have been an historical fact, but I think it’s so important today is that, you know, security is no longer in it.

Speaker A:

It’s a business problem.

Speaker A:

And therefore we always need to look at it across the silos is that, you know, it’s no longer an IT problem.

Speaker A:

It’s actually, it’s a HR problem, it’s a finance problem, it’s a sales problem, it’s a marketing problem, it’s a business problem.

Speaker A:

And therefore we need, absolutely, we need diversity.

Speaker A:

We need people from different experience.

Speaker A:

And I remember I used to hire a lot, you know, put on a number of years ago.

Speaker A:

Ed hired something like over 100 people at some point in one of the organizations I work for.

Speaker A:

And for me I got really frustrated where HR and we’re, you know, filtering out all the people that didn’t have certifications, we’re filtering out, you know, lots of work.

Speaker A:

They had some weird requirements of looking at resumes.

Speaker A:

And I got so upset, I said just send me everything.

Speaker A:

I don’t care if the person has a certification, is a programmer or not, I don’t care, just send it.

Speaker A:

I wanted diversity, I wanted more visibility.

Speaker A:

And it meant for me that I had one requirement.

Speaker A:

If that person was passionate enough to learn, if they wanted to learn and they had a good approach and a good motivation, they were excited.

Speaker A:

Then I didn’t care, you know, how many certifications they had, if they had none and they just had a passion for learning and I had people in the team who could train and teach that person.

Speaker A:

I was always willing to give the opportunity.

Speaker A:

And I think that’s always key is that if you see somebody who is, you know, a unique set of skills that, you know, isn’t traditional but they have value they can add, we should always look for that opportunity.

Speaker A:

And that’s what really makes, that’s what’s going to evolve cybersecurity into much more a people focused business rather than a technology focused business, which it has been for way too long.

Speaker A:

So it’s really great to hear kind of your story, kind of how you came into Segura, because I think that’s fantastic and it shows you some companies which are more modernized, look at how they do their talent, you know, searches and how they get people into the organization which really about looking for that diversity.

Speaker A:

So I think one of the most important topics I’ve always looked at is how to make sure one is you get happy customers, is how, how do you get success.

Speaker A:

And I’ve, I’ve had a Good friend of mine on before we had an episode a while back was with George committee and we talked about how important it is to get brand right, how important it is to focus on solving problems.

Speaker A:

So I think, and this is one of the most vital areas is that it’s not a tech problem.

Speaker A:

We have to make sure we’re actually, you know, really solving problems that is valuable and saves time and has a return on investment.

Speaker A:

Tell me what’s your criteria?

Speaker A:

How do you measure customer success?

Speaker A:

How do you look at it?

Speaker A:

What some of your techniques and strategies that you can share with the audience?

Speaker A:

What’s, what’s your typical approach around customer success?

Speaker A:

What makes a happy customer?

Speaker B:

Well, I think Joseph, we need to clarify first what customer success is and what is the difference between customer success and customer support, which many people can sometimes confuse that when we’re talking about.

Speaker B:

Well, I think we can imagine the difference between them into the short term and the long term.

Speaker B:

When we’re talking about customer support, you’re addressing the short term.

Speaker B:

You’re addressing the problem that the customer is having some issues that they having or some problems that they, they’re, they’re having.

Speaker B:

By using your solution, do you solve that and the, and the, and the customer can continue their, their activities.

Speaker B:

When we’re talking on customer success, I think the first thing is success.

Speaker B:

To who, let’s define who, who is the success?

Speaker B:

So we’re talking about the customer success.

Speaker B:

So what the customer understand as having success by using your product.

Speaker B:

So your job is to understand what are these success aspects, what does the customer consider a success and help them how to achieve this success.

Speaker B:

I think that’s the, that’s the role of the customer success.

Speaker B:

And you should agree with me that this is a long term objective or long term work.

Speaker B:

Let’s say you have to understand and sometimes the customer doesn’t know what is success for them.

Speaker B:

So you need to go there and you need to ask questions to the customer so you can understand why did it, why did it implement, implement your tool?

Speaker B:

Why did they deploy your tool?

Speaker B:

Sometimes it’s just a compliance issue.

Speaker B:r they just need to check ISO:Speaker B:

What are the KPIs that they’re going to use to measure this success even if it’s just compliance or have them understand that there are other business objectives that they need to fulfill.

Speaker B:

As you said Cybersecurity, before it was just people from the infrastructure that were just moving into the cybersecurity space.

Speaker B:

But nowadays cybersecurity is in the business, it’s in the core business.

Speaker B:

And sometimes the board doesn’t know anything about cybersecurity.

Speaker B:

So you gotta have a CISO in the board to first define the business objectives and then you gotta enter into the cybersecurity how cybersecurity is going to support these business objectives.

Speaker B:

Then you’re going, well, and one of the things, one of the things that you need to do to fulfill these business objectives is to implement product.

Speaker B:

So the customer success is going to enter in this page, in this part to make sure that what the expectations of the customers are met and then they reach success.

Speaker A:

It’s always sounds to me, I almost like, I like to think of metaphors.

Speaker A:

So when, when you’re talking, I’ve got this metaphor in my head.

Speaker A:

It’s almost like, it’s like, it’s like a road trip.

Speaker A:

I love a good road trip.

Speaker A:

It’s a process.

Speaker A:

Yeah.

Speaker A:

And you’re in the car and the car is, you know, is, is the solution.

Speaker A:

But you, you know, along the way you might have some hiccups, you might, you know, you need to change the oil.

Speaker A:

You know, something might not function.

Speaker A:

And, and that’s what you’re referring to as you know, is the customer support is that those little hiccups and little bumps along the road, you might get a flat tire, you have to, you know, repair it, but it’s getting back in that car and keeping going to your destination.

Speaker A:

And you might have multiple destinations, you might be going to pick up a bunch of friends in different cities.

Speaker A:

And so as you get to the first city, that’s your first milestone.

Speaker A:

And at that point in time, you can, you can celebrate, you can enjoy because you’ve been able to achieve one of the main goals is getting from A to B.

Speaker A:

You’ve gone on the journey, it might have been like, you know, from, from some products, you might be really happy.

Speaker A:

This has been a great, you know, journey.

Speaker A:

It, it did everything I wanted to do, I enjoyed along the way.

Speaker A:

Or it could be a horrible experience.

Speaker A:

You could have had all, all tires fall off the car and you might be stuck on the side of the road.

Speaker A:

You might never get to your destination.

Speaker A:

So I think it’s really important that the two things go hand in hand, is that customer support is really about making sure that the vehicle keeps going.

Speaker A:

And customer successes is making sure that you’re, you’re focusing getting to your destination and going also having those celebrations when you get there as well.

Speaker A:

It’s important to go back and look about how was the journey, was it good?

Speaker A:

What, what could have been better along the way.

Speaker A:

So reflections are also important as well.

Speaker A:

And I think that’s, you know, is thinking about those two distinct distinctions.

Speaker A:

But they are very closely related.

Speaker A:

Sometimes they do interchange along the way.

Speaker A:

Um, so do you have some examples that you, you know of, let’s say, you know, you know, poor customer success.

Speaker A:

What would a pure customer success look like versus really you know, good best practice customer success?

Speaker A:

What would be the difference between those Joseph Customer success?

Speaker B:

Well, customer success, analyst relations, all of those activities should be based on the trust.

Speaker B:

That’s how relationships are based on here at, here at Segura we have what we call a customer centric approach.

Speaker B:

And that means that we guide the customer throughout their whole journey.

Speaker B:

So from the product development through the deployment, through the experience that they have in using the tool, through customer support and what makes a customer success work different, what makes best in class and what makes best practice, what makes it a best practice for customer success is how you’re going to foster the trust in the client, how you are going to become a trusted partner for the customer.

Speaker B:

They are going to see that and they, they see much more than just business transactions.

Speaker B:

We’re talking about human transactions and that’s how we have to build the trust.

Speaker B:

Because when you trust, take, take it with ourselves when we trust someone or when we trust an organization and when we trust a product, we are much more willing to be faithful to buy more from this from the vendor or buy more from this company.

Speaker B:

So we’re willing to make more business with this company because we see that as a two way, two way communication flow or two way.

Speaker B:

We trust the customer and we trust the business but also the business delivers value to us.

Speaker B:

So I think what is going to say if we are doing a good cost and that is going to reflect on net recurring revenue, is going to reflect on renewals, it’s going to reflect on upselling, it’s going to reflect on everything.

Speaker A:

Absolutely.

Speaker A:

I always look at my recent experiences and I think you’re absolutely right.

Speaker A:

And even being in Estonia, I know in Estonia they have a very important level of trust is you have to earn trust and trust is, is not just assumed you have to earn it, you have to verify it.

Speaker A:

And to your point is it’s a setting a very consistent level of expectations.

Speaker A:

No built based on that trust relationship.

Speaker A:

You’re Creating there’s a level of expectations that you know you’re going to get.

Speaker A:

You know, it’s the same when you travel.

Speaker A:

If you choose different hotels and airlines, how you book those, you have a level of trusted expectation that, you know, all was you.

Speaker A:

You’re going to get consistency, good experience, good quality, good value for money.

Speaker A:

Even recently, I’m going through the process of having to repurchase suitcases.

Speaker B:

I saw that the Porsche was.

Speaker B:

I’m sorry.

Speaker A:

So ultimately, I mean, it was a very simple thing.

Speaker A:

Is, is that, you know, one.

Speaker A:

Is it, you know, lifetime warranty, you expect it.

Speaker A:

And then.

Speaker A:

And the whole thing came back was the warranty was not covering using it while traveling.

Speaker A:

And I was like, well, I actually didn’t.

Speaker A:

Didn’t use it, that the problem didn’t occur while traveling.

Speaker A:

It was at home when I was preparing for traveling.

Speaker A:

And I went back and, and they were like, every little detail.

Speaker A:

It was such a minor little thing that could have been solved, that could have gained trust and would have made me a repeat customer.

Speaker A:

And those simple things by not warranting and not giving that level of trust and expectations is that I can’t trust them, so I can no longer buy any more from them.

Speaker A:

And it’s the same even just I had to change my car’s winter tires.

Speaker A:

And of course, do I go and choose somebody who I know is going to do good quality and, you know, good expectations that I’ve used before and I’ve always had a good experience.

Speaker A:

Absolutely.

Speaker A:

It’s about building those relationships and it’s about the human relationships.

Speaker A:

For me, it’s not just about, you know, the result of, you know, getting the tires change in the car or getting the service or getting, you know, a suitcase that you can trust when you put it in the airplane, it’s going to get this destination in the same quality it was when I left.

Speaker A:

So for me, you’re absolutely right.

Speaker A:

I think that’s one of the core things is that.

Speaker A:

And that’s why, you know, we buy from people, we, we buy from the relationships.

Speaker A:

And you know, I always say it’s.

Speaker A:

It’s the same as all the companies I’ve worked for over the years, is that you see a lot of people that build trust.

Speaker A:

And as those people move through companies, they know that that person’s going to have their back.

Speaker A:

They know that they’re going to be on the journey with them.

Speaker A:

And they know that, you know, they’re always going to be able to, to, to get to success, to get to the destination, because that person is going to do everything possible.

Speaker A:

And I completely agree.

Speaker A:

One of the things that I always enjoy about Segura is it is a very customer centric company and that’s always, it’s hard to find sometimes these days you get very.

Speaker A:

Companies who are very transactional focused.

Speaker A:

It’s all you want to do is your transactions.

Speaker A:

And one of the great things that I will see in the people of Segura and all of the amazing talent is it’s all about they, it’s not just the transaction.

Speaker A:

It’s about making sure that the customer has a good experience, actually gets the solution that does solve the problem that they want and that they need.

Speaker A:

Sometimes, you know, you do see good companies, you know, around in different industries that are very focused on that and it’s always great to see.

Speaker A:

And one of the things is as I get my suitcase recommendations, you can see, you can see that same thing is that people have a loyalty to certain things where they’ve, they’ve had such a good experience, that company has had their back and that’s always great to see.

Speaker A:

I actually had a good shuffle because there’s some comical mentions in it as well.

Speaker A:

But.

Speaker A:

And sometimes we do need that laughter in, in our days.

Speaker A:

So.

Speaker A:

Yes, absolutely.

Speaker A:

We can see that across multiple industries.

Speaker A:

What, what’s, what’s.

Speaker B:

And trust makes us more happy.

Speaker B:

Trust makes us more happy.

Speaker A:

It does.

Speaker A:

If, if it’s also the expectations as well.

Speaker A:

Is, is it if the trust and you get the expectations, it means that you have less worry, you have less stress.

Speaker B:

Yes.

Speaker A:

You are, you know, you’re getting things done, things are moving forward and all of those create happiness in your life.

Speaker A:

Is that when you, when things are, are going as you, you, you, you wish and as expect, it does make it a much more enjoyable journey as well.

Speaker B:

Definitely.

Speaker A:

The less you’re sitting at the side of the road with a flat tire and the more that you know you get that help and you get that tire change, you get back on the road again.

Speaker A:

The, the, the shorter that turnaround.

Speaker A:

Absolutely.

Speaker A:

That creates happiness.

Speaker A:

Yeah.

Speaker A:

Because you’re always on the destination.

Speaker B:

Yeah.

Speaker B:

Look at, look at the, look at the travel aspect.

Speaker B:

All the layers that are involved in that.

Speaker B:

When you, when you get into an airplane, you trust the manufacturer of the airplane that they built it correctly and they’re, they’re going to function correctly.

Speaker B:

You trust the airline because you, you’re going to, you trust that they are going to take you to your destination at the right time.

Speaker B:

So you’re, you have a network of trust involved in A single plane trip.

Speaker B:

And that experience is also going to tell you whether you’re going to go back to their, to that airline, whether you’re going to advocate in favor of.

Speaker A:

This airline, promote it and promote it, because that’s, I think one of the biggest areas is, you know, when you, you’re, when you’re looking for advice, you’ve got a trusted network and those trusted advisors will give you their honest and good recommendations.

Speaker A:

I was laughing as you mentioned about travel, because that’s one thing I’m very.

Speaker A:

When I’m traveling, I’m always looking.

Speaker A:

I look at the fine details.

Speaker A:

For me, it’s all about how much time am I spending, how much time am I wasting, and the layovers.

Speaker A:

I look at what airplane model it is in order to see is like, you know, is it something that I want to be on or something I don’t want to be on?

Speaker A:

I go into such a fine details also who I’m booking with, because I remember I used to book to the travel agencies and when there’s a problem, it’s the last thing.

Speaker A:

You get help with the airlines.

Speaker A:

If you booked not directly, then you don’t get the same, treated the same way.

Speaker A:

So it’s really also going into those fine details about making sure that, like, you expect everything to go smoothly, but when it does go wrong, you want to make sure that you get treated with well and quickly.

Speaker A:

A lot of those things comes into that decision making, and I think that’s what a lot of companies are looking for, is that they want brands that they can trust.

Speaker A:

And, you know, when they, when they make those decisions and they know then it makes them feel that they can focus on other problems that they can, they take the time on because they know that, that that problem’s been solved.

Speaker B:

Sometimes the customer just want to be heard.

Speaker B:

Joseph?

Speaker A:

Yes, they want somebody, somebody that, you know, they want a person on the other side.

Speaker A:

I remember, oh my goodness, having a chatbot.

Speaker A:

It was going around in circles.

Speaker A:

It’s just they had a chat bot for an agent.

Speaker A:

I was just like, I want to talk to human.

Speaker A:

I was like, okay, I’ll put you in touch with a human.

Speaker A:

And it comes back to the bot again.

Speaker A:

I’m like, no, you’re not.

Speaker A:

You’re not a human.

Speaker A:

You’re still a bot.

Speaker A:

And you get in this vicious circle.

Speaker A:

And it’s unfortunate that, you know, a lot of companies are, they don’t have the balance, the mix, you know, where.

Speaker A:

Yes, a lot of things can be automated when you do it well, but if you don’t have somebody who’s on the other side to pick up and you know, to engage and have a bit of empathy, because agents don’t have empathy, people do.

Speaker A:

And that’s one of the biggest things.

Speaker A:

So it’s always good to have a person at the end.

Speaker A:

So an important other topic is one of the things is, you know, I think customer support, customer success, highly important.

Speaker A:

And one of the things we, we, we touched on is trust.

Speaker A:

And there’s also the big topic in the whole industry which is around the whole zero trust aspect.

Speaker A:

I always, I’m not, I’ve, I’ve said this for many years, is that I sometimes I’m not a fan of the term zero trust.

Speaker A:

I’m a fan of the goal is what you’re trying to achieve.

Speaker A:

And I was like, oh, zero trust is like, you know, it’s a very technical term that sometimes the business is like what they don’t get it.

Speaker A:

But when you explain it in a way, it’s about, you know, ultimately reducing risk.

Speaker A:

It’s about making it safe for employees to do the job.

Speaker A:

And you’ve done a bit of work recently.

Speaker A:

I saw a great talk that you gave on zero Trust.

Speaker A:

You want to give the audience a little bit of kind of background into how you researched it, what was your findings, what was your key takeaways from it.

Speaker B:

Excellent.

Speaker B:

I also agree with you.

Speaker B:

Zero trust also sounds to me like strange, like how come I’m not.

Speaker B:

That sounds like empty.

Speaker B:

But I think there, this is what I call the trust paradox.

Speaker B:

Because we need to see trust in two different angles.

Speaker B:

We have the cybersecurity angle, which is what you just said, and we also have the human, the rela, the human relationships angle.

Speaker B:

Well, probably many of you, many of us have heard about zero trust as a term developed by John Kinderwagen.

Speaker B:

That’s, that’s how we mostly hear that the term is.

Speaker B:

Has coming from.

Speaker B:

But what John kind of Argan did was just transform a concept that already existed into a business language.

Speaker B:So in:Speaker B:

There was this student called Stephen Paul Marsh that he developed a beautiful PhD thesis called formalizing Trust as a Computational Concept.

Speaker B:

And Steven talks about this in his thesis.

Speaker B:

He talks, he tells that trust is not a binary concept.

Speaker B:

It’s not a yes or no.

Speaker B:

It is contextual.

Speaker B:

So depends on one situation can be valid in one context and not in another.

Speaker B:

For example, you can trust me to speak here with me to speak here with you to have this conversation, to record a podcast for you.

Speaker B:

But you may not trust me to drive your car or to, I don’t know.

Speaker B:

Any other action is also conditional.

Speaker B:

It depends also on, on behavior.

Speaker B:

You have to build the.

Speaker B:

Usually when we’re talking about conditional behavior, companies we need to understand that companies have different risk appetite.

Speaker B:

So talking about different thresholds that companies are going to indicate that is going to be their risk appetite acceptance.

Speaker B:

Some companies can be a higher level of risk acceptance, some can be lower.

Speaker B:

Like financial organizations, they need to have high risk threshold.

Speaker B:

But other startups for example, may not have that, may have that risk appetite.

Speaker B:

And also trust is dynamic because it’s going to, it’s going to evolve through time.

Speaker B:

But zero trust doesn’t mean zero trust.

Speaker B:

As we all know, sometimes somehow you need to have trust in the user even though you’re going to build this trust.

Speaker B:

So you have, you got to have some level of trust to allow them to do their actions.

Speaker B:

Which means is that the behavior of the user is going to be constantly assessed.

Speaker B:

So you can replace that risk threshold or you can evaluate if the user has transpassed that risk threshold.

Speaker B:

So somehow you have.

Speaker B:

It’s not that you don’t have trust.

Speaker B:

You don’t have implicit trust, you don’t assume trust.

Speaker B:

You have to manage the trust in the user.

Speaker A:

That’s, that’s what it becomes a risk score, a dynamic risk scoring.

Speaker A:

So to your point, you’ve got a risk appetite.

Speaker A:

How much risk am I willing to accept?

Speaker A:

I’ve got a dynamic risk scoring is how much controls because and you and you start with zero.

Speaker A:

You have to build the risk scoring from nothing is.

Speaker A:

I’ve never seen this request before.

Speaker A:

I’ve never seen this credential been used before.

Speaker A:

It’s coming from a place where I don’t know if I have employees there.

Speaker A:

It’s accessing an application which might, you know, might contain sensitive information.

Speaker A:

They might be coming with, you know, without multi factor authentication or you know, with a really old password.

Speaker A:

So you got all these kind of risk controls and some of them, I will say that some of them could be interactive.

Speaker A:

You’re interacting with the user and they supplying some of the risk scoring.

Speaker A:

Or it might be non interactive meaning a lot of things can be run in the background where they’re coming from.

Speaker A:

Do they have vpn, what types of patches is on that system?

Speaker A:

You know, have I seen it before?

Speaker A:

So you have this dynamic risk scoring and if it falls within the risk appetite that you’re, you’ve preset then you have a certain level of, you know, security that’s being met.

Speaker A:

But the whole point is, is that that risk is not static.

Speaker A:

It’s that it’s adaptive and it’s re evaluated every single time.

Speaker A:

Pretty much every, every transaction, every authentication, every authorization, you’re reevaluating every single time.

Speaker A:

Has this security, you know, risk score changed?

Speaker A:

Has my risk appetite increased or decreased?

Speaker A:

Because you might say all of a sudden a new vulnerability comes in.

Speaker A:

New APT is targeting, a new campaign’s running.

Speaker A:

Therefore I might increase my risk threshold and require more controls to get a bypass that you know that, that control.

Speaker A:

So it’s really, it’s getting into the world of really to security is like a living organism and it’s really adapting to one is what, what we’re requiring and what our appetite for, for the, the risk is.

Speaker A:

And I will say that one of the things is I, I like to call it zero assumptions is I don’t assume that security has been in already met.

Speaker A:

I have to, you know, have, I don’t assume that the person’s authenticated and has been authorized.

Speaker A:

I want to evaluate that and make sure that the connection can be, can be trusted.

Speaker A:

A level of trust that I’m good with.

Speaker A:

And the other thing as well is that I will say that what goes hand in hand is zero trust.

Speaker A:

It’s a great, it’s a mindset in how you operate your business.

Speaker A:

I think that’s always kind of, it’s not a product, it’s not a checkbox you don’t ever become.

Speaker A:

It’s how you continually operate.

Speaker A:

It’s always an operational procedure.

Speaker A:

But you also must include zero friction.

Speaker A:

You must not make it harder for the employee to do their job.

Speaker B:

Definitely.

Speaker B:

That’s, that’s one of the reasons why employees don’t want to use cybersecurity solutions.

Speaker B:

So they find it difficult.

Speaker B:

It’s, it creates friction for you.

Speaker B:

So that’s, that’s one of the greatest challenges about implementing cybersecurity tools.

Speaker B:

How the actual employee, the actual user, they don’t want their usual way of work to be changed by a tool.

Speaker B:

They don’t want someone saying that you need to change how you’re going to do this activity and this activity is going to take you more, I don’t know, 50% more time just because of cybersecurity controls.

Speaker A:

Absolutely.

Speaker A:

It’s, it’s just like when you travel, you go to one country and they drive in the wrong side of the road and you have to read, you know, all of a sudden I always laugh.

Speaker A:

You know, instead of indicators coming on, you got window Wipers coming up and you got so.

Speaker A:

Because everything’s different.

Speaker A:

We hate change because that’s what when mistakes and accidents happen is when the change is too, too, too great.

Speaker A:

But I absolutely agree is that security should always, anytime you’re looking at security should always be something that makes the employee’s job much easier, better and they enjoy it more, I think, and secure at the same time.

Speaker A:

It’s always kind of like, you know, but with that you want to have to find a balance as well.

Speaker A:

I think one of the things I’d like you to mention, one of the things, you know, I’ve always heard ever since the first day with Segura is how the users love, love the product.

Speaker A:

And I think Suguru was one of the only vendors to get the double circle in the Forrester wave.

Speaker A:

Is that correct?

Speaker A:

So we want to give like how does Segura achieve that?

Speaker A:

How, how does Secura keep, you know, how, how does it focus, you know, being a, A, you know, a customer focused company.

Speaker A:

But how does it, you know, how do you maintain that, that love of the company and product?

Speaker B:

We hear, we hear the, the customer, we make the customer feel that they are being heard.

Speaker B:

Today we are talking a lot about AI, about technology, about how technology is evolving, how the digital work is evolving.

Speaker B:

And I really want to bring here a reflection on how the digital work, the digital world is affecting the way that we build relationships.

Speaker B:

Take social media.

Speaker B:

For me, likes and comments are superficial.

Speaker B:

And to build trust, need.

Speaker B:

It’s a loop.

Speaker B:

It’s a, it’s an infinite loop.

Speaker B:

And I think in a world where we are flooded by information, connections, stimul stimulus, we are being constantly stimulated.

Speaker B:

It’s how we go back to the, to the human touch.

Speaker B:

Like you said before, I want to talk to a human.

Speaker B:

I want to talk to a human.

Speaker B:

I don’t want to talk to a machine.

Speaker B:

Even though we see that, Even though we see that in some countries, absolutely.

Speaker A:

I mean the bot, if it can answer my questions that I need to get answered, great.

Speaker A:

If it can give me the information I need, perfectly, no problem.

Speaker A:

But when you’re trying to solve things that it can’t just have an alternative to the human side because a human will be able to understand contextual side of things.

Speaker A:

And when you don’t have that alternative, and I think that’s a mistake.

Speaker A:

I’m seeing lots of companies doing, is that they’re trying to replace 100% of that interactions with automation.

Speaker A:

But they should not.

Speaker A:

There should always be the balance because you do need the people to be able to help.

Speaker A:

Also improve your AI experience as well, by teaching it, by sharing knowledge, by giving context, by retraining it.

Speaker A:

And too many companies are, you know, they’re losing that future engagement and knowledge by moving too, too much to automation.

Speaker A:

And it’s always important to find that balance.

Speaker B:

Definitely.

Speaker B:

Well, we talked about the, we talked about the zero trust aspect.

Speaker B:

And I want to go, so make this association with this paradox now with the human aspect.

Speaker B:

And we talked how instant things are now like you do that you order everything online, everything comes, everything is.

Speaker B:

But building trust in building relationships is a process that takes time.

Speaker B:

Unfortunately or not, in two days, we are not best friends.

Speaker B:

It’s not like that.

Speaker B:

In two days you’re not, you’re not married to someone.

Speaker B:

Let’s say the process takes time.

Speaker B:

It says it’s going to be lots of oxytocin that is going.

Speaker B:

Oxytocin, that is the one of the hormones that are going to be released when trust is built.

Speaker B:

But everything is going to start with a signal, with a first, first impression.

Speaker B:

And after that you’re going to build the trust.

Speaker B:

You’re going to have consistency.

Speaker B:

You’re going to have signals like the ones we saw in the human behavior.

Speaker B:

Even though they are slightly.

Speaker B:

Well, they are sometimes they are different.

Speaker B:

They are different perspectives, but in some way they are aligned because human connections are also based over signals.

Speaker B:

The signals that you do with someone telling the truth, looking in the eyes, giving autonomy.

Speaker A:

All the sensors.

Speaker B:

Yes, giving autonomy to the, to the person sharing information, giving people distraction, making them free to choose what they are best in.

Speaker B:

Give more focus on the areas that they are good in.

Speaker B:

So those are the signals that we have here as humans to build trust.

Speaker B:

That’s.

Speaker B:

That is how our trust is going to be evolved and how.

Speaker B:

That’s how the roots are going to go deeper.

Speaker B:

And whenever a thunderstorm may come, the, the relationship and the trust won’t be.

Speaker B:

Won’t be affected.

Speaker A:

So a question for you.

Speaker A:

I mean, how do you stay up to date?

Speaker A:

What resources do you use?

Speaker A:

Do you read books, listen to podcasts?

Speaker A:

Do you go to webinars?

Speaker A:

What’s, what’s your primary source of knowledge?

Speaker A:

How do you stay up to date these days as there’s so much information out there?

Speaker A:

What’s, what’s your primary.

Speaker B:

Well, I must tell you that I’m not really a.

Speaker B:

Well, I have Netflix, but I don’t watch that much.

Speaker B:

I love watching documentaries.

Speaker B:

I love watching movies that are based on real story.

Speaker B:

I like to associate somehow what I’M watching to the truth or a takeaway that I can get from that.

Speaker B:

I love also reading.

Speaker B:

Reading.

Speaker B:

Well, I used to love more reading the news but I think the, the environment got so toxic that sometimes I don’t like watching the news.

Speaker B:

Sometimes I just hover on the website, take a look on the news that I want to watch and, and, and, and go out.

Speaker B:

I don’t spetch that spend that much doing that.

Speaker B:

I also like reading.

Speaker B:

We’re talking about hormones here and that this is something that I was going to talk somewhere during this conversation.

Speaker B:

I don’t know if you have, if you ever read the book Sapiens from Yuval Haaris.

Speaker A:

Yes.

Speaker B:

And one of the biggest takeaways from that book is that, and that may sound a little simplistic but, and sometimes it is, but our life.

Speaker B:

In the end of the book, Yuval starts to talk about the science of happiness.

Speaker B:

And of course like I understand that there are some, some people that don’t produce hormones and they need medicine or they need other ways to produce them.

Speaker B:

But happiness is a chemical, is a state that is also chemical.

Speaker B:

These substances that get released in our brain and in the end what the things that you do to make these hormones be released, what you have to do.

Speaker B:

In my case, I love working out.

Speaker B:

I love creating connections.

Speaker B:

I love talking to people.

Speaker B:

I love hearing stories.

Speaker B:

I love hearing stories.

Speaker B:

I go to the beach, I like going to a park, sitting down and relax.

Speaker B:

I really like, by the way, the photos that you published.

Speaker B:

I think somehow it gives a moment for us to just be with ourselves and just have these hormones released by understanding what is this make these hormones be released and that can be different from one person to another.

Speaker B:

I love, I love working out, but I have people, friends that hate going to the gym.

Speaker B:

That really depends on person to person.

Speaker B:

I think the end is you need to understand what makes you happy.

Speaker A:

Absolutely.

Speaker B:

What, what, what is going to make these hormones to be released in your body?

Speaker A:

Absolutely.

Speaker A:

Yeah.

Speaker A:

For me I can think about, you know, it’s like, yeah, I’m not a big going to the gym fam, but I, I love playing football.

Speaker A:

So for me football is like, it gives me so much like, you know, fun and joy once you, once you’re finished and you look back and like, well, that was, that was a lot of fun.

Speaker A:

It was really interesting and engaging.

Speaker A:

One of the books I’m, I’m just finishing literally is the Power of Now as well, which of course you know, Marcus had recommended.

Speaker A:

And I’m like, okay, I gotta spend Time to read this.

Speaker A:

And it’s again very similar to, you know, it’s about, you know, not looking back so much in the past or not worrying about too much in the future.

Speaker A:

But you can only really make changes really now which is like.

Speaker A:

Because we’re living in the moment and it means it’s really kind of, it’s.

Speaker A:

Which is also really interesting as well because you know, in the Estonian language there is no future tense so you can’t leave things till tomorrow because tomorrow doesn’t exist.

Speaker A:

So which is always an interesting aspect.

Speaker A:

So, so that’s one that I’ve been reading which I’ve been very finding very enlightening and, and it’s changed my little, few of my views and perspectives on some things that’s I’m trying to now, now get more, more done in the moment rather than saying oh I can leave it till tomorrow in a.

Speaker A:

Doesn’t exist.

Speaker B:

That’s a challenge.

Speaker B:

That’s a challenge for CISOs, right?

Speaker B:

It is a challenge because well, we are, they are always expecting what is going to be the next cyber attack.

Speaker B:

What we need, we need a fear and now talking about cybersecurity that more and more are affecting business operations.

Speaker B:

I think we also need to understand how we can develop more social, social skills in our CISOs.

Speaker B:

When you’re talking about anxiety, anxiety is the fear of tomorrow, is understanding whether your company, the company that you’re running is going to be victim of a cyber attacks.

Speaker B:

What are going to be the implications of that for you?

Speaker B:

And I think for us as a vendor, we are part of this and again we are in the trust, we are getting back into the trust aspect because we are here to help the CISOs feel safe and secure and trust, and trust in us as a vendor and in us as a product.

Speaker B:

So we are part of also the East Access system to improve happiness and to improve the well being of the CISO that they need.

Speaker B:

They don’t need to be worried about when the cyber attack is coming from.

Speaker A:

And if they do happen, which they probably will likely happen, is that we’ve minimized the impact that it has to, you know, that the impact is lower, has less kind of disruption to the business so that, you know, helping organizations and scissors become more resilient.

Speaker A:

So you know, when, when that bump in the road does happen that it’s, it’s, it minimizes the impact that everyone feels.

Speaker B:

Definitely, definitely.

Speaker A:

So David, it’s been fantastic having you on.

Speaker A:

I always enjoy chatting with you.

Speaker A:

It’s always enlightening and I always feel like I get educated every single time.

Speaker A:

Many than thanks for spending the time on today’s episode.

Speaker A:

And for the audience, I’m pretty sure that they’re going to find this very, very educational and they’re going to get a lot of lessons and a lot of insights into what they can take away and make their world a happier place.

Speaker A:

I hope.

Speaker A:

Any last words of wisdom?

Speaker A:

If the audience do want to have questions or want to get in contact with you, what’s the best way for them to do so?

Speaker B:

Just pick me a message on LinkedIn.

Speaker B:

I’m pretty available.

Speaker B:

I respond to every message that I get.

Speaker B:

So if you want to reach out, just look after David Muniz.

Speaker B:

And there’s a picture of me wearing a Segura shirt T shirt on my profile picture.

Speaker B:

You’re probably going to notice that.

Speaker A:

I will.

Speaker A:

I’ll make sure for the audiences I’ll include links in the show notes.

Speaker A:

So for them you can just go to show notes.

Speaker A:

You’ll be able to find Excellent.

Speaker B:

I wrote a couple of articles also talking about the trust aspect.

Speaker B:

I think it’s a fantastic topic to be talked about because we usually when we talk about cybersecurity, we don’t talk.

Speaker B:

We don’t associate also with the human aspect.

Speaker B:

But remember, a cyber attack always start usually starts with the exploitation of a human trust.

Speaker B:

That’s why we have a social engineering attack.

Speaker B:

So it’s really important to associate the cybersecurity with the human mechanisms on how trust is built.

Speaker A:

Absolutely, completely agree with that.

Speaker A:

Fantastic.

Speaker A:

I’ll actually even send me some of the links to the articles.

Speaker A:

I can also include those in the show notes.

Speaker A:

It’s easier for the audience.

Speaker A:

So many thanks for everyone.

Speaker A:

Hopefully you’ve enjoyed today’s session.

Speaker A:

Really all about cyber security, customer support, customer success, insights into zero trust, and also a little bit of insights into happiness as well.

Speaker A:

So hopefully you’ll be able to to find a balance and to bring some joy to your lives as well.

Speaker A:

Because we do need.

Speaker A:

You know, as Evil Mog said not long ago, he said we’re always the bringers of bad news, but sometimes we need to take the time and, and and have a good laugh and enjoy our lives and and bring joy and good news sometimes as well.

Speaker A:

So for everyone, this is a security by default podcast coming every single two weeks with different guests, different topics, different insights and hopefully making your world a much happier place and a fun one as well.

Speaker A:

So for everyone, stay safe.

Speaker A:

Take care.

Speaker A:

Until next time.

Speaker A:

Thank you.

Speaker B:

Stay safe.

Speaker B:

Thank you.

Posted by

in