Mike Aiello, CTO at Secureworks, joins CIO Leadership Live from Foundry’s CIO100 event
Overview
Join Lee Rennick at the #CIO100 as she interviews Mike Aiello, CTO, Secureworks about the award-winning project, Integrated AI for Better Security Operations and more.
Transcript
Welcome to CIO Leadership Live. I'm Lee Renick, executive director of CIO communities for CIO, and I'm thrilled to be at the CIO 100 and Symposium with Mike Aiello, CTO, Secureworks. Mike, welcome to the show today.
Could you please introduce yourself and tell us a little bit about your role? I know you just rolled in from Vegas to so we did. We came from the Black Hat Conference. It's great to be here.
I'm the CTO here at Secureworks or a global cybersecurity company with thousands of customers and more than 60 countries. We help small security teams scale, and we help those teams help fulfill their company's missions. as the CTO at Secureworks, I help lead our technology strategy, our technology investments.
I support our customers and we think a lot about threat and the threat research. So I help lead our threat research team as well. Oh, wow. That's a huge room. Well, I really appreciate you joining me here today, Mike. And congratulations to Secureworks for winning OCI 100 Award.
We're just a few hours before the gala tonight. So it's going to be a fantastic evening. Could you tell me a little bit about your award winning project, integrated AI for better, better security options? Excuse me. Yeah. Happy to.
So fundamentally, the technical problem we solve here at Secureworks is we help filter signal from noise. So our customers deploy hundreds of different sort of cybersecurity products. Those products deliver 4 trillion events a week to our security platform that we call Taegis'.
And really, what we do and what we've been doing for many years is using AI to both prioritize what should we be looking at and help bring context to what our security analysts and what we call our security operations center?
Look at and review and handle and do their job every day. So, as you can imagine, the amount of alerts and events that we get has gone up significantly. And we've been building ensemble models for many years to do this.
Well, over the last year, we doubled down on our investments in AI, and we made additional investments in generative AI and automation. And the results of that have been these investigations that our security analysts used to write and type on their own.
We've done this 10,000 times a year for many years. We use generative AI automation and an ensemble model to bring all that together. And the results are that 60% of those investigations are now fully automated.
When we asked customers to rank them, they rank the fully automated ones actually better in many cases than the human authored ones. Wow. The response time for our customers across our entire customer base has improved by 80%.
So in terms of when we get an event to when we get a response to a customer, it's improved by 80% and 50% of the workload. For the biggest part of our company, our security operations center has been eliminated.
So the result of this is we've used generative AI, we've deployed automations, and we've taken our unique data asset that we have at Secureworks and transformed our company. That is incredible. Those stats are just incredible.
and you know, what we've been hearing at the conference throughout these last few days is the ASP. And what I hear when I'm talking to CIOs is the aspect of productivity with teams, right?
So certainly this project was not only focusing on ensuring security, but also improving, providing that tool for your team to enhance and increase productivity. And also, you know, I guess in a way for your customer. Right.
Like it's it's really great to hear that it's improve that customer experience. So could you talk a little bit about that. Yeah. So for us it's tied together very closely. As our teams productivity improves, our customer outcomes improve.
Because what's happened in the last few years in cybersecurity is hackers used to break in, sit on a network for a few days or maybe a week, or maybe sometimes a month, figure out the best way to make money.
Is it going to be ransomware, blackmail, data exfiltration, etc. and then monetize that data, monetize that activity, and then launder the money. So this was a few day to multi-month exercise. Our threat research teams discovered that this has now gone to less than 24 hours.
So our main focus has been on reducing response time to improve outcomes for our customers so that they can get to the issues quicker. a couple more stats here. The the work that our team does on a daily basis.
The core of our work that we focused on actually improved by 90%. So that security operations team, that the core of what humans spend their time on is improved significantly in our business. And what that really does is those are experts. These are security experts.
They're hard to find the hardest. Yeah, yeah, yeah, we're super, super fortunate to have them working with us. And they get to then not spend their time on routine things, but spend their time on the unique security situation that tough, interesting thing that hasn't happened before.
And that's adding a significant amount of value. so it allows us to focus on the unique real threats as opposed to the routine mundane threats, a huge amount of productivity and huge opportunity, like for your clients, just what an output you've done.
And we've I've been hearing a lot today sort of similar scenarios whereby a lot of employees were maybe worried about their, you know, the jobs of the job going away and things like that.
What you're doing, like you said, is freeing up the time of these highly skilled individuals to then put work into, I guess, sorting out the next sort of major, event that might happen, right? That's right.
The more time they can our team spends on unique threat and interesting threat, the better the outcomes are for our teams productivity. And as a result, our customer. Yeah. Thank you so much for sharing that. All right I'm going to go into the next question.
We've been talking a lot today to a lot of CIOs about our state of the CIO report. We interviewed 1100 CIOs globally, and 79% of those CIOs said they have a leadership, a leader.
They have a partnership, an educational partnership, excuse me, with the C-suite and the board of directors and the CEO. So I'd love to learn about your role and how you kind of if you if that's happening in your role and what that educational partnership looks like.
Yeah, very much so. So our, our leadership team and our board all work together and try to figure out what to do next. it's a very engaged group. the way we kind of frame our discussions is what's the rest of the industry doing?
if you look at it, spend generally you're looking at 3 to 6% of revenue in technology companies. You're in the teens.
and that kind of frames broader conversations about investments and projects that come, so we benchmark where we are as a, as a leadership team within our department as an organization.
And then ultimately, we present everything we're going to do as a return on investment discussion, just like any other business component. should we go build a new building for our factory? what's the ROI? How long is it going to take? What's the ultimate yield?
We're going to get on that. We have that very clean, specific discussion with our stakeholders, our board, our other leaders around the company to to have fruitful discussions around really building a business together so that that's what we do here at Secureworks in terms of education.
on our board calendar, we make sure we have two agenda items that roll throughout the year. So that the board's continually educated and updated. First is what are the tech trends that as a leadership team, we're observing.
So what do we see occurring in the next 2 to 3 years that we need to be making investments in now, or that's going to shape and change our industry.
And then as a security company, we have a unique threat research team that brings unique and proprietary threat information. we compile a threat research report every year.
We bring all that data to bear, and then we educate the board on what's impacting our customers, specifically where we see the threat going, where our products may need to go to address the threat so that the board, both in a fun cocktail conversation, can have great things to say about the cybersecurity industry with specific, unique examples and we can pair up to guide a strategy that makes our company successful in future.
Fantastic. And I love any CIO listening in here. I love those, consistent agenda agenda items. That really makes a lot of sense, because you're always have that presence in that agenda of the board. So congratulations on that. All right. Well it's August.
We're heading into the end of 2020 for the fall, and into 2025. And you know, as we mentioned, a lot of IT leaders are talking about building productivity and value for the business. We've discussed that. So I'm going to ask you to get out a crystal ball.
And, you know, wondering what your predictions are around today for the following into 2025. It's a it's a great question and one we've thought hard about, here at Secureworks.
And our view is that companies and leaders and organizations that build the plumbing for Gen AI will be able to differentiate and capture market share over the next 2 to 3 years.
And the reason we believe that is because we look at the amount of compute going into gen AI models. So there's a wonderful chart, which is the number of petaflops that are used to develop generative AI models by the leading gen AI model producing companies.
There's been four companies that have spent more than $100 million to date on producing gen AI models, and they've produced what we know as the anthropic model and the OpenAI AI model, and Gemini and Luhman and so forth.
And these models, what we what we've observed is the amount of compute scales logarithmically with the performance of these models. And this trend should continue for the next 2 to 3 years.
So specifically 10 billion petaflops used to train GPT three five, GPT four, we expect 100 billion petaflops to be used to train the next versions of these models. That training's already occurring. This is why everybody's buying GPUs as well.
But the strategy is that if you build the plumbing and that plumbing includes a reference to a model that's been trained with 10 billion petaflops, you've already done the hard part. As an IT leader, you've integrated the APIs.
You've brought your data to bear, you've built workflows on the other end. And that if when the new models are released, you can point your system to the new model, it will immediately produce outcomes that are an order of magnitude better, right?
So if the model performance improves by an order of magnitude, you've built the plumbing and the trend continues. Companies that continue to build that plumbing and believe that the model performance will improve, which it has for the last three years, will be able to take market share. Fantastic.
Thank you for those insights and I appreciate you so much. Joining me here today, Mike. Thank you. Thank you for having me.








