Sanjay Poonen, CEO at Cohesity, discusses how geopolitical issues raise cybersecurity concerns.
Hosts: Carol Massar and Tim Stenovec. Producer: Paul Brennan.
This is Bloomberg Business Week with Carol Messer and Tim Stenebek on Bloomberg Radio.
All right, we'll get this. Global cybercrime costs are set to reach ten point five trillion, that's right, trillion with the T trillion dollars each year by twenty twenty five. So that's up from three trillion in twenty fifteen. And that's according to data from Cybersecurity Ventures and that was cited in a report out from EY last year.
Just think about that recent computer hack that shut down many services at MGM's casino hotels. The company said that that hack alone, Carol, is going to reduce third quarter profit by about one hundred million dollars. So that's real money.
Here, absolutely, So cybercrime and protecting data in the cloud is something our next guest knows a lot about. Sanjay Punin is the CEO at Cohesiity. It's the data security and data management platform. He's also the former CEO at the cloud computing and visualization or virtualization tech company VMware. He joins us here in our Bloomberg Interactive Broker Studio. Welcome, Welcome, how are you?
Thank you Tim and Carol for having me on.
Hey, listen before we get into kind of security, cybercrime, all that good stuff. It's interesting times for anybody who's running a company, whether it's the focus on geopolitical and the unrest and the concerns obviously first and foremost the impact on lives, but also the uncertainty that also creates about kind of the global outlook. There's also concerns about, certainly here in the US, about the rate, environment, the economy. From your vantage point, how would you describe the global outlook right now?
I think it's a tremendous opportion for leadership. I think as a CEO and I was COO of VMware, we had thirty five thousand employees. As president SAP one thousand employees. Both were global companies. My company here is smaller, two thousand employees. But in important companies cybersecurity, it's a time for leaders to lead with empathy. I have employees who have who are Israeli friends who have in Israel, and I think in Israel everybody knows somebody who knows somebody who's affected a greed, either who's a hostage or diet or somebody infected. And the other side of the debates also being effected now on gods if you look what's happening. So this is a time where we get to lead, first off, condemning terrorism, but also leading with empathy. It's a tremendous opportunity for us to be as leaders empathetic, listening to our employees. And I've always believe the great greatest companies are the ones who take care of the employees and take care of their customers, and that's what I seek to do a CEO.
It's also a business story, and we're Bloomberg, so we got to talk about the business side of this. But we spent a lot of last week talking about Israel being a hub for cybersecurity. They made a lot of advances there and there are a lot of tech companies in Israel. There's prominent ones that have been bought by US companies. Do you have any exposure to Israel? Do you work with any Israeli companies right now?
Well?
Absolutely, we work with a lot of In fact, a big part of our cybersecurity strategy is partnership with many Israeli companies Big ID, dig Sira, CenTra, folks in the cybersecurity of data security. There companies who are physically located there. Whiz I talked to them, I talked about the CEOs. I've sent them messages, checked to see how they're doing the heart of innovation of security. It's not a very big country in terms of population, a few million people, but they have an intense program by which people who've served in the Israeli defensive forces are often focused on security then start companies. So we're working very closely with them, every one of them. This is a tough time for them and their attentions first to their families, but I do believe Israel be resilient. The innovation will continue to grow, and you know the many of them do business with companies like us. We partner with them, so I expect it to be something that will be resilient over time.
Sanjai, I mean they are used to, you know, instability in the region, no doubt about it. This takes it to a whole other level and another scale, and that's certainly what we've heard the feedback in terms of this latest conflict between Israel and Hamas. Having said that, when you had those conversations, we're leaders there saying we expect this, this is something different. This is going to be a longer period of instability or what are they saying.
It's a nine to eleven time moment. It's not anything close to, you know, anything they expected, so whether it was the first and the feather and so on. But I think listen, you know, if you think about the threat cybersecurity threat, it's different from you know, some of the ways in which we're seeing nation state actors. I think this is a focus on physical security. So if we come back to kind of some of the stats you led the show off with, that will continue. I don't see cyber criminals the nation state actors from which were which which are by the way, from a different set of countries. This isn't Hamas, it's it's Russia, it's China, it's North Korea. The past, we don't see that, which I mean the nation state actors are the biggest threat to cybersecurity. So the biggest Yeah, those countries are the ones are the ones, mostly Russia at fact in the past. But and much of we haven't seen an uptick in that signal of those just because of the Hamas. Ramas is much more of a low. It's not like Habas is doing cybersecurity threats against the US. They're focusing much more low tech, you know, sort of missiles and things of that kind. But I think we have to always stay vigilant because the bad guys are going to look for any moment first. They just have to be successful once. I'm talking about cybercrime. Now, we have to be successfu all the time. You look at you talked about.
Yeah, you hear that hotel over again from cybersecurity experts. I mean they're talking about how you always have to be vigilant because they only have to be successful once. Switching geographies a little bit to talk about Russia, Ukraine. Russia the source of much cybercrime. What do you see on your platform from attempts at hacking from Russia?
Yeah, there's twenty ransomware attempts every second. You talked about a few of the hotel chains that have been affected recently. I think every organization needs to build a prevention and detection mechanism and a recovering mechanism. I give an exampley. There's a lot of analogies between fighting cybercrime and fighting disease. If someone told you Tim, I'll never get a cold, You'll be like, well, give me some of your DNA, the more important question is how quickly can you recover from a cold? So what we advise our clients is to ensure that you have the best detection prevention that's basically detecting do you have a cold. But then in our case, if you are one of those hotels that got affected, you want to recover really quickly because then if you get affected, you've got all your data ready. And that's what we focus on cyber recovery and cyber resilience. So while a lot of the prevention and detection technologies will be helpful and continue to be the ones that put OUCT defenses up, you also want to be in place where if you do get hit, and it may sometimes not be a matter of if, but when you have a very fast recovery and that's what we so assume you're going to get hit, how would you recover quickly. That's the big part of what we help our clients with.
So who are your typical clients.
We have four thousand customers, some of the biggest Fortune one hundred customers, But these are companies like Nationwide, like Broadcom, like Nvidia, like Salesforce. Many of the largest customers and financial services have been extremely successful for US, and these are all companies who do invest in security. Cybersecurity is often a top priority of spending, so we fit in that mode of sort of, you know, protecting the world's data. Our mission is to protect the world's data from cyber criminals.
One thing I wonder Sanjay, two things artificial intelligence and have you seen an uptick as a result of that and kind of creeping into our narrative and conversation in a big way this year? And then secondly, since the Hamas Israel conflict, have you seen an uptick in people calling you or upping some of what they some of the work that they do with you.
Any world crisis is a moment where I think our vigilance needs to be higher. And we've not seen an exact correlation because of amster nations state crime, but I believe our vigilant should be higher. The last thing we want to do is let our guard down. That's absolutely the case. So my advice to people is, I mean, it's not just because of a Hamas but look at what happened with the Las Vegas Strip hotels.
Just keep your vigilance high so when you see something like that in the headlines. Do you get an uptick or the I'm just curious if you see it directed.
We haven't seen a signific of just in the last man. Remember it's last Saturday or two Saturays go when this all start. We haven't seen a signatte but we are all vigilant. One of our board members is a gentleman named Kevin Mandiir who's one of the biggest cyber fighters in the world. His company, called Mandian, sees a lot when something gets hit Congress, the government usually calls him, so he's not bored. I called him, talked to him. We keep pretty close eye on it, and my perspective is stay vigilant because it could go up and go down. The point is that, I think on the other part of your question late to AI, I think it's a tremendous opportunity for us to harness the best out of our artificial intelligence, especially Jenner of AI, and treat it a little bit like that age old question about a matchtick. Is fire a blessing or a curse? Okay, a pyromatics? You could turn the house and fire, but it's going to keep us warm. We've got as the tech leaders in the industry, we've got to find the ways to put guardrails around this. We call it responsible AI. Put guardrails around it so that people can't do irresponsible things with it, but still harness its potential, which I think this is generali is the most fundamental invation I've seen in twenty thirty years.
I'm curious what a guardrail means. We're running out of time twenty seconds, twenty five seconds? What is a guard rail like?
What keeps the train on tracks? Right? That's what a guardrail. It's a set of rails that ensures that the technology can't be abused.
So you can have a guardrail but still tap into potential.
That's exactly what good responsible tech companies like US and Microsoft and Google and others are doing. And that's where focus on. Our gender of AI technologies is far ahead of everybody else industry, but we're guardrailing it with what we call a responsible AI framework.
Interesting stuff come back soon, Thank you very We would love Sandra. Yeah, really interesting conversation. Sandrei Punin, he's the CEO at Cohesity