As a featured guest on the The CISO Insights podcast Jacob Friedman told of his first unpleasant experience in cyber security, the flaw in Gartner’s approach, and the emerging themes he sees in cybersecurity. Hosted by Misha Sobolev, the show highlights leaders in the cybersecurity community.
Years ago, as an avid online gamer, Friedman’s first interaction with the cyber security world wasn’t pleasant. As an avid Call of Duty fan, a simple victory turned into something worse. One player wasn’t happy about losing and opted to levy a DDoS attack at Friedman. He had no idea what was going on as his devices began to fail. Today, Friedman does his part to help enterprises fight back against attacks.
Today, Friedman describes his role as a “connector of people,” bridging the gap between technology vendors and C-level executives in organizations. Sobolev asked about the challenges of a crowded cybersecurity market and pointed out that both vendors and practitioners are under immense pressure—vendors to grow and practitioners to secure their organizations. Sobolev also questions the proliferation of tools and the role of Gartner’s quadrant in shaping the market.
Flaw with Gartner
Friedman explains Gartner has done a lot for the cyber security community, but one flaw with their model is the pay to play aspect. There are early-stage companies that don’t feel as though it’s right to buy their place or simply can’t afford it. “I think that’s one inherent flaw with how Gartner goes about doing what they do.” he said,” But I think the overall concept of what they’re trying to achieve is positive for the community.”
Friedman emphasizes that the industry is noisy, with many new companies trying to stand out. He notes that practitioners often rely on trusted channels to sift through the noise. He also criticizes the “pay-to-play” model of Gartner, suggesting it could overlook early-stage companies that don’t pay for placement. Both agree that building personal brand and trust are crucial in this high-stakes environment.
Themes in cyber
Friedman was also asked to identify a few concerning themes in the cyber security space. An abundance of noise and lower quality support are two he’s watching with concern.
Larger capital availability has resulted in rapid development of new technology in the cyber security space. So much so, it has resulted in a lot of noise – making it difficult for CISOs, CIOs and CTOs to filter through it all. “There’s a lot of noise in the industry right now. Helping to bridge that gap is something we’ve seen a lot of success in.” he explained.
Another theme Friedman sees is companies bringing A teams to the sale, but B teams for actual integration and service. If companies have weak leadership, this issue is pronounced after a company is acquired, as companies become a shell of what they once were. Vetting companies for the long term is a challenge for most leaders.
Advice for cyber players
For CISOs, Friedman says building trust with a diverse group of industry contacts takes work, but it’s vital. That direct line to an intelligent network, allows you to see blind spots. “If you’re in the weeds all day dealing with thousands of alerts that are coming your way, you’re not going to have the time to be fully up to date on every area of security,” he said.
For vendors and solution builders, he communicated the value of building personal brands. Vendors are more credible when they’re seen interacting with trusted connections. A few areas vendors should consider is writing on interesting topics and genuinely seek to understand their space, instead of getting distracted by company talking points and specific products.
What is Aphinia?
Aphinia is an invitation-only network of CISOs and other cybersecurity executives. The community shares insights, networks, and drive each other to stay current with all things cybersecurity. Check out other interviews on Aphinia Podcast here.
Misha Sobolev: [00:00:00] Jacob, thank you so much for joining us today. As we start, can you say a few words about your current role and what’s on your purview?
Jacob Friedman: Yeah, Misha, really appreciate you having me on today. I’m currently a Strategic Account Director over at Three Tree Tech. We’re a firm that does things a bit different.
Jacob Friedman: We’re not a VAR or an MSP. I can go deeper into our model, what we do different and how, but essentially my job is I’m a connector of people at the root of it. I go for new business. I introduce people over for various relationships, and I’m always looking to serve both the customer and partner community on both sides.
Misha Sobolev: I understand. I understand. And on the 1 side, you have technology and cybersecurity vendors. And the other side, you have CIOs, CTOs and CISOs and you’re in the middle and you’re bridging that gap. It sounds like. Yeah, exactly. Awesome. That paints the picture of where you are now, but for us to get an idea of the trajectory of your career, can you say maybe a few words?
Misha Sobolev: How did you get into technology in general kind of in cybersecurity aspect of it in particular?
Jacob Friedman: Yeah. I first got [00:01:00] introduced to security and not the nicest way, but when I was younger, about 12, 13, I was really into gaming. And so I played call of duty a lot and I got good enough to the point where I started to have some sponsors and I was in major league gaming.
Jacob Friedman: And after a certain point there, I remember there was a specific instance where I beat someone who was trash talking, and then they ended up DDoSing me. And that was my first introduction to being like, okay, wow, what just happened? Why is nothing working for me? From a device perspective.
Jacob Friedman: And so I started getting into that world of trying to understand what happened, how did it happen, et cetera. And really though my dive into security 3TreeTech.
Misha Sobolev: Interesting. Interesting. It’s amazing. Sometimes you find you read news. I think there was a team in the UK that access, I don’t know, the highest echelons of power, basically the government agencies.
Misha Sobolev: And they’re basically like 15 year olds, 17 year olds with a lot of time on their hands with in depth understanding and knowledge and guts [00:02:00] to to deploy tech that’s really high end. It’s I think there is no there’s no stopping someone who’s really dedicated and fully focused.
Misha Sobolev: It doesn’t age. It sounds like it doesn’t matter anymore.
Jacob Friedman: Yeah. And people are creative too. And another thing is that when you’re defending, you have to be right. I see a quote all the time all over LinkedIn that resonates. That’s, when you’re a defender, you have to be right 100 percent of the time, but when you’re an attacker, you just have to get it right once.
Misha Sobolev: It’s a good point. It’s a good point. The weakest link, a hundred percent. It’s interesting. And so it sounds and you, but do you have a sweet spot in terms of the company sizes or industries or business mostly SMB, mid size enterprises, government, education, healthcare, what kind of maybe cybersecurity toolbox.
Jacob Friedman: Yeah, so primarily our sweet spot for clients is 500, 000, 000 through 000 in annual revenue. And so we have lots of customers that are bigger than that. But once you start going a lot bigger [00:03:00] than that procurement tends to be a bit of a nightmare of a process. And so with our unique model, it’s not always the friendliest to us.
Jacob Friedman: And then SMB, if they’re local, or if they’re in 1 of our hub cities, whatnot, we’re always happy to help out. Just it’s harder to justify travel for sometimes smaller accounts. Yeah.
Misha Sobolev: Of course, it makes sense. It sounds like you have a very broad from where you said, you see a lot of things, both in terms of industries and company sizes and both in terms of different technologies.
Misha Sobolev: I’m curious because I attend conferences, I go to RSA, I go to Black Hat, and it sounds at least on the cybersecurity end of things, some of the messaging blurs a little bit, and also companies are pressured for growth, and they tend to stick their elbows out and go into their competitor’s territory.
Misha Sobolev: And on the one hand, on the other hand, We talked to practitioners and oftentimes they are stretched thin and their teams are very very stretched [00:04:00] as well. They’re managing anywhere from a couple dozen to 50, sometimes 200 different vendors and it’s just there are endless dashboards with.
Misha Sobolev: Endless fleshing signals and thousands of tens of thousands of alerts with kind of a problem. How do you prioritize among vendors? How do you make sure they’re interoperate? It all becomes a big challenge. These are some of the things that we’re saying, but I’m just wondering.
Misha Sobolev: From your perspective, saying in the middle of this universe, both on the technology side and the vendor side, what are some of the top 23 be themes or big threats that are probably top of mind for practitioners right now?
Jacob Friedman: Okay, so I feel like that question went a few different areas, but, I think it starts with there’s a big influx of capital coming into the cyber community. And as a result, there’s a lot of new companies from all over the world, a lot in Israel, et cetera, that are coming to fruition and people trying to identify [00:05:00] niche problems. And what that has led to is a lot of noise for better or worse.
Jacob Friedman: And so it’s a crowded sellers market. There’s a lot of people trying to elbow their way in and figure out any way to stand out. And then also, it’s really hard for the practitioners to, then sift through everything. They don’t have the time to look at all of the available solutions for every problem that they have.
Jacob Friedman: And they’re going to go through their trusted channels, whether that’s a selling partner, or whether that’s their, buddy that works over at a similar size company. I feel like there’s a lot of noise in the industry right now, and helping to bridge that gap is something that we’ve seen a lot of success in terms of.
Jacob Friedman: Another issue that I think practitioners encounter is that sometimes the tech can seem really impressive and there can be a lot of bold claims and promises made, but sometimes they’ll bring the technology providers will bring the 18 to the sale and once the sales done, they’re not bringing the 18 to implementation and day to support.
Jacob Friedman: And that’s really where you start [00:06:00] to make a name for yourself and get referrals, et cetera, within this community. Because if you’re not delivering well. Thank you. Then you’re not gonna have a good brand reputation.
Misha Sobolev: Interesting, it’s interesting that you mentioned that I it’s almost like advertising is glossy pictures and high quality.
Misha Sobolev: But once you’re in, here’s the manual tiny font, black and white off you go. Exactly. So it’s really, it sounds like it’s under invested, which is actually very interesting, but. From that perspective, we see some of the larger companies, vendor companies are very acquisitive Palo Alto Networks, Checkpoint, Rubric almost every week, every other week, they’re just snapping up another, BCD around company, which makes me wonder, is the world going towards a unified dashboard?
Misha Sobolev: Probably not a good analogy, but a unified solution with 1 vendor or a handful of very few vendors that provide the 360 [00:07:00] degree approach. So that instead of managing 50 relationships, 60 relationships would have 1 or 2 or 3, maybe relationship to manage where they provide. Pretty much the entire coverage of all.
Jacob Friedman: I think that in theory, that would be great. It makes procurement a lot easier. You don’t have to get a bunch of different people on an improved vendors list, depending on the size of your company you’re at. But in practice, it doesn’t always go well. There’s a lot of acquisitions being made and, typically the 1st year, maybe 18 months of the acquisition, it still feels like a startup.
Jacob Friedman: They’re still innovating at the same pace. But once they’re fully integrated into these, 800 pound gorillas of companies they start to encounter a lot of red tape and we start to see a lot of their innovation starting to slow. Integrations aren’t always have handled properly. And I feel like we see a lot of really interesting, disruptive technologies becoming shells of themselves selves post acquisition.
Jacob Friedman: And I think that, down the [00:08:00] road, we could see a shift and there could be a somewhat of consolidation, but I don’t think it’s going to be through a specific technology provider. I think that consolidation down the line might happen through partners that have access to a variety of solutions and can help them distill through what’s real and what’s not because ultimately we’re just not seeing that.
Jacob Friedman: The ideal kind of state coming to what’s reality at this point.
Misha Sobolev: So it sounds like it’s gonna be almost like a Salesforce ecosystem with vendors who plug in. They’re separate companies, but they play in their world. They’re interoperate with a solution and maybe there’ll be a few big players that will be outstanding and the remainder of the world will interoperate with one or the other.
Misha Sobolev: Or maybe all of them. But there’ll be probably a handful of. Large scale providers, they offer just about everything from firewalls to training to endpoints to pen testing to and everything in a lot
Jacob Friedman: of [00:09:00] in a lot of the commoditized areas where maybe there’s, it’s like stagnant where, when you’re talking about big carriers, for example, and you’re talking about networks, right?
Jacob Friedman: And if you’re talking about firewalls, if there’s like an area that. There isn’t a ton of innovation within then. Yeah, that can make sense for having a one stop shop going to someone. If there’s not a significant tech reason to go somewhere else. If they’re all pretty much the same in terms of features and the only difference really is price, then, that definitely would make sense for all of those commoditized types of technologies to be gobbled up into 1 big entity.
Jacob Friedman: Or a couple of big entities with, within a respective industry, who then can give you like flavor, a flavor, B flavor C, and here’s a price difference and you pick. But I think that in terms of disruptive solutions that are looking to either create an emerging space or redefine how a space is done today, that’s not, they require a certain level of agility that isn’t at least in my opinion, possible in a lot of these big companies.
Misha Sobolev: I see, [00:10:00] I understand that makes a lot of sense. Makes a lot of sense. I think every very unique position where it you said between the 2 worlds and the 1 kind of buyers of technology and vendors of technology. So I think a very unique perspective and how both people in both worlds, how they think.
Misha Sobolev: And oftentimes we find that you mentioned that a lot of vendors, they’re very aggressive growth targets. They’re very well funded. There was a lot of pressure to grow. VPs of sales. It’s almost like a revolving door at some of the organizations that you’ve marketing officers. So they.
Misha Sobolev: Clearly, a lot of pressure to perform at the same time. The professionals, the executives are under pressure as well. Then the pressure, because there was a lot of scrutiny from regulatory authorities. I see now is mandating that everyone needs to report within 4 days if they had a bridge. So the screws are tightening at the same time.
Misha Sobolev: A lot of companies are. Anticipating a recession, they’re tightening the budgets. They’re under pressure [00:11:00] as well. It’s almost like a pressure cooker on both sides of a set of things, and which creates like a very sometimes challenging way to build this relationship because vendors are incentivized for.
Misha Sobolev: To push for transactions for quick wins, they go from 1st conversation to sign deal in the shortest amount of months of time. But see and other executives on the buyer side, they need help. They went, they’re looking for a relation. They look for someone they can trust and not someone who’s going to leave in 6 months.
Misha Sobolev: And then there’ll be the 1 left holding the bag. What is your advice for both the vendors? And practitioners, what would be some of the ways that they could from your perspective? What can they do to make their life easier? Better? What would be your advice suggestion?
Jacob Friedman: Something pretty general is just, people buy from people. And so you got to have a certain level of trust and not only that your product can do what it [00:12:00] says can do that. It can deliver, but also that you’re a good guy that someone or person that someone wants to do business with.
Jacob Friedman: And the speed at which you can create that trust is a challenge for a lot of these vendors when they have these heavy quotas hanging over them. So they’re getting pressure from top down to execute this. And maybe they’re trying to do the right thing by the customer, but. Yes. Now, but lo and behold, if they don’t hit their target, they’re going to face some consequence.
Jacob Friedman: So they’re creating artificial urgency buy now to save this percent, and then that kind of harms the relationship because then it’s is this real? Or is this just because you need a sale? And I think that, what it comes down to from. From a CISO perspective, or from like a, from a practitioner perspective is that you just got to network.
Jacob Friedman: You got to get to know the industry. You got to get to know people, get to know people that you like, you trust that are respected or knowledgeable within the industry. You got to sometimes, lean on the webs of your network for shortcutting the process of who are you? Who do you know in the space?
Jacob Friedman: Who’s impressing you? Who’s why you can give you like a high level view because if you’re, if [00:13:00] you’re in the weeds all day, dealing with the. Thousands of alerts that are coming your way. You’re not going to have the time to be fully up to date on every area of security because there’s so many these days.
Jacob Friedman: And then from a vendor perspective, and I guess this could be for practitioner as well as build your personal brand. It’s a lot easier to seem credible. If people see you interacting. With other people that they trust in their network, it’s like a little web of social proof.
Jacob Friedman: So building your own personal brand, maybe offering resources, writing interesting things about topics that are relevant to you, like making it so that, your presence online isn’t bound or beholden to 1 product. Let’s be honest. A lot of these sellers, they hop around and so do the practitioners.
Jacob Friedman: Making your whole. LinkedIn tied to one specific company isn’t always the best route, whereas more make it about what’s your mission in cyber? What are your goals? Are you continuous learner? What did you hear about recently? That was interesting. Ask your network what they think, I think create a creating an open dialogue [00:14:00] where people want to interact with you and want to hear your opinion is the quickest way to achieve those conversations.
Jacob Friedman: That is a seller you’re looking for.
Misha Sobolev: Makes a lot of sense. I think because it’s if you’re known in the industry is. Credible knowledgeable and generous with your time and you’re focused on giving without asking. I think that’s probably what a lot of people either a too busy to build that or not properly incentivize on the vendor side to build something like this.
Misha Sobolev: I think. If you had something like this would go a long way. For sure. I want to pull on 1 of the threats on some of the things that you mentioned on kind of the proliferation of tools. And particularly, it seems Gartner again, every other month, they come up with a new abbreviation and a new 2 by 2 quadrant.
Misha Sobolev: And a new crop of companies that they can place around and up into the right, and it seems some of it obviously makes a lot of sense as technology evolves and matures. It makes a lot of sense to to splinter kind of 1 big tree into [00:15:00] branches and whatnot, but at some point I’m starting to wonder.
Misha Sobolev: Is it almost made up? Probably not the right word, but it’s contrived. And again, it’s again, it’s a view of someone outside looking in. And I’m just wondering for somebody who’s got deep in the deep in the woods, both with practitioners and vendors. What do you think about that?
Misha Sobolev: Is it. Yet another abbreviation yet another quadrant. Is it something is something that will be never ending as technology evolves? Or you think at some point, there’ll be some sort of consolidation.
Jacob Friedman: Yeah, and I don’t want to dish on Gardner too much, but because what I think they’re doing is super important in the space.
Jacob Friedman: They’re helping, people from both sides of the aisle make sense of what’s going on in the space when, the rate of innovation is so fast that it can be easy to get left behind and not know, what is, what’s really going on today. And, obviously, it’s tough when there’s a huge surge of new acronyms that you have to relearn and understand the space, especially when they, Potentially, like different [00:16:00] vendors can all use different acronyms that all mean the same thing.
Jacob Friedman: It’s just their own proprietary products version of it. I think that there’s going to be ebbs and flows of expansion where, lots of new tech comes out. And then you figure out that a lot of these new startups can end up being a feature. Of maybe someone bigger, rather than being a standalone product and so seeing a slight consolidation.
Jacob Friedman: I think the continuous kind of expansion of vendors out to market and then shrinkage is, acquisitions happen and back and forth. That’s going to be something that we continue to see. But 1 inherent flaw with Gardner is their pay to play model because there’s going to be a lot of.
Jacob Friedman: Earlier stage companies and other companies that maybe it’s just against their code of ethics that they don’t feel like it’s right to buy their place within a quadrant. So I think that’s 1 inherent flaw with how Gartner goes about doing what they do with the placements in the quadrants. But I do think that the overall concept of what they’re trying to [00:17:00] achieve is very positive for the community.
Misha Sobolev: For sure. No it’s interesting. I just sometimes it’s difficult to to discern intent. Is it truly new tech or is it just the company wants to create its own category and claim it and crown itself as the leader and the champion rather than play in the bigger pool and just be different and be better, not different, which is still a different different game, different proposition against some of the bigger players, more established better brand recognition and bigger budget.
Misha Sobolev: It’s obviously, Gartner is it’s a behemoth in the industry and but sometimes it feels. I guess in the end of the day it sounds like the industry will in the end of the day, there’ll be somewhat fewer players because some of them will be acquired. Some of them will go by the sideline.
Misha Sobolev: So 1 more another, there will be some consolidation. At least on the number of vendors, maybe not necessarily in the quadrants. That’s interesting. [00:18:00] Again I’m curious switching gears a little bit, imagine if you had a crystal ball and you can see into the future and 12 months from now, maybe a couple of years from now from the practitioner perspective will be some of the themes technologies threat vectors that everyone will be obsessed about and talking about.
Jacob Friedman: I really think that identity is going to be the future of security as socioengineering becomes more and more prevalent. It already is. And there’s a lot of ways to secure your system, but ultimately it comes down to controlling who has access to what. And I think that, that is going to be, the constant cat and mouse game of, what level of privileges can these attackers acquire?
Jacob Friedman: There’s a lot of different directions and a lot of different vectors that people can go through. But [00:19:00] I foresee that, I don’t know there’s so many ways I could go with this question, because there’s so many spaces and then, there’s so many zero days that are exploiting little tiny niches that come out of the blue.
Jacob Friedman: I think another thing to consider is just that. Considering the seasonality of attacks and how, threat actors will wait for their time in their moment to attack in mid revenue cycle for example, like attacking a retailer during Christmas season. I think we’re going to see a much bigger emergence of.
Jacob Friedman: Of, seasonally based attacks, which is going to be both a pro and a con because, it’s going to be, it’s going to cause a huge business disruption. But I think ultimately, whenever there’s like private equity firms or whenever their shareholders involved a lot of times they don’t care until it affects the bottom line.
Jacob Friedman: And I think that it might result in the industry as a whole as they start to see these. These actors causing more disruption during their, their pivotal moments of revenue, I think it’s going to start getting even more importance. Like we’re already seeing a shift in who [00:20:00] the CSO reports to, whether it’s, used to be to the CIO, but now it’s either the CFO or chief of, chief legal, chief risk CEO, maybe the board, et cetera, I think that there’s going to be an elevation, a continuous elevation of the importance of cyber because at the end of the day, it’s a war and as we’re seeing Different nation states, battle it out and throughout that process, they spend a lot of money and continue to innovate that our private sector is going to start to see some of the innovation that is due to some of this warfare happening around the world.
Jacob Friedman: And it might lead to some more significant attacks on a lot of the more recognizable brands.
Misha Sobolev: Certainly, and I think the most recent 1, I’m not sure if you saw Las Vegas is under attack and the slot machines are
Jacob Friedman: and that’s extra terrifying because, we were just over at black hat over there.
Jacob Friedman: There’s a lot of security professionals out there. Not that anyone there is going to necessarily connect to a public network, but they have formula 1 coming up and they have other things that have electronic [00:21:00] devices in there that, could be a. Catastrophic loss of life if there’s a cyber attack during it.
Jacob Friedman: To your point, it’s those headline moments that I think will start to continue to validate. The importance of this industry and hopefully spur some more action by executives and rather than, looking at security as a potentially cuttable cost during hard times of revenue, but it’s been seen as necessary to protect your business overall.
Jacob Friedman: And without it, you’ll crumble.
Misha Sobolev: I think it’s extremely important because I think there’s still, even though there is more awareness and understanding from the board level investors senior executives CEOs, but I think still, it’s not everywhere. And still, some people just think of sub security as a thin layer that they can just spread over the organization and hope they can sleep.
Misha Sobolev: Okay. But I don’t think it’s the case anymore. I think it’s. To your point the profile of CISOs need to be elevated. They need to report to CEO and they need to get much [00:22:00] more exposure and adequate resources to protect against threats because the the threats are formidable for sure. Jacob, thank you for sharing your perspective.
Misha Sobolev: It was really very insightful, very interesting. I thank you so much for taking time for this. Where can people find you? Whether Sub security vendors are just want to get to know your position or see those who may need help in selecting some of the technologies.
Jacob Friedman: Yeah, I would say that the best way to connect with me would be on LinkedIn.
Jacob Friedman: It’s Jacob Friedman, as shown on the screen, happy to have a conversation with anyone or if you see someone in my network that you want to, bridge the gap to be connected to let me know I’m always happy to be a connector of people because at the end of the day, that’s what I do is I like to connect interesting people to have interesting conversations.
Jacob Friedman: So yeah, that’s where you can find me. Absolutely.
Misha Sobolev: Thank you so much. Awesome. Thanks,
Jacob Friedman: Misha. Bye.