CISO Interview Series: Stéphane Rabette

Recently, we had the chance to interview Stephane Rabette, Chief Information Security Officer (CISO), and Senior Partner & Advisor at Secureworks, a global cybersecurity leader enabling its customers and partners to outpace the adversaries by combining the power of software-driven SOC solutions and human intelligence. Stephane shared his story of how he arrived at cyber security as a profession and discussed what it takes to be a cyber security lead in a world of digital transformation. Continue reading. We promise it will be insightful.

CISO Interview Series #4: Stéphane Rabette

1. We would like to get some background information about yourself. What is your background?

IT was really a passion for me at the age of 12 where I was part of a large school program aiming to develop IT & development skills, a bit similar to some initiatives that are actually going on to promote coding today. I convinced my parents to invest in a personal computer (an Amstrad at that time!) and this is where everything started (coding in C and Pascal) and I decided to really pursue my studies in this particular domain. I was more focused on systems, network, and IT for the industry (robotics, etc.) rather than pure software development for banking or accounting (for example), even if dev skills were key to pay for my studies. After my 2 master’s degrees, I joined one of the first local Internet providers at a time (1996) where the Internet for consumers really started. I was already involved in some security-related concerns like remote access, access logging, and firewalls (we were compiling checkpoint code on Solaris) and quickly brought me into the (infrastructure) security world!

2. How did you come into cybersecurity as a profession?

From 1996 to 2004, I was mainly dealing with infrastructure security, but the real trigger was in 2004 when I was asked, on top of my infrastructure-related activities, to be the security representative for the (public) organization I was working for and initiate a program based on ISO27k principles. I decided to enlarge my knowledge and get the CISSP certification. At that time, there were not so many people in Europe earning that stamp! This was the trigger for a career change to a pure security job.

3. What is anything you wish you knew when you first went into this career?

I think the CISSP was a good choice for me because you get a transversal view of the security landscape and the different specialties and related jobs. I would really advise anyone interested in a security career to go for the CISSP. There are some foundations you must have, such as software dev skills, which are even more important now with devsecops.  Systems and networking skills are still key today. IT schools are doing a pretty good job on these topics, but they should also give insights on cybersecurity risks as a whole to understand the “big picture”, instead of the technical details (always attractive for students).

4. Could you explain your role as partner & executive advisor at Secureworks, and what you do at your company?

First of all, I have to say that I moved into this new company/position very recently after spending one very interesting decade with another security provider (the third stage of my career). We are now at the cornerstone of a big change in the Security world, and that was the main trigger of my move to Secureworks – a 20-year cybersecurity leader. They believe that security should be simpler (to explain to the business, to buy, to integrate, and to operate) which will lead to fundamental changes in the way you (re)design a security platform that addresses the eXtended Detection & Response revolution era! They anticipated this software-driven approach and really bring innovation to the security eco-system.  It’s a warfare and a race with the attackers – look at the ransomware increase – and you need capabilities that adapt to rapid change and combine artificial intelligence and machine learning (buzz words, but this is really translated into reality) that will eliminate the noise and empower our security operation colleagues to detect faster, respond smarter, in a more collaborative way.

I also benefit from the expertise of my Dell Technologies colleagues (Secureworks is part of the Dell Technologies family which also includes VMWare and EMC) and from the help of our new channel partners in addressing challenges and accelerating security transformation in Switzerland.  My role at Secureworks is to be the customer CISO’s counterpart.  I am able to listen (listen, listen) to them to support their security program or develop it jointly together. Then I try to map their needs to our services focusing on advisory consulting, threat intelligence, advanced threat detection, SOC as a Service, incident & response, and adversarial security testing.

Lastly, I’m involved in the orchestration of our internal resources to answer the identified needs and deliver the solutions and services accordingly. I could also be involved in operational escalation and service improvements (or even new service design) interacting with our product engineering, product managers, and marketing.

5.What is (are) the most critical success factor(s) that a cyber security expert must show to succeed?

Listen, listen, listen. Try to be in the shoes of the CISO and assess, given the context and the situation, what you must, should, and could do (in this specific order). Try to get the big numbers (quantity) associated with each initiative you wish to drive/support as part of your security program versus the value (quality) it will bring to the business.

In my specific role, I need also to anticipate the trends and prepare my customer counterparts for the new threat landscape and market trends that could influence their roadmap and priorities (OT/ICS security or devsecops recently). You need massive technical knowledge and an understanding of your adversaries since hackers are adapting their techniques, tactics, and procedures very quickly. This helps you articulate solutions and the way you will integrate/operate them in the customer context.  The cyber security world is evolving so quickly, you’ll never find enough time to know all subjects perfectly, so investing your time appropriately is crucial. We are constantly learning!

6. What are some of the biggest challenges for you at a company like Dell Secureworks?

People and Knowledge management is a big one. It’s never a question if we are able to deliver X, Y, Z but rather to identify people knowledgeable in those particular areas and capitalize on lessons learned through continuous improvement. Building a solution architecture is rarely an issue but getting the right people on board to advise the customer and deliver custom setup is equally important (project and program management).  Operational excellence is crucial. You cannot be successful without having operational excellence. Again, it is all about trust.

7. What does it take to be a Cyber Security lead in a world of digital transformation?

We are involved in every direction at all layers because digital transformation is impacting key pillars such as connectivity, mobile, cloud, identity, data that support the business and we must bring security assurance all along this chain. That’s a very challenging situation but focusing on threat detection and response protects what matters for our customers.

8. Do you have advice for someone looking to start a career in cybersecurity?

Having a mix of software development skills and infrastructure (system, network) is a good foundation. Going into a CISSP bootcamp is a must to get a transversal view of the security field. You can then choose where you wish to specialize and get more « vertical » training in audit, cloud security, etc.  Getting the certification stamp is always good to step-up in a security career (again CISSP is a must). I would also encourage our customers and their HR teams to promote people into that new field even if they are not coming from IT.

9. How do you think we can attract more young people to this field?

That is a difficult one. I saw some security academy initiatives which are now triggered by some vendors (Cisco recently) and security providers, not only doing training but also giving a job assurance at the end. There is no « one-size-fits-all » solution to this massive problem but getting schools and universities closer to the market demand with possible incentives around that is key. I also observe that we have more and more women in security roles and that’s a game-changer. We should encourage the diversity even more.

10. Is the cyber security workforce shortage a reality for you? How this can be solved?

It is, yes. Promoting internal resources not necessarily doing security is a way to bring new staff, but there should be an incentive to do this. Certainly, a new challenge for HR.

11. Is there any specific advice you can offer leaders in cyber security on how to build a resourceful security team?

Smart cooperation between internal and external resources would certainly help and that’s the rationale for me to help our customers and be part of this hybrid model. We need to share more and respond and act as a community since the threats are global (sometimes targeted): in that sense, new initiatives such as the “Trust valley” are more than welcome.