How can a fashion-forward brand like Steve Madden redefine the intersection of style and technology? In this episode of the Tech Talks Daily Podcast, I'm live at Cisco Live, engaging with Steve Madden's top tech minds: Kamran Siddique, Global CISO and head of infrastructure and Nitin Srivastava, Director of IT Infrastructure & Operations.
We delve into the dynamic world of retail technology and explore how Steve Madden, a brand celebrated for its trendy footwear and accessories, leverages cutting-edge technology to enhance customer experiences worldwide. Despite its traditional association with fashion rather than tech, Steve Madden is making significant strides in integrating technology into its operations, particularly with its recent shift to a new SaaS-based POS system designed for iPads.
During our discussion, Kamran will share insights on the crucial security measures Steve Madden prioritizes to protect customer data and ensure transaction integrity. We'll uncover how the brand maintains a balance between robust security protocols and a seamless user experience, especially in high-traffic retail settings. Furthermore, Kamran will reflect on the evolving role of a CISO in the retail sector, particularly as digital and SaaS-based solutions become more prevalent.
We will also hear about the challenges of aligning IT infrastructure with broader business strategies and the metrics that are pivotal in evaluating the effectiveness of IT security and infrastructure efforts.
Join us as we uncover the technological pulses behind a global fashion giant at one of the biggest tech events of the year. After listening, what do you think are the biggest tech challenges facing the retail industry today? Share your thoughts and join the conversation.
[00:00:00] Could technology be the new cornerstone of fashion retail?
[00:00:06] Well today I'm going to dive into this fascinating discussion at Cisco Live where I caught up
[00:00:11] with Cameron Anitin from Steve Madden, which is of course a brand synonymous with bold
[00:00:18] style but perhaps less recognised for its technological prowess.
[00:00:23] But we're going to change all that today.
[00:00:26] This is Cameron, he is the Global CISO and Head of Infrastructure at Anitin, Director
[00:00:30] of IT Infrastructure and Operations.
[00:00:33] And together they are at the forefront of integrating cutting edge technology into the
[00:00:38] fashion world.
[00:00:39] And I think this is a crucial topic because we're all guilty of flicking through various
[00:00:45] devices enjoying seamless experiences without thinking about the tech that makes it all
[00:00:51] possible.
[00:00:52] So today I want to learn more about their current project that involves a major upgrade
[00:00:56] of their retail sites that is enhancing both wireless connectivity and security to support
[00:01:01] a new SaaS based POS system that is operated by iPads.
[00:01:06] So join me today where we're going to talk about what excites these tech leaders about
[00:01:11] attending Cisco Live, the innovations that they are integrating into Steve Madden's operations
[00:01:16] and how they balance robust security with seamless user experience in high retail environments.
[00:01:24] And hopefully we'll also delve into the evolving role of CISOs in retail, the impact of AI
[00:01:30] on both security and management and the real world challenges that they face in aligning
[00:01:35] IT with business strategies.
[00:01:38] So buckle up and hold on tight as I beam your ears directly into the show floor of Cisco
[00:01:44] Live here in Vegas.
[00:01:47] We'll talk about all this and much more.
[00:01:51] So a massive warm welcome to the show.
[00:01:54] Can you tell everyone listening a little about who you are and what you do?
[00:01:58] My name is Kamal Siddique.
[00:01:59] I'm the Global CISO and Head of Infrastructure at Steve Madden.
[00:02:03] My role is to provide business all of the technology and tools so that they can innovate
[00:02:09] and bring the right products to the market.
[00:02:11] I'm about to complete my first year at Steve Madden.
[00:02:15] Prior to that, I have about 25 years of experience building and managing information security
[00:02:21] and infrastructure teams.
[00:02:23] Well, it's a pleasure to have you on the podcast.
[00:02:25] And of course, I've met you both on the show floor today here at Cisco Live.
[00:02:29] So Nitin, would you like to tell everyone listening a little about you too?
[00:02:33] Yeah, sure.
[00:02:34] My name is Nitin Sherbastava.
[00:02:36] I am Director of IT Infrastructure and Operations.
[00:02:40] I have been with Steve Madden for about 15 years now.
[00:02:44] So I have kind of grown with the company and seen where we were, where we are now, and
[00:02:50] where we are headed and how technology drives the business at Steve Madden.
[00:02:56] So I've been lucky enough to work in infra and build the data centers, build the systems
[00:03:04] that Steve Madden relies on to become the trendsetter in the fashion industry that they
[00:03:09] are today.
[00:03:10] Well, I'm looking forward to digging a little bit deeper on that with both of you today.
[00:03:14] But before we do, obviously, I've just caught you live on the show floor at Cisco Live.
[00:03:18] So much going on, so much to say and so many big conversations.
[00:03:21] I've got to ask, and I'll start with you Nitin first.
[00:03:24] What excites you and a brand like Steve Madden about attending a tech event like Cisco Live?
[00:03:30] We are embarking on a new phase of technology at Steve Madden.
[00:03:35] So this was a perfect time for me to be here and look at all the different solutions that
[00:03:42] Cisco has in the market today.
[00:03:44] Some we are already delving into and some that I'm here to actually learn about and
[00:03:49] see how it can fit into the Steve Madden business and help us improve our IT delivery to the
[00:03:55] business.
[00:03:56] Incredibly cool.
[00:03:57] And what about yourself?
[00:03:59] So for me, it's really kind of important to meet with the executives, see what the vision
[00:04:03] is, meet with the product teams, look at the roadmap, right?
[00:04:07] Where are the improvements coming, right?
[00:04:10] We have been revamping our suite program.
[00:04:13] We have been revamping our infrastructure.
[00:04:16] So where do we go from here?
[00:04:17] So that's kind of the most important for me to connect and make sure that we are aligning
[00:04:24] our roadmap based on the Cisco innovations that are coming down the road.
[00:04:30] And of course, Vegas is always awesome.
[00:04:33] Incredibly cool.
[00:04:34] And obviously for everybody listening around the world, Steve Madden is a globally recognized
[00:04:38] brand that serves millions of customers, but it's not typically associated with technology.
[00:04:44] And that's something that I always try and do on this Daily Tech Podcast.
[00:04:47] So what is the tech that makes those user experiences that your customers take for granted?
[00:04:52] Can you tell me a little bit about that?
[00:04:53] Some of the tech that makes it all possible?
[00:04:55] Yes.
[00:04:56] So technology is a business enabler, right?
[00:04:58] So end of the day, no matter what business you are in, kind of around this time, it requires
[00:05:04] business to enable the innovation, go to market, access customers.
[00:05:10] So in retail in particular, availability and performance in an omni-channel environment,
[00:05:15] we have brick and mortar stores, we have e-com, we have wholesale, we need to take care of
[00:05:20] distribution.
[00:05:22] So the performance and availability is ultra important.
[00:05:25] And how we connect with our customers, it's easy for them, we are always available and
[00:05:29] their data is secure with us.
[00:05:31] That's what we drive for.
[00:05:34] So when you're implementing a new SaaS-based POS system that runs on iPads and so many
[00:05:38] different devices, what are the key security considerations you must prioritize, especially
[00:05:44] when protecting things like customer data and ensuring transaction integrity?
[00:05:48] It's one of the things we don't hear about when we get excited about cool tech things,
[00:05:53] but it's equally as important, isn't it?
[00:05:55] If not more so.
[00:05:56] So we are...
[00:05:57] The key pieces that we are paying attention to on this new POS system that runs on iPads
[00:06:04] is all the different integration points that helps build the customer experience with Steve
[00:06:09] Madden, whether it's loyalty programs, whether it's integration with third-party social media,
[00:06:18] how we reach out to our customers, how we present to them what Steve Madden has, like
[00:06:25] what are we offering?
[00:06:28] We're expanding as a business into apparel, not just shoes, right?
[00:06:33] Accessories is growing very rapidly in our business today.
[00:06:37] So as you said, protecting customers' data, that data hits many different integration
[00:06:43] points and securing it at each one of those integration points and systems that the data
[00:06:49] actually lives on or wherever it travels to.
[00:06:52] And I would imagine it's a real...
[00:06:55] A huge importance to you because more and more people are using iPads rather than the
[00:06:59] traditional laptops and desktop computers.
[00:07:02] Yeah, so it's kind of defense in depth, right?
[00:07:05] You need to put controls on endpoint and iPad being an endpoint, you need to take care of
[00:07:10] securing that, then kind of the network it connects to, be it...
[00:07:13] It has to be mobile, right?
[00:07:15] That's the experience we want to provide our users.
[00:07:17] So, of course, the Wi-Fi security and overall network security, and then beyond that, other
[00:07:22] additional controls that we are investing in.
[00:07:25] And then it's also a kind of shift in mindset, right?
[00:07:28] Where we had full control of the POS system that was running in our data center and we
[00:07:32] were controlling end-to-end connectivity and kind of securing that connectivity.
[00:07:37] Now we are working very closely with our POS partner.
[00:07:40] We're ensuring that we are connecting to them, integrating with them in a secure manner,
[00:07:47] and as well as we have the right set of controls that are monitored 24-7.
[00:07:53] So it becomes kind of important that third-party risk management becomes kind of more emphasized.
[00:08:01] And I think your journey that you've been on is something that will resonate with retailers
[00:08:06] and other people listening all around the world.
[00:08:08] So how do you balance that need for robust security measures without that demand for
[00:08:14] seamless and efficient user experience in such a high traffic retail environment like Steve Maddy?
[00:08:21] It's a great problem to have, but there's a lot of customers, isn't it?
[00:08:25] Yeah.
[00:08:26] So first thing is we always evaluate what we are implementing.
[00:08:30] We want to make sure that it fits into our retail stack without impacting the user experience.
[00:08:37] So end of the day, right, we are running this business for our customers.
[00:08:42] So if their experience is going to get impacted, then we won't have any business.
[00:08:46] We won't have the customers.
[00:08:47] So we are always very cognizant that any technologies that we choose, we are ensuring that they
[00:08:53] are, first of all, from ecosystem perspective, they're a good match.
[00:08:57] And then they bring the right value to us from security and infrastructure, availability
[00:09:02] and performance perspective without affecting or actually enhancing the user experience.
[00:09:06] Yeah, you covered it well.
[00:09:08] The best security is the one that you really cannot see and experience, but it's all happening
[00:09:13] in the background and giving our customers that satisfaction and that level of confidence
[00:09:18] that shopping with Steve Madden and sharing your personal data with us is going to be
[00:09:23] a good experience.
[00:09:24] And we're going to take every step to secure your data and make sure it doesn't land in
[00:09:29] the wrong hands.
[00:09:31] And a question I've got to ask on behalf of security professionals and techies listening
[00:09:35] is how do you see the role of a CISO evolving in the context of retail, especially with
[00:09:41] the shift towards more digital and more SaaS-based solutions?
[00:09:45] So end of the day, a CISO's job is to ensure confidentiality, integrity and availability
[00:09:52] of our systems and our data.
[00:09:54] So I see my job is to secure our business and our customers' data that we have.
[00:10:00] When we are adopting more of SaaS, it kind of puts an onus of managing third parties
[00:10:07] more diligently.
[00:10:09] So ensuring that you can see in depth what those interactions are like.
[00:10:15] And then here's kind of where the additional collecting that data and then having a platform
[00:10:22] which has Gen-A capabilities, for example, right, to sift through that masses of data
[00:10:26] to get, to glean the right outcomes or right findings that detect the right things and
[00:10:32] help automate those responses as well.
[00:10:35] Right, it's kind of that era has gone where you have kind of multiple analysts sitting
[00:10:40] and looking for anomalies.
[00:10:42] I think with all of these integrations with third parties, the focus is going to be more
[00:10:47] on how can you automate this?
[00:10:48] How can you sprinkle the AI dust on it and get the right information out?
[00:10:54] I love that line, sprinkle the AI dust on it.
[00:10:59] So spot on right now.
[00:11:01] With your extensive background in IT and security, how do you ensure that your team stays ahead
[00:11:07] of emerging threats and better adapts to the rapidly changing cybersecurity landscape?
[00:11:12] Because it is continuously moving, isn't it?
[00:11:14] And evolving.
[00:11:15] Exactly.
[00:11:16] I think we need to continuously invest in our people, make sure that they are getting
[00:11:20] trained, they're getting educated, kind of more educated than trained.
[00:11:25] Trained is kind of very specific to tools.
[00:11:28] Education is kind of more of the mindset, right?
[00:11:32] And then the program that we have is that we ensure that every member of the security
[00:11:35] team, they're reading at least a couple of podcasts.
[00:11:38] They're going through the podcasts and articles on dark reading, for example.
[00:11:43] And they share their findings with the team on a weekly basis.
[00:11:47] And then we run exercises, right?
[00:11:49] So you need to keep your tool sharp.
[00:11:51] So basically, we kind of believe in validation.
[00:11:56] So if you're saying that we have these controls in place, continuously validate those.
[00:12:00] And exercising the red team, blue team, purple team come very frequently.
[00:12:05] I think that helps keep the security team sharp.
[00:12:11] And just to bring to life everything that we're talking about here, do you have an example
[00:12:16] you can share of maybe a significant challenge that you faced when aligning IT infrastructure
[00:12:21] with a business strategy and how you overcame it to better drive growth and performance
[00:12:27] at Steve Madden?
[00:12:28] There's so many different business leaders are going to be listening that want, I don't
[00:12:32] know, to bring it to life with a real world example.
[00:12:35] Are you able to share one?
[00:12:37] Yeah, we can share one.
[00:12:39] So at the moment, we're embarking on some significant investments with Cisco based on
[00:12:47] what's happening on the other side, right, with this new POS system.
[00:12:52] So we're learning from our business, what's happening, what's coming.
[00:12:56] We're adjusting for that and we're getting the environment ready so that we can take
[00:13:02] on these new initiatives, these new applications, this new way of doing business and selling
[00:13:07] our shoes.
[00:13:08] So it's a very tight partnership with the business and understanding what's happening
[00:13:13] there and then coordinating and meeting, having synergy with those business drivers from the
[00:13:20] IT side and the IT infrastructure side of the house.
[00:13:24] And as an ex-IT guy, it's been bred in me that you can only improve what you measure.
[00:13:30] So I've got to ask, what kind of metrics or KPIs do you consider most important when
[00:13:35] evaluating the effectiveness of IT security and infrastructure strategies?
[00:13:40] And how do you use these to guide continuous improvement as well?
[00:13:45] Again, I'm an ex-continuous service improvement manager, so apologies to bring this up when
[00:13:50] we're talking about all the ex-IT in tech, but it's so important, isn't it?
[00:13:54] So if you look at it from a business perspective, right, of course for them, right, system uptime,
[00:14:00] availability, performance and scalability, right.
[00:14:03] Business is not static.
[00:14:05] It's not the old ages, right, where you will have months and months to prepare and now
[00:14:10] you're launching something and it's going to market.
[00:14:13] It's kind of immediate, right.
[00:14:15] So getting ready for that and being able to respond.
[00:14:18] So measuring that, right, how ready are we?
[00:14:20] How fast can we respond to business needs?
[00:14:23] Other than that, from security perspective, it's the KPIs that I think are table stakes,
[00:14:29] right.
[00:14:30] Looking at what were the first of all coverage, right.
[00:14:33] Are we providing the right coverage across all of our assets?
[00:14:37] Are we looking at every single asset or not, right?
[00:14:40] Then are we monitoring for the right things?
[00:14:43] And then when we monitor for the right things, are we seeing the right detections?
[00:14:47] And when we see the detections, are we taking appropriate actions either automatically, preferably
[00:14:51] or at least they're getting escalated with the right people, right.
[00:14:54] So kind of the end to end chain, we measure it at every level from 100% coverage from
[00:15:02] assets perspective.
[00:15:04] Do we have the right use cases deployed?
[00:15:06] We continuously improve on that, right.
[00:15:09] And then when the detections come, how fast are we responding with that and how much automation
[00:15:13] have you brought in?
[00:15:14] Now, obviously here at Cisco Live, AI is a huge topic, both on the show floor and off
[00:15:19] the show floor.
[00:15:20] What excites you about AI and everything you're seeing and hearing at the moment?
[00:15:25] I think the ability to bring in a whole lot of data, right.
[00:15:29] And ability to integrate with best of the platforms, right.
[00:15:34] And bring all of their data and kind of a bit of an automated way, getting the insights,
[00:15:41] right, that are actionable.
[00:15:43] And then that actionable, then you can turn into automated playbooks or at least playbooks
[00:15:48] that a security understudy level one can follow.
[00:15:51] Where previously I had to have an engineer kind of deal with that, right.
[00:15:55] So the kind of the journey of AI where we are and where it is going to go, that is really,
[00:16:00] really exciting to me.
[00:16:02] Absolutely.
[00:16:03] I think I can pour over so much more data than a human being can ever do, right.
[00:16:10] Traditionally, you subscribe to a SOC service and they have a bunch of analysts who are
[00:16:15] looking at security alerts coming from your environment.
[00:16:19] And then determining is there a threat?
[00:16:21] Is some action that needs to be taken here?
[00:16:24] AI can just do that.
[00:16:26] And you can be confident because AI has matured because of the investments, right, into this
[00:16:32] technology.
[00:16:33] Where we are now going to trust it to take security actions on our behalf and pouring
[00:16:41] through so much more data and getting precisely to where that threat might be and then mitigating
[00:16:46] that threat.
[00:16:47] Wow.
[00:16:48] And for anybody listening that would be interested in carrying on this conversation or just finding
[00:16:53] out a little bit more information about all the work that you're doing, the journey that
[00:16:57] you're on, where would you like to point everyone listening?
[00:17:00] So I believe that collaboration is the key, right.
[00:17:04] Networking with the peers is very important.
[00:17:06] What worked for them, what's working for them, where they're going with their roadmaps, right?
[00:17:12] Aligning on that is really important.
[00:17:14] So I'm very active on LinkedIn.
[00:17:17] I always network and here to converse and get some wisdom.
[00:17:22] Awesome.
[00:17:23] Well, I'll add a link to everything so people can find you both nice and easily.
[00:17:28] So much I love chatting with you today about aligning IT with the organization and business
[00:17:33] strategy, leveraging technology to drive growth and performance.
[00:17:36] We hear a lot about the AI fairy dust, but as you said, it's about those real business
[00:17:40] results.
[00:17:41] So thank you for sharing that with me today.
[00:17:43] Thank you, Neil.
[00:17:44] Thank you for having us.
[00:17:45] Well today you've learned how a brand like Steve Madden leverages technology not just
[00:17:50] for operational efficiency, but as a transformative tool for market leadership.
[00:17:56] And after listening today, I invite you to share your thoughts on how technology is reshaping
[00:18:01] the fashion industry.
[00:18:03] And also, what are your experiences in technology, in retail and completely different sectors
[00:18:09] too?
[00:18:10] I'd love to hear your story.
[00:18:11] So please email me techblogwriteroutlook.com x linkedin Instagram just at Neil C. Hughes.
[00:18:19] And if you are here at Cisco Live, send me a DM.
[00:18:22] It'd be great to meet up in person.
[00:18:24] But that's it for today.
[00:18:25] So it's time for me to hit the show floor once again.
[00:18:28] Thank you for listening as always.
[00:18:30] And until next time, don't be a stranger.