IGEL at the Edge of Cybersecurity Transformation

[00:00:04] Welcome to The Business of Cybersecurity, a podcast which is part of the Tech Talks network. My name is Neil C. Hughes. You may know me from the Tech Talks daily podcast, which covers a completely different area every episode. And in this series, The Business of Cybersecurity, I explore where security and businesses intersect.

[00:00:27] Today, I caught up with John Walsh, Cybersecurity Strategist and IGL's Field CTO for Critical Sectors. With a background in high assurance security, stretching from missile systems to patented innovations in zero trust, my guest today brings a deep perspective on where cybersecurity is heading, and most importantly, what organization should be doing right now.

[00:00:52] So John is going to be unpacking the key risks facing enterprise IT and OT environments in 2025 and beyond, from those practical challenges of securing hybrid work and BYOD, to the complex implications of connecting AI models to critical data. And we're also going to be discussing why zero trust is often misunderstood, how IGEL is helping simplify its adoption,

[00:01:20] and why endpoint security is now more relevant than ever, especially in an era of distributed work and AI-driven threats. And we'll also talk about the shifting balance between user experience and security, and why preventative models are finally gaining traction, and how IGEL is positioning itself to meet the needs of industries facing relentless transformation.

[00:01:47] So if your business is grappling with how to build resilience without creating friction, or how to future-proof your infrastructure as cybersecurity threats grow more sophisticated, you're going to love this one. So how are you approaching security at the edge? And what does zero trust mean inside your organization today? I'd love to hear your thoughts. But before I turn the microphone over to you, it's time to get John onto the podcast now.

[00:02:15] So a massive warm welcome to the show. Can you tell everyone listening a little about who you are and what you do? Nice to meet you. Pleasure to be here. My background started in aeronautical and astronautical engineering. Went to Purdue University and started in missile systems, weapon systems, and eventually worked my way up into management positions where I inherited businesses that were high-assurance, security-oriented.

[00:02:43] So over the years, and for the last probably 20 years, I've been focusing on things like zero trust, security from the semiconductor itself all the way to the cloud. We're here in Miami for IGEL now and next 2025. And once again, you guys are shining a spotlight on cybersecurity. So I've got to ask, off the bat, what are the top threats that enterprise need to be preparing for in the months and years ahead? And I appreciate that.

[00:03:12] It's a huge question. But anything you can share around that on those big threats that you're viewing at the moment? Well, I would say that right out of the gate, as we were talking about before, we actually got together here. The rise of the hybrid work environment, bringing your own devices to work, the increase in connectivity, just everything that's occurring in the workplace today, along with the increase in the sophistication of the threats and so on,

[00:03:40] I think we're faced with something that we have to deal with right away. Our traditional perimeter-based security architectures don't work. So I think the first and foremost component of what organizations are focusing on is zero trust, where is the edge, where are the attack services, and we're migrating to cloud and hybrid types of environments. I think secondly, and by the way, that's OT as well, right?

[00:04:09] So whether we're talking enterprise or whether we're talking OT, that issue is similar. I think that the next thing that we are being faced with really is AI, right? So if I'm using AI in the workplace, right, depending on what we're using it for, let's say, for example, we're using AI to improve our business performance. In that scenario, it's very likely that the AI,

[00:04:37] LLMs and so on are connected to our crown jewels, right? Yeah. Because we're wanting to connect to the data that has the most value and then leverage our AI models to do something with it. So I think that a lot of companies are beginning to really seriously think through their AI architecture. Where are we going to house it? Is it going to be a cloud-based, on-prem based? Is it going to be a hybrid of products that we acquire and integrate together?

[00:05:07] Or is it going to be a private AI model that we're going to develop ourselves? Either way, we are going to have to have an approach to secure the endpoints that feed data into your AI model. So I think things like iGel, where we can secure the endpoint and apply some of the principles we'll be talking about this week, provides, puts iGel as an ideal endpoint to connect to your AI model.

[00:05:35] I think other things that we're going to be faced with relative to AI is the fact that if there is a breach, if data gets into the AI learning model and spoofs it, how do we know where our last moment of truth was and how do we recover? Because we're going to have so much tied up and invested in these models. I also think AI is going to have a big impact on the threat side, in terms of its ability to generate more sophisticated threats faster than we recover.

[00:06:05] And we're going to be utilizing AI on the cybersecurity side as well. So I think AI in general is going to have a big impact, and people are just now beginning to kind of sort through that. And I think the third item is probably quantum, post-quantum. Right. So we're entering an era where quantum computing is becoming more forefront. And we have companies like Google, Amazon, large companies investing significantly in quantum resistant crypto

[00:06:35] so that we consumers can continue to enjoy the ability to use Amazon Prime and not worry about some quantum threat that could just break into our banks and so on. So I think post-quantum is, again, going to be something that over the next five to ten years becomes a bigger and bigger issue in the security area. Yeah, 100% with you. And I think right here, right now, zero trust also becomes –

[00:07:02] is continuing to be a major focus in cybersecurity. But there are still many misconceptions. Some people think it is still too complex, too difficult to implement. But I'm curious, from the conversations that you're having with business leaders, what would you say are some of the biggest myths surrounding zero trust? And how should organizations maybe rethink that approach? Well, I think zero trust is – we've been talking about zero trust for a long time. Yeah.

[00:07:27] And so there's that whole marketing buzz around what is zero trust. And I'm not sure everyone out there really uses it properly or understands it, right? So that's created some myths, some – I'll call it zero trust fatigue in the marketplace. But I think that a big myth that surrounds zero trust is this idea that it's just a single product or it's a technology. One product's not enough.

[00:07:56] It's really a model. And depending whether you follow NIST or whether you follow the DOD or CISA, we now have established over the last several years requirements in terms of things that we need to verify or validate that we have to meet in order to meet the zero trust target requirements. To do that requires more than one product. And it really requires, in many respects, partners.

[00:08:25] Because in the old days, we had a lot of companies that would focus on, I'll say, one aspect or element of the house of zero trust. The user, the devices, the networks, or whatever, right? And the perception was in order to get something that we could leverage, in other words, use the information we have to the best extent that we can to determine the identity

[00:08:50] of the subject to develop some trust level that we have relative to the subject for a specific task that they're going to perform or access that they're requesting, to be able to tie that to a policy, right? Then to enforce that policy and continuously monitoring it and getting it as granular as you can, if you will, for the specific task at hand, was something that required a lot of folks' products to talk to each other,

[00:09:20] and they didn't do that well. So what I see happening and a big shift in the industry is companies are working together, and certain companies are taking the lead in not only providing the ability to get information that is used in policies, but to provide policy engines that can make decisions that then can be enforced at endpoints. And so I would say in our case, let's say in the case of IGEL, for us,

[00:09:49] what we see as a big opportunity is this idea in zero trust that you need some sort of a unified, common layer, management system, communication system, so that you can achieve the kind of things I've just described, is where we're focused, right? We have this very lightweight, very secure operating system. It runs on x86, ARM, pretty much any type of a device,

[00:10:18] and it enables you to get secure access to what we call a unified management system. So our platform has been designed from day one with the ability to manage the endpoints and enforce configuration at the endpoint. So today what we're doing is we're opening up our unified management system in order to interface or interact with our partners,

[00:10:44] so that we can take other information about the policy, for example, surrounding some sort of criteria they've established, and they can communicate that to our UMS for us then to control what resources the endpoints that are running IGEL get access to. So we help enable that common, unified management system that's required in the integration for zero trust, which typically has been looked at as very costly and complex.

[00:11:15] We're helping solve that problem. That is a big problem to solve, so kudos there. And of course, many organizations still struggle with balancing security and the user experience. I would say that's possibly more important than ever now, and any kind of friction frustrates users straight away. So how does IGEL's preventative security model, how do you help businesses achieve both of those things? Because again, it's another big problem you're going after.

[00:11:42] Well, I think it depends how you define that, right? And at what level in the organization. So if you're at the CISO level, and you're looking at the attack surface and minimizing the attack surface, you're up at night addressing those known unknowns, right? The things that I don't know about. So to have a very large attack surface at your endpoint and things like that are things I'm going to worry about. Does my crowd strike?

[00:12:09] Does my trial do all these things that I have work? I think one of the things that we do in helping make that problem an easier problem to address is we eliminate about 90, 95% of the attack surface at the endpoint. So it makes the problem of endpoint security a lot smaller so that the folks can begin to focus on those things are most important. That's number one.

[00:12:37] Number two is the other folks that think about the security from the standpoint of it impacting their organization are the infrastructure guys, right? Availability, right? When we have to continuously tune, continuously change, we have an event like we did with CrowdStrike as an update, things go down. That availability issue becomes a big problem.

[00:13:03] So in our case, with the preventative security model and the way we eliminate the risk, if you will, at the edge, we make it a lot easier and a lot transparent for the infrastructure folks as they focus on the cloud, right? Because the resources that we're providing the end user at the device level is really coming from our UMS and being accessed to the cloud.

[00:13:28] So from the perspective of the user experience, the guy who's actually sitting at the device, everything's transparent. And from the standpoint of logging in, getting on the system, getting the working environment and the experience that you're looking for, there's low latency, complete transparency, and as far as they know, life is good. And although we have been talking about zero trust for many years now,

[00:13:56] the good news is, of course, that the adoption of zero trust is accelerating, especially in critical sectors like government, finance and manufacturing, etc. So what unique challenges do all these industries collectively face? And how can they implement zero trust more effectively? Any tips or advice you'd give around that? Yeah, I think we've kind of hit those in a sense. The critical sectors need seamless integration across multiple environments without disrupting their operations.

[00:14:26] And the challenge in accomplishing that with zero trust is getting to this unified communications and management layer or approach that's not overly complex or costly. It's great to see many of the partners out there, Zscaler on this, Okta, AppGate, you name it, Trellix, all working together and all working with their own approaches to accomplish that.

[00:14:50] And our goal here at IGEL is to, with our small piece of it, make sure that we plug into their unified communications and management layer in such a way that on the endpoints that we manage or that we control, they're getting that benefit and meeting those zero trust requirements. And another topic I wanted to bring up with you today is endpoint security,

[00:15:17] because that is often an overlooked aspect of cybersecurity strategies. So just to set the record straight here, why is it so critical and what steps should organizations be taking to strengthen their endpoint defenses? Again, big topic right now. I'd just like to hammer home that message. Well, I think it's because in the past, traditionally, the endpoint's been 95% of the attack surface, right? Yeah.

[00:15:40] So obviously, whether it's phishing attacks, whether it's web server attacks, however, the adversary breaches or gains access to the architectures typically at the endpoint. So we've got to stop chasing the endpoint. As we're moving into the environment of BYOD, the hybrid work environment, all the things we just talked about, we've got to get the patching, the continuous configuration management,

[00:16:08] all of the things that we traditionally have to do at the endpoint, off the endpoint. And taking something like IGEL, which is a secure, immutable operating system, where I no longer have any data on the endpoint, the social engineering of the endpoint problem goes away. I'm no longer chasing the endpoint problem, right? I'm really taking the security to a whole new level.

[00:16:35] So I think that the long and short of it is we have to, as bandwidth is increasing, as latency is going down in terms of our ability to connect, we've got to take advantage of that and go to lighter weight endpoints that don't have the level of vulnerability that we've traditionally seen in the past. And looking at the beginning of our conversation, we were hinting or talking around AI-driven cyber threats. They are becoming more sophisticated.

[00:17:00] How do you see AI further reshaping the future of cybersecurity, both from an attack and defense standpoint? It feels like one big game of cat and mouse almost. I think that AI is really new. If we're talking about AI from the perspective of cybersecurity, I've seen a number of applications for AI already emerging, right?

[00:17:25] An application to take a look at the kill chain, various CVEs, and determine based on the defense capabilities you have using an AI model to construct the kill chain and determine whether the products you have are capable of blocking the attack. Am I covered for this attack? How rapidly should I begin patching unless I'm not covered?

[00:17:52] Certainly, as the haystack gets larger and we're looking for the needle in the haystack, that breach or that attack, AI certainly can be used to leverage learning and other things to kind of get the noise out and try to start to look for, as these attacks become more sophisticated, where the real problems are.

[00:18:18] I think that if you think of incident response today and you think about the people in incident response centers, they're like traffic controllers. And what's happening is we're seeing more and more traffic, right? So we've got to get the amount of traffic, the amount of noise down, so they're not chasing a lot of things and creating a lot of stress around things that aren't meaningful.

[00:18:42] I think that's an area of focus for a lot of the AI models that people like CrowdStrike and people like that use. But I think the last thing, and I know I'm going on here a little bit, but the other thing is, and whether we're really going to permit it, is using AI to stop the attack before it launches.

[00:19:06] So this idea of a preventative security model is stop real time before it's detected. And in the past, we've been reluctant to do that because of concern over operational availability and the impact on the organization. If we stop something, we shouldn't have stopped. So at some point, I think AI has to be used in cybersecurity to start looking at the potential of how do we stop the attacks before they happen.

[00:19:37] And one of the great things about talking here at a tech conference is all the different conversations you have from people far and wide, not just within your own organization. So if I would ask you to look in my virtual crystal ball here, any trends or innovations in cybersecurity you're hearing about, you're talking about here, you're most excited about, maybe even keep you awake at night, anything that you're seeing and how are you at IGEL positioning yourself to lead in this continuously evolving landscape?

[00:20:07] Well, no doubt for IGEL, we're announcing new feature capabilities that allow us to play across a much larger landscape. In the OT, IoT, we're going to be starting to get more engaged with devices that are in manufacturing, healthcare, pharmaceuticals, not just the enterprise. So that's very exciting. To leverage the capabilities that we have with Zero Trust,

[00:20:34] with our unique secure operating system and the preventive security models, very exciting, especially when we start partnering with folks in the ecosystem who bring capabilities to the table that we both can leverage together. I think that's where the excitement is, is in creating new solutions and innovating our platform with theirs to address what's coming in the future. Exciting times ahead.

[00:21:01] And of course, this episode will go live on day one of IGEL Now and Next. So after this interview, what other areas of IGEL Now and Next are you looking forward to checking out? Anything that you've got your eye on? Well, I think for those who are attending, myself included, we'll have 21 announcements, I think, that Klaus will be making tomorrow. That should be extremely exciting, especially for those who can take advantage of some of them.

[00:21:28] And at the keynote on Wednesday, we're going to be talking about some of the things we discussed today, which I think folks will find very exciting. Because we're moving in a direction at IGEL from a secure operating system and endpoint management capability to as we move to zero trust, as we move to the ability to manage virtualization at the edge

[00:21:54] and these other things, to participate in the solutions that our customers are delivering, our partners are delivering to their customers. And so I think that it's going to be changing the face of IGEL over the next coming years. So Wednesday, we'll be giving you some insights into the things we're doing in that direction. Wow, 21 announcements. That's a lot of press releases for me to get through. So I'll be looking at that and reporting on some of those.

[00:22:22] And for anyone listening, maybe they're not at the event. Maybe they want to just find out a little bit more information. Anywhere in particular you'd like to point everyone listening that just want to find out more information? Yeah, for those who are interested and for some reason they don't see or get what they're looking for, look me up on LinkedIn. A huge thank you to John Walsh for that thought-provoking interview today, which I think serves as a timely reminder that endpoint security is no longer an afterthought. It's a foundation.

[00:22:51] Whether it be eliminating the attack surface at the device level to building partnerships that simplify zero trust integration. I think John painted a very clear picture of where security strategies need to evolve. And from what I'm hearing here, I think it's clear that IGEL is moving beyond secure endpoints to play a more central role in shaping secure, scalable and sustainable digital workspaces.

[00:23:18] So if you're not already tracking what they're doing, now might be the time. And for those of you that are curious to learn more, I will add links to John on LinkedIn and IGEL's website and the event page where we are this week. But I'd love to hear from you. How are you planning for the next wave of cybersecurity innovation? And what's your take on how AI, zero trust and secure endpoints fit into your roadmap? Let me know your thoughts.

[00:23:47] Email me, techblogwriteroutlook.com, LinkedIn, Instagram, just at Neil C. Hughes.