How do the world’s leading tech companies keep product and data secure?
In this InTechnology video, Camille talks with episode co-host Mohsen Fazlian, Corporate VP and GM of Product Assurance and Security at Intel, and guest Doug Fisher, Senior VP and CSO at Lenovo. They get into security-first strategy in product development, as well as the intersection of AI and supply chain security.
Emphasizing a Security-First Strategy in Product Development
Camille initiates a discussion with Mohsen and Doug on adopting a security-first strategy for safeguarding products across various departments. Mohsen starts by emphasizing that considering security as a mindset rather than just a feature is crucial, illustrating this point with examples like negative validation or negative testing to uncover vulnerabilities beyond what is typically identified through positive validation. Doug concurs, highlighting that security emerges from a synergistic set of capabilities, not isolated efforts. To illustrate, he recounts his requirement for all Lenovo employees, including the CEO, to undergo continuous security training or face disconnection from the network, a measure to mitigate the risks posed by security breaches. Both Mohsen and Doug advocate for the value of red teaming or hackathon events, portraying them as effective, interactive methods for both security specialists and laypersons within an organization to understand and prevent exploitable security weaknesses by adopting a hacker’s perspective.
Exploring the Intersection of AI and Supply Chain Security
The dialogue then shifts to the integration of AI and the security of the supply chain. Doug begins by voicing customer apprehensions regarding AI-driven, convincingly deceptive phishing attempts. Mohsen then explores the competitive landscape of AI in enhancing or compromising security from a business viewpoint. He describes how, although malicious actors are leveraging AI for sophisticated attacks, security teams are similarly employing AI to fortify the development, manufacturing, safeguarding, and distribution of products and data. The discussion extends to the advantages of emerging technologies like confidential computing, confidential AI, zero trust, and a transparent supply chain, with a special focus on the latter. The transparent supply chain is lauded for assuring customers through detailed encryption and tracking across the entire journey of a product’s supply chain. Additionally, Mohsen hints at the forthcoming enhancements in Intel’s Transparent Supply Chain 2.0, promising expanded capabilities.
Doug Fisher, Senior Vice President and Chief Security Officer at Lenovo
Doug has served as Senior Vice President at Lenovo since 2018 and took on the role of Chief Security Officer in 2020. Before joining Lenovo, he accumulated over two decades of experience at Intel, where his roles included Vice President and General Manager of the Systems Software Division, Corporate Vice President and General Manager of the Software and Services Group, and ultimately, Senior Vice President and General Manager of the Software Solutions Group. Before his time at Intel, Doug was at Hewlett Packard Enterprise for a decade, managing the OpenView Network Node Manager product line. He holds a Master’s degree in Engineering Management from Stanford University and a Bachelor’s degree in Electrical and Computer Engineering from Oregon State University.
Mohsen Fazlian, Corporate Vice President and General Manager of Product Assurance and Security at Intel
Since 2018, Mohsen has held the position of Vice President and General Manager of Intel Product Assurance and Security. His tenure at Intel spans almost three decades, starting his career as a Product Development Engineer before advancing to various high-level leadership positions within the company. Mohsen oversees Intel’s trust and security initiatives, including the development of confidential computing strategies. He is also tasked with implementing proactive security measures and risk management, overseeing security governance, and promoting a security-first mindset throughout the product development process.
Check it out. For more information, previous podcasts, and full versions, visit our homepage.
To read more about cybersecurity topics, visit our blog.
#transparentsupplychain #zerotrust #confidentialcomputing
The views and opinions expressed are those of the guests and author and do not necessarily reflect the official policy or position of Intel Corporation.
—–
If you are interested in emerging threats, new technologies, or best tips and practices in cybersecurity, please follow the InTechnology podcast on your favorite podcast platforms: Apple Podcast and Spotify.
Follow our host Camille @morhardt.
Learn more about Intel Cybersecurity and Intel Compute Life Cycle (CLA).