COVER STORY
development of a product that truly aligns
with the way LS&Co. wants to work.
“One of the key reasons we chose
Exabeam was the company’s willingness
to adapt, rethink things and go the extra
mile. There’s a lot of value there that I
can’t put a dollar next to,” said Ryan
Clarque, Senior Global Cybersecurity
Manager, Levi Strauss & Co.
Intelligent CISO caught up with Colin
Anderson, Chief Information Security
Officer at Levi’s, to discover more
about the Exabeam solution and why
the company decided to work with this
particular vendor.
What does your role as Chief
Information Security Officer look
like day to day?
I’m responsible for information
security for Levi Strauss, globally.
My role includes managing the risks
to information on-prem, against our
employees, in the cloud. These days, it’s
a challenging task for sure as attacks are
at an all-time high as well as dealing with
the pandemic issues that are challenging
industries globally. So, the role is
changing as one might expect and it’s
one that I’ve enjoyed for many years now.
How important is visibility to your
security strategy?
The Levi’s brand is 160 years old so
brand protection, brand reputation
and consumer trust are paramount. As
a result, information security is very
important to the organisation so we’ve
made some significant investments such
as this one with Exabeam, to really help
us protect that corporate brand and
protect our consumers’ trust.
Why did you select Exabeam as
the vendor?
you. So, what I loved about Exabeam
was that it looks for the anomalies
in your environment, the outliers. It
helps you to understand what ‘normal’
looks like, but it also helps you identify
abnormal events – what those things are
in the environment that require further
investigation. So, Exabeam was one of
the first tools many years ago that was
very analytics-based – it compiled a lot
of data, it looked to establish baselines,
and it helped you to alert on outliers.
What benefits have you seen
since the implementation a
couple of years ago?
First and foremost; visibility. These days,
environments are so large and you’re
having to deal with so much data to
monitor and alert on, as well as dealing
with billions of events. To really be
able to harness and understand what’s
happening in your environment, you
need technology and Exabeam gave
me that technology and visibility to help
make sense of all the events that were
happening in my environment. It helped
me zero-in on what’s most important to
me in my organisation.
How far has the solution
future-proofed operations
and how important is this for
the company?
What I’ve seen over the years is that
security is becoming a data challenge.
We’re bringing in more and more data
and it’s becoming more and more
challenging to analyse that data. There
are skills shortages and dynamic
attacks, so what Exabeam has helped
us do is to grow with the changing
dynamics, changing attacks, changing
data volumes and changing types. So,
in that sense, it’s grown with my security
organisation and has scaled up over
time – when I first installed Exabeam,
we were capturing around 5,000 events
per second and now I’m close to 30,000
events per second.
Where do you think companies
will invest in security in the next
five years?
Everything is moving to the cloud,
including Exabeam, so what we’re going
to see is more and more enterprises have
a very heterogeneous environment where
you’ve got some on-prem systems and
some in the cloud, you’re looking at data
in multiple locations and are supporting
users working from anywhere. To do that,
you need really good analytics and a
really good handle on what’s happening
in your environment and that’s where
Exabeam comes into play.
As enterprises evolve and they’re dealing
with more data and moving to the cloud,
the attack surface becomes more
complicated. This is because you’re
protecting corporate assets in multiple
locations and protecting corporate assets
that are being used by individuals in many
more locations. Typically, complexity is
the enemy of security, in most cases.
You want simple, you want a very basic
footprint which makes it much easier to
protect your enterprise and right now,
we’re dealing with a lot more complexity.
Exabeam has shown that it is able to
grow with us, handle that complexity and
handle that data growth. u
I have experience with many other tools
and many of Exabeam’s competitors
and the challenge I kept running into
was that, in regard to a lot of other
competitors, you find what you’re looking
for and with information security, it’s
usually what you’re not looking for or
what you don’t know about that burns
www.intelligentciso.com | Issue 27
53