The Day in the Life of Trellix’s CISO

By Harold Rivas · August 3, 2023

I am often asked what it is like to be a Chief Information Security Officer (CISO), specifically what it’s like at a global cybersecurity firm. And as we just launched “The Mind of the CISO” initiative and CISO Council at Trellix to provide CISOs a forum to share wisdom and address issues they encounter, I wanted to share my story. There are many parts of my career I enjoy, and of course, a few obstacles along the way that I know many others face as well.

A unique perspective

I feel my position at Trellix is a bit unique.

First, it is always interesting to be the target customer for your own company, and I’ll get to more of that in a little bit. Second, I wear multiple hats because I am not solely focused on the blocking and tackling you think of when it comes to cybersecurity. My role at Trellix is very broad where I focus on risk management, compliance, and other activities. To add, I partner with many other departments and teams including sales, public relations, human resources, legal, and more. The day-to-day is never boring for me because through all these partnerships, I have the opportunity to flex many different skills.

Customer zero program

Back to being a target customer... What makes my job even more fun and interesting is our Customer Zero Program at Trellix. We are focused on helping and serving CISOs around the world and across industries, and I myself am one of those CISOs. My team and I are “Customer Zero” for when Trellix develops a new technology or service offering.

As we know, the cybersecurity threat landscape is constantly evolving. From what we saw in Trellix’s 2023 Mind of the CISO report, 96% say they need better solutions for their organization to be more cyber resilient. And I am one of the 96% out there. I am hungry and searching for the next big idea on how I can better protect the business and help other CISOs protect their own organizations. And our research and development (R&D) teams are looking for those requests and feedback to build out their roadmaps and requirements.

With the “Customer Zero Program,” we have a bi-directional relationship where I share my goals and challenges with those developing the technology and service offerings. R&D builds version one, my team and I are first to test and provide feedback, there are reiterations, and then an even better, more comprehensive offering is built and available for other CISOs in the market to adopt.

I find quite a bit of value in Trellix’s “Customer Zero Program.” I will say the number one focus of it is providing a security operator’s point of view and guidance back to the R&D teams. Then they are better equipped to create valuable cybersecurity products, services, and research reports for the market.

Cybersecurity talent

A challenge I have faced in the past and I know many others out there are struggling with today is finding and retaining top cybersecurity talent. We saw in our 2023 Mind of the CISO report that a shortage of skilled staff and the ability to retain/recruit was among the five biggest challenges CISOs face.

One way I have been able to overcome that hurdle is with my front-row seat to our R&D teams. Knowing what they are thinking about developing gives me a competitive differentiation to find top talent. I can share with job seekers the multitude of projects and new capabilities Trellix is producing and how these unique opportunities can help further their career.

Until next time

As I mentioned, I see my role at Trellix as unique. I am focused on the security of Trellix, as well as the security of all of our customers. Plus, I am highly focused on the future of the CISO profession. And there is much more to share in a future post on how I see the role changing and evolving.

Until next time, I hope you can join Trellix’s CISO Panel at our upcoming virtual event, the Trellix Ransomware Detection & Response Virtual Summit.