Tom Field: Hi there. I'm Tom Field, senior vice president of editorial with Information Security Media Group. I am at our Government Cybersecurity Summit in Washington DC, privileged to be talking about zero trust. Speaking with Dennis Reilly, the vice president, public sector for Gigamon. Dennis, pleasure to see you in person for change.
Dennis Reilly: Thank you, Tom.
Field: So, zero trust. How has this conversation evolved, I would say over the past two and a half years, as it was the big commercial at RSA, and then particularly since last year, with the President's executive order.
Reilly: Right, so, the conversation about zero trust started over 10 years ago. They got supercharged with the Biden administration with the executive order, and improving the nation's cybersecurity. And since then, the administration, through OMB memorandas and funding through the Congress, has made it a top-of-mind topic.
Field: Where were you seeing agencies, in particular, make progress and conforming with the executive order?
Reilly: Right, so each agency starts from a different place, there's different strengths and different gaps that they want to fill. So, depending on where they find themselves, they're picking different areas. We're focused on the network pillar. No one vendor can solve all of the agency's issues. But what we're finding is that there's a lot of interest in getting visibility into what's happening on the network and deep observability. So, the agencies can take network-based action to improve cybersecurity and also find any bottlenecks that they might have in a hybrid cloud infrastructure.
Field: Talk about this a little bit, Dennis, because that was at the top of your presentation. You talked about network traffic visibility. What are you observing? And how are you helping organizations respond?
Reilly: Yeah, so what we're seeing is that agencies understand that if something happens on the network, there's going to be a record of that. It can be observed, either at the packet level or through metadata. And then, they can analyze that and then quickly take action to interrupt and attack. So, because of that, they've used programs in the past, like the tedious diagnostics and mitigation program, and now technology, modernization funds, and they own their own agencies' appropriations to put in infrastructure. In our case, it's a next-generation network packet broker to give them that pervasive network visibility and that deep observability pipeline.
Field: Every time I talked to John Kindervag, he tells me that people still don't quite understand what zero trust is, and is not. Do you see some clarification in the public sector market?
Reilly: I do. People recognize that it's a journey. We're seeing that from the DHS and the office of the CIO at DoD, and it's going to be a multi-year journey. It's an approach. And there's going to be different maturity levels and incremental progress over those multiple years.
Field: Where do you see leadership among the agencies?
Reilly: So, that's interesting. I think we're seeing leadership out of CISA. At DHS, we're seeing leadership out of the office of CIO Randy Resnick and his team. But one particular agency that we've been impressed with has been the Department of Agriculture. CIO Gary Washington has used agency funds, as well as technology modernization funds, to supplement his budget on his journey to zero trust.
Field: It's good. And as you know, state and local governments are paying attention to what's going on, the private sector certainly is. What do you want our audience to know about Gigamon, and how you're helping organizations on their own zero trust journeys?
Reilly: Sure. So, we agree that it's more than just government, also into the private sector, especially in the regulated industries. So we're helping agencies and private sector organizations make sure they can see what's happening on their network, that they get deep observability. So, they can then take action. The idea is, if you can't see what's happening on your network, you can't defend it. If you can't see an attack, you can't protect yourself against it.
Field: And this is much in line with the guidance we're seeing come out of the government as well.
Reilly: Absolutely. So, we're happy to be involved in zero trust. We enjoy great relationships with industry and with government, and we look forward to continuing that.
Field: Well, Dennis, I look forward to having more conversation with you. Thank you so much for your time today and for your presentation as well.
Reilly: Thanks so much, Tom.
Field: Topic has been zero trust. This is Dennis Riley. He is with Gigamon with the public sector. For Information Security Media Group, I'm Tom Field. Thank you for your time and attention today.