The Six Five In the Booth with IBM Security VP Chris Meenan at RSA 2023

By Patrick Moorhead - April 24, 2023

The Six Five – In The Booth for RSA 2023, hosts Patrick Moorhead and Daniel Newman welcome Chris Meenan, VP of Product Management, Threat Detection and Response at IBM.

Their discussion covers:

  • How the evolvement of AI will be more powerful and efficient, leading to a major impact on IBM’s product strategy
  • IBM is embracing the future of innovation in the security space by investing in new technologies and partnerships
  • IBM’s core principles of trust, transparency, and innovation are helping drive security across their portfolio
  • How essential open and interoperable technology/tools are to IBM’s security strategy

Be sure to subscribe to The Six Five Webcast so you never miss an episode.

You can watch the full video here:

You can listen to the conversation here:

Disclaimer: The Six Five On the Road is for information and entertainment purposes only. Over the course of this webcast, we may talk about companies that are publicly traded, and we may even reference that fact and their equity share price, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors, and we ask that you do not treat us as such.


Patrick Moorhead: Hi, this is Pat Moorhead. We are back for another Six Five virtual In the Booth. We’re talking RSA, we’re talking security. I am here with my co-host, Daniel Newman and my bestie. How are you doing my friend?

Daniel Newman: Patrick, great to be here at RSA, kind of. I do love these virtual in the booths. It gives us the opportunity to talk to you and hear about and be part of all the news and for you and I, the occasional ability to do it from someplace that doesn’t require us to get on an airplane.

Patrick Moorhead: That’s for sure. And we’re not going to be at RSA kind of, I mean, we’re going to be watching videos and tuning in, but RSA is all about security and it is incredible what has happened over the past decade. I mean, we have nation state budgets, we have hacking as a service, and anytime as a service comes in, it is big. But hey, let’s jump in and introduce our guest, Chris Meenan from IBM. How are you doing, Chris?

Chris Meenan: I’m doing great, Dan and Pat.

Patrick Moorhead: Thanks for coming on the show. First time on the Six Five and hopefully not the last. We have had a lot of IBMers on the show and we’re just glad to have you.

Chris Meenan: I’m really glad to be here. Looking forward to talking.

Daniel Newman: Yeah, it’s great. It’s great to have you here, Chris. And we’re going to hop right in because in the booths are fast-paced.

Patrick Moorhead: Boom, boom, boom.

Daniel Newman: Let’s look back to the pre-pandemic era, 2019. IBM security and McAfee founded the Open Cybersecurity Alliance, or also known as the OCA. This was established to develop and put out a set of common code patterns and practices so that cybersecurity tools can share data to seamlessly interoperate with one another. Now in 2023, is the idea of open technology and interoperable tools still a core value of the product teams?

Chris Meenan: Yeah, I mean, if anything it’s become even more important. I mean, when we started that initiative with McAfee and got all the other companies in that open source initiative, we were really focused on, there’s too many tools out there. They all need to be wired together. It’s causing a lot of additional time for security teams to put these together. And then they’ve got all of these different user interfaces. So there’s all of this additional complexity because these tools fundamentally don’t talk to each other. You wind the clock forward now. With COVID, there’s been a mass acceleration to the cloud that’s driven even more security tooling as that attack surface has now grown.

The attackers now get more infrastructure to go after as ports are spread all over clouds and SaaS surfaces. So there’s even more tooling, there’s even more user interface complexity, there’s even more integration. And the skill shortage is only even getting more and more acute. So there’s that need to drive simplicity for the security teams, giving them more time to focus on outcomes and not wiring together lots of tools that is. We’ve seen even more initiatives around openness and interoperability. So I think this is going to continue to gain momentum and become really a foundational piece of a lot of security capabilities.

Patrick Moorhead: We talked about this in the green room, Chris, or in our pre-briefing, but it seems like suites and/or open and interoperable is definitely the way to go because the time that these companies get to integrating it in, they’re three versions behind, and a lot of these integrations actually expose security holes. Let’s dive into AI. I mean, listen, security and AI, there’s nothing new to that. It’s one of the ways that the intruders are doing hacking as a service. It’s not just about throwing an army of people, it’s about throwing an army of intelligent AI, AI bots. But we are here, I mean, in the next evolution, whether it’s GANs, whether it’s generative AI. Can you provide any predictions on how AI will evolve and have the influence on your product strategy? Because you’re helping the good guys trying to keep the bad guys out.

Chris Meenan: So look, AI is, I mean, obviously it’s really, really hot right now. You’ve ChatGPT, has taken the world by storm. And as I look back over the last few years, IBM has been investing in AI heavily and we’ve been seeing an evolution of the technology and importantly how it’s being used. And one of the things we had seen, and I think is really ChatGPT is a really great example of is first of all, AI has to sit in the workflow of the user. It just has to be part of their narrative, part of the user experience of the workflow they’re using to achieve some outcomes. It can’t be this thing off to the side. The more infused it is, the more seamless it is, the easier it is to adopt. So we’ve absolutely seen that and I think that will continue to increase.

So AI everything will increasingly become with AI helper to the side. I don’t think we’ll see a mass replacement of humans with AI or anything like that. It will be about AI infused to accelerate somebody carrying out a job or an outcome in a piece of software. And that will continue. I think the area that we’ll see a lot of innovation around is trust and reliability and transparency. AI is very powerful, but it’s not always right. There are certain biased things in AI. AI can be exploited as well by attackers and influenced to give incorrect answers. So I think that reliability transparency is going to become increasingly important, especially as you can imagine, as the work, as users become more and more accustomed to actually trusting and relying on the output. That trust is only earned. And when incorrect answers are given, that trust can disappear. So and therefore, and user’s minds can pivot very much away from trusting it and using it. So I think that whole area of trust and reliability and transparency is going to be the sort of next evolution.

Daniel Newman: Chris, I love some of the things you said. I’ve been on the record more than a few times talking about the augmentation, the difference between upskilling, the difference between displacement, replacement and the needs for enterprises to be able to leverage data to be able to build trust and upskill the workforce. Concurrently, I’ve also gone on the record on a few different occasions, said IBM is pretty uniquely positioned to capitalize on generative AI as it relates to proprietary data that exists inside of enterprises. So we’re seeing this big inflection around the open internet and all the data that’s being used to create models.

This is creating an adoption swell, but for companies to create a competitive advantage, whether that’s to secure their technology or competitive advantage to use data to drive experiences or operational efficiency, it’s going to be really found in the proprietary data. And that’s where IBM and its services have been really well positioned. I think the next couple years could be really good for you guys. Let’s talk a little bit about technology and tools though. Let’s pivot that way. In 2023, are you seeing or finding or sharing what would be considered core guiding principles with your teams across product, across development of your portfolio, to help drive security?

Chris Meenan: Yeah, there’s a few things there. Obviously there’s how we go about creating solutions to help our customers. And the thing that I always emphasize, there’s several things I would emphasize, but some of the key ones really are, everything has got to take work away. We’ve talked about the skills shortage. It’s actually a global skills shortage. The skills globally are set to decline. So we’re going to see, and that’s part of the reason AI is becoming so popular and is because it seems as really helping with that and accelerating outcomes. So everything we do now, we always say we have to be taking work away. If you’re going to give the user a new screen, you better remove three. So that concept of don’t add work, don’t add more insights unless you’re actually driving to the outcome more quickly in a really tangible way. Because it’s very easy for, especially with new technologies coming by, everyone get very excited about some new piece of tech, but actually if you’re not careful, that can actually add work. It can actually cause additional work without that focus on what’s the outcome and am I taking work away?

So that’s secondary. Again, just focusing on the outcome, making sure that tech isn’t just going to integrate these two things. What’s the outcome? Are we driving to a faster decision? Are we getting a more accurate decision? Absolutely critical in today’s world, especially with cost savings, and again, they need to act more quickly in this heightened threat environment, expanded tax surface. And then finally it’s just that take nothing for granted. Don’t take for granted that customers will know how to use your capabilities by default. Don’t take for granted they’re going to know how to wire things together or even what they need to switch on, take nothing for granted as we move forward. And they’re really some of the things that I keep sort of beating on because I think if you put customer problems into the top and you focus on those things, you’ll generally get a good solution out the other end for sure.

Patrick Moorhead: So Chris, we’ve had your CEO, Arvin Krishna on the Six Five a few times. In fact, he kicked off our summit last year. That’s our premier program. And he has been quoting, talked a little bit about IBM strategy, which is to, hey, let’s lean a little bit more forward where the world is going in relation to technology versus let’s say where it’s been. And historically I would say that IBM has some very conservative customers. So the previous strategy made sense, but it also risked maybe getting left behind with the technology. But now we have IBM and Quantum, we have IBM doing foundation models with AI supercomputers. How does this new strategy or a new way of doing things impacting the way that you’re focusing on innovation in the security space?

Chris Meenan: Yeah, thanks. This tension between what we’re doing today for customers and what we need to be doing in the future is something that IBM has a real focus on managing internally. So we always think about, you may be familiar with our horizon concept, where you’ve horizon one, two, and three capabilities. So we have a very healthy pipeline and team of people looking at those horizon free type opportunities. They are the blue sky thinking. They’re the ones where we’re going out and leveraging things like foundational models outside of large language models and chatbots, actually taking those and applying them to specific business problems to drive better outcomes. Things like quantum where quantum has that…

Quantum takes off the core of security of encryption could really be put at risk. So we’re really focusing on that because in three to four years’ time, that could become a really big problem. But in the meantime, we always, obviously, customers trust us. We are a trusted partner. We have a huge focus on ensuring our customer success. So we always keep focused on those horizon one and two products as well and make sure that we are delivering on the needs the customers have today.

Daniel Newman: Well, Chris, this has been really interesting and entertaining to have a conversation about what I would say is one of the most important technology trends right now. As we’ve seen rotation out of growth at all costs, we’ve seen companies becoming more and more focused on how do we secure our data, our perimeter, create trust, reliability, and obviously IBM is very focused on being able to deliver some of those core tenants. I think that had a lot to do with the company’s stability over the last couple of years. I do believe it was one of the highest performing stocks in the market during the period when the rest of technology was really getting whacked. And it was because you’d never strayed from that sort of core belief of serving the enterprise and taking care of those complex needs. Security is very high on that list. So while we can’t be there with you at RSA, Patrick and I love the opportunity to do this in a virtual setting and be part of the RSA experience for IBM. Chris, thanks so much for joining us.

Chris Meenan: Thanks for having me. It’s been fun.

Daniel Newman: All right, everybody, there you have it. Hit that subscribe button to check out all our coverage from RSA and of course all the Six Five coverage from Patrick and myself. For this episode of Six Five In the Booth, virtually from RSA. It’s time to say goodbye. We’ll see you all later.

Patrick Moorhead
+ posts

Patrick founded the firm based on his real-world world technology experiences with the understanding of what he wasn’t getting from analysts and consultants. Ten years later, Patrick is ranked #1 among technology industry analysts in terms of “power” (ARInsights)  in “press citations” (Apollo Research). Moorhead is a contributor at Forbes and frequently appears on CNBC. He is a broad-based analyst covering a wide variety of topics including the cloud, enterprise SaaS, collaboration, client computing, and semiconductors. He has 30 years of experience including 15 years of executive experience at high tech companies (NCR, AT&T, Compaq, now HP, and AMD) leading strategy, product management, product marketing, and corporate marketing, including three industry board appointments.