Industry Trends

Field CISO Q&A: Alain Sanchez

By Fortinet | October 02, 2019

We regularly do Q&A pieces with our executives to share key insights and leadership perspectives at Fortinet. Read below for an interview with Alain Sanchez, Field CISO at Fortinet, that touches on common challenges that C-level executives face, the future of cybersecurity, and advice for CISOs.

You talk to a lot of C-level executives. What are a few common themes that come up as concerns -- across industries, enterprise sizes, etc.? What are some of the common pain points?

In a world of change, C-level executives need to be inspirational leaders. Their role is not to master disciplines that are continually evolving but to create an atmosphere that values innovation and inspires continuous progress.

Are there any disconnects between CISOs and other business leaders within their organization that may be surprising to the security organization?

At first glance, the disconnect may be due to the differences in culture; technical versus business. But as the CISO transitions from becoming Ms. or Mr. “No” to becoming an active enabler of secure innovation, the other business leaders – the CMO, CFO, and CEO – perceive their value in a better light. Deploying SD-WAN, for example, empowers remote sites, reduces the overhead of costly MPLS traffic, AND reinforces security. It’s a strategic solution where everyone wins.

What does the future of security look like? 

Security becomes the necessary condition for the 4th Industrial Revolution to succeed. Without securing the exchanges, our hyperconnected world may never cash in on the benefits of the merger between the three worlds: the Physical, the Biological, and IT.

How does a security fabric approach protect customers in the future of security?

A security fabric creates a holistic vision across security solutions because it is natively designed for pure integration. When the sandbox talks to the anti-virus solution that is deeply integrated into the secure email gateway; when the wireless network complies with the same, unique policy as any wireline segment; when the analyzer procures a high-level view of the degree of compromise across the entire distributed network; and when reports highlight critical indicators of compliance, the whole of security is greater than the sum of its parts. It enables a Broad, Integrated, and Automated approach to security, where Broad expands and deepens visibility, Integrated ensures holistic protection, and Automated accelerates response times while enabling humans to focus on more strategic activities.  

How does that intertwine with security-driven networking?

Security-Driven Networking characterizes the latest generation of protection where critical networking functions – such as segmentation, SD-WAN, and virtualization – are processed in parallel with security functions without degradation of performance. When operating as a single, coherent system, there is never any compromise between security and performance because securing the data and optimizing the network are executed in parallel.

Is there any specific advice that you find yourself sharing most often in your discussions with other CISOs and CSOs?

The CISOs of tomorrow have to be business partners or they will cease to be relevant. By explaining in business terms what superior security enables, you become an enabler of change, and that will empower you to enlist the entire C-Level suite to your efforts. 

Learn more about the challenges CISOs face in the modern era.

Find out how Fortinet’s Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital attack surface from IoT to the edge, network core and to multi-clouds.