In this episode, Nicole Bucala, VP and GM of the Comcast Technology Solutions Cybersecurity Business Unit, dives deep on how CTS eats their own dog food, the necessity of investing in security, data fabric, and so much more.
In this episode, Nicole Bucala, VP and GM of the Comcast Technology Solutions Cybersecurity Business Unit, dives deep on how CTS eats their own dog food, the necessity of investing in security, data fabric, and so much more.
--------
How you approach data will define what’s possible for your organization. Data engineers, data scientists, application developers, and a host of other data professionals who depend on the Snowflake Data Cloud continue to thrive thanks to a decade of technology breakthroughs. But that journey is only the beginning.
Attend Snowflake Summit 2023 in Las Vegas June 26-29 to learn how to access, build, and monetize data, tools, models, and applications in ways that were previously unimaginable. Enable seamless alignment and collaboration across these crucial functions in the Data Cloud to transform nearly every aspect of your organization.
Learn more and register at www.snowflake.com/summit
Producer: [00:00:00] Hello and welcome to the Data Cloud Podcast. Today's episode features an interview with Nicole bu vice President and general manager of the Comcast Technology Solution Cybersecurity Business Unit. In this episode, Nicole talks about how CTS eats their own dog food. Data fabric, the necessity of investing in security and so much more.
So please enjoy this interview between Nicole Bucca and your host, Steve Ham. How you approach data will define what's possible for your organization. Data engineers, data scientists, application developers. And a host of other data professionals who depend on the Snowflake data cloud continue to thrive, thanks to a decade of technology breakthroughs, but that journey is only the beginning.
Attend Snowflake Summit 2023 in Las Vegas, June 26th to 29th to learn how to access, build and monetize. Data tools, models, and applications in ways that were previously unimaginable. Enable seamless alignment and collaboration [00:01:00] across these crucial functions in the data cloud to transform nearly every aspect of your organization.
Learn more and register at www.snowflake.com/summit.
Steve Hamm: Nicole, welcome to the podcast.
Nicole Bucala: Thanks for having me. I'm excited to.
Steve Hamm: Great, great. Now, Nicole, you were hired just a few months ago to manage the cybersecurity suite of products that's being produced within the Comcast Technology Solutions Business Unit.
So if you would please tell us about the Comcast Technology Solutions Unit and its role in the company.
Nicole Bucala: Yeah, absolutely. So Comcast Technology Solutions, or cts, is an entrepreneurial division within Comcast Cable ct. S'S mission is to take what Comcast develops internally and to bring it to market. This is a pretty neat mission because if you think about it, Comcast is a Fortune 30 company with offerings across [00:02:00] media and entertainment and network connectivity and many other things.
And so, CTS has a diverse portfolio and acts very much like a startup within this larger company. It's been great to see the flexibility that CTS offers as we seek to bring the first cybersecurity products to market.
Steve Hamm: Yeah. Now, I know you, you've only been there for a few months, but this whole idea of. A large corporation having such confidence in its, its technology that it kind of brings it out as products to sell to others.
Is that something kind of a new trend in the industry or a new trend in, in the media?
Nicole Bucala: You know, I can't comment for industries outside security, but I would definitely say that this is the first company I've seen do this within cybersecurity, and I think it speaks volumes because in essence, we are eating our own dog food.
What I mean by that is we are offering other companies the same products that we use internally and that work for [00:03:00] us, and that we're very happy. So I think it would be interesting to see other companies start to do this as well, but I definitely think it's a differentiator for us. Yeah,
Steve Hamm: yeah. No, it seems like it would be really good.
I mean, the, the, the broader use you get of technology and of a shared platform, the more power to everybody involved in it. So I think that's a really cool thing. Yeah, that's exactly right. Yeah. Hey, talk to us specifically about the cybersecurity suite of products. You know, what's in the suite, how do they work?
Nicole Bucala: Yeah, yeah, absolutely. So we have two offerings in the suite. The first one is data B. Data B was inspired by a cybersecurity and compliance data platform. We like to call it a data fabric platform specifically, which is an emerging market segment that was developed inside our global ciso, Newport Davis' organization.
Her goal in developing the original platform that inspired data B [00:04:00] was to essentially save money and free up analyst time. You know, cybersecurity has led to the proliferation of tools and with a proliferation of tools, data has become very siloed and so the more silo the data, the more tools emerge to try to make sense of the data.
And so you get this negative snowball effect. And so, Naper and her organization did was they basically turned the concept on its head and said, instead of focusing downstream on tools and analytics, let's focus upstream on the data. Let's bring all the data together. Let's make sure it's quality so everyone can look at it appropriately.
And then let's, let's analyze it from there. So that's what Data V is. Then we also have Blue Vector. Blue Vector was an acquisition that was made by Comcast a few years ago. It's an advanced threat detection, an advanced threat hunting platform that's primarily sold to the US federal [00:05:00] government. And so that is, Also a really, really exciting solution that provides advanced capabilities to some of the world's largest organizations that suffer some of the most stringent security attacks.
Steve Hamm: Yeah. Now, when you talked about data B, you talked about it being a data fabric platform. What's the fabric part of that?
Nicole Bucala: The concept of data fabric is basically bringing together disparate data sources, data sets across the organization so that you can have a unified global data strategy. If you think about it, if if data is in silos and it's not easily joined, then it's hard to have a single source of truth.
It's hard to create trending compliance reports, for example, if the data set keeps changing every time you need to make the report. Um, and so the idea of data fabric is you go through the organization and you really kind of weave like a fabric, all these disparate pieces of data together. The other [00:06:00] thing I love about data fabric in the context of security is I think it's the first time that security professionals really have a true opportunity to bring business context together with security logs.
Years there was talk about the concept of business driven security. How do you bring organizational context and business logic into your security decision so that they can become more actionable? And we saw NextGen Sims, we saw XDR try to do this, and you know, they've been more or less successful. I think that a data fabric platform, which already has been proven out in non-security use cases, actually has really great potential to be effective here.
Mm-hmm.
Steve Hamm: Yeah. Now you, I've referred a couple times to the fact that you're relatively new to Comcast, and you came from Zscaler, a cybersecurity software company. Why did you decide to make the switch?
Nicole Bucala: So firstly, Zscaler is such an incredible company. It's probably the best company I've ever worked at.
They are one of the [00:07:00] fastest growing companies in the cybersecurity segment, and they've really transformed the way users can connect to essentially applications and the data they need to do their job. So I was very, very happy there, but then this opportunity came. And I thought to myself, wow, this opportunity has some really unique things.
One, it's a completely new way to architect delving into compliance investigations and threat hunting and threat detection, right? Has the security data fabric platform that was solving a problem that I'd seen many vendors try to solve, including vendors I'd worked for and. And so that was interesting to me to finally see someone bring forth a solution that was proven at Comcast scale to be effective against this longstanding issue.
The second thing was, frankly, being able to work closely with a CISO and her organization to launch a product inspired by something that she had invented herself. Mm-hmm hmm. That was pretty cool because [00:08:00] again, if someone is already using the product and is happy with it and speaks volume, To approving out some of those value propositions.
And then the third reason is Comcast is known as having a very staunch security organization, so it's, it's very well respected in that regard. They'd been a customer of my past employers, and so I was really excited to be able to work with this actual security team.
Steve Hamm: Yeah. Yeah. Now you're, you're pretty new to this.
You're coming in, there's a, an existing internal product and then an existing product bought through acquisition. And I imagine there are more that you're planning, so you're kind of switching from, uh, things were developed for other reasons, and now you have to kind of, do you have to adapt them or change them in any ways to make them really work as external product.
Nicole Bucala: Oh yeah. So, and just to clarify, blue Vector, while it was an acquisition, is used internally and that's actually why it was acquired, because it's also used internally. And so the, [00:09:00] the theme here is that we're making products that we use internally available to others. Right. But to your point, there's a big difference between.
A product that's developed and engineered internally and a product that can be provided to customers. There are things like quality metrics, documentation, deployability. Really what the team is thinking about right now is how to think about the total customer life cycle when delivering this. Product and also recognizing that while there are a lot of customers that are similar to us, they'll also each have their differences.
And so we need to be able to build a platform that's flexible enough to treat those various differences.
Steve Hamm: Yeah. Yeah. I would think you have to do a lot of outreach work to find out what the customers are gonna want, the external customers. Classic program management kind of of stuff and and setting specs and things like that.
Nicole Bucala: Yeah, yeah. And we've actually done quite a bit of that. So we've had several conversations with Fortune 500 customers, and I've been [00:10:00] wowed to see that 100%. Every customer agrees with a problem that we're solving. You know, their, there's Simmons too expensive. It's no longer working that well. They have too, too many tools, and they're all very interested in the concept of creating.
Open security data lake architecture, which is essentially what we've facilitated with data B, the security data
Steve Hamm: fabric. Yeah. Yeah. Hey, just in case people aren't familiar with this, what's a sim.
Nicole Bucala: Yeah. Uh, Sam is a, a security incident and event management tool. Um, they've been around for at least over a decade and they're used by analysts for both compliance and security reasons to do investigations and so they work typically end-to-end to ingest and parse data store.
And then allow analysts to do analysis and provide reporting. Yeah. And what's actually really interesting, that's a really good segue as to why this security data fabric architecture is different, right? Is it has the potential to decouple those different [00:11:00] pieces of the sim. So for example, data B is doing the data ingest and parsing some of that normalization, and then Snowflake actually does the storage.
Yeah. And. Customers can bring their business intelligence tools like Power BI or Tableau to analyze that data in Snowflake. Or they can bring another tool, like a security orchestration and automation response tool to analyze the data. And so we're basically taking those different pieces of the sim and we're decoupling it to disparate solutions.
That's actually. Naper saved a lot of money when she rolled this out because she was able to reduce all the redundant storage and analysis provided by a myriad of other
Steve Hamm: tools. I just wanna drill down a little bit further into, into the Snowflake connection. What exactly, what's the role of it within data B?
Or
Nicole Bucala: underneath. Yeah. So, so Snowflake is where all of the data, all of the magic gets deposited now with, with Snowflake, it, it is deposited in a [00:12:00] way that is really cost effective for the customer to store for long periods of time. So here at Comcast, we store over 10 petabytes of data for over a year. So that means that when we have to provide compliance reports, we provide them on the same data set, right?
That data set doesn't disappear because of retention limits. And so that allows people to have much higher fidelity in the reports and, and essentially the story that those series of reports would be telling. And so Snowflake also. A highly performant way for various different queries to be done in the data set.
And so it's very flexible. So you can have it operations, you can have compliance, you can have security folks all looking and using that tool. And so that's why we're really, really excited to partner with Snowflake.
Steve Hamm: Yeah. Yeah. Hey, I'm, I'm curious, so. This new approach was, was piloted and, and and invented in inside.
Now you're making it into this external product. Is that also bringing back [00:13:00] benefits to additional capabilities that that are really useful internally as well?
Nicole Bucala: We have a theory that it will, we have a theory that as we engage with customers, customer feedback right? Could lead to us to say, oh, that's a great idea.
And, you know, then we will implement that and we'll find a way to implement it both in the external version data mm-hmm. And our internal version of the tool, so then everybody gets, gets benefits.
Steve Hamm: So you, you've, you've given a good conversation. You, you've told us a lot about data B and I understand.
You've just now launched this product, and I wonder, could you take us under the covers a little bit about the relationship with Snowflake? How did that work and, and, and how does that really kind of superpower, you know, the data B product as it's coming out?
Nicole Bucala: Yeah, absolutely. So for those customers that have this mission to create this open security data lake i e, they wanna decouple their sim or they wanna move to a model where they can have analysts across different teams [00:14:00] querying data in a data lake.
We've partnered with Snowflake to make that a reality. So we have a customized strategic go-to-market agreement where we are co-selling with Snowflake teams to bring the joint solution. Two mutual customers. We also are working to help customers learn the benefits of actually decoupling a sim or the benefits of moving to an open security data lake architecture and why it's important to use a product like data B to actually gather the data and normalize the data and flatten it, and then deposit.
Into Snowflake. So that's just a little bit about kind of that partnership. You know, I think we are very, very excited because we see that there is significant. Opportunity in the mutual customer base, particularly within, you know, the Fortune 500, especially Fortune 100 Enterprise. And we've seen great results in our own usage of Snowflake [00:15:00] internally and are very excited to help other CISOs see those benefits as well.
Steve Hamm: No, that's really interesting. You know, when I think about it, I. When I came into, into the tech industry as a journalist, we didn't have cloud computing, or at least not this way. But when you, I, I think about these different layers, you know, the, the, the public cloud layer, the snowflake layer, the application layer in a sense.
You've got a bunch of sales partners on each layer whenever you take a product out, right?
Nicole Bucala: Yeah, yeah. We, we absolutely do. And so that's what's really exciting about the. I think the future that we both envision, which is that security now becomes all about the. And I think together between Comcast Technology Solutions and Snowflake, we have the opportunity to lead a new movement in the security industry to bring the concept of security under the global data strategy to start enriching security organizations with data scientists who [00:16:00] understand how to enrich data and make sense of data in a much more performant way.
And I think this is very much needed if we're gonna keep up with the hackers. Because the pace of attacks has only swelled and you know, we need to do something differently. Right. And, and I'm a big fan of movements that turn architectures on its head. So,
Steve Hamm: yeah, no, I think that's right. I think that's really good.
That's a, that's a huge change that could make a big difference both for organizations, but also for, you know, all the good guys who are, who are dealing with these cyber threats. So thank you for that. So you're in the middle of kind of a, uh, an exciting moment, both it sounds like both in your career and all, and also for the company, but also for the industry.
When, when you look out over the next year or so, what are the major trends or themes in cybersecurity that you see coming?
Nicole Bucala: You know, I see increasing focus, particularly on critical infrastructure and operational technology. Mm-hmm. [00:17:00] I think that's a, a really, really big one. I think Covid exacerbated it and it's, it's just continued to grow that segment of the market.
I also see more dollars being. Provided to security solutions from healthcare providers. So I would say pre 2020, you know, hospitals and other providers didn't really have much of a security budget. And so now that we're seeing more dollars being spent, we're seeing more startups emerge to provide solutions that work in the hospital settings.
And we're still seeing attacks that are fairly debilitating. So I think those two sectors have really taken off. And if you think about it, I mean an attack on a hospital and, and by that I mean a cybersecurity attack on a hospital. Or critical infrastructure could result in the loss of life that same day.
Sure, sure, sure. Right, sure. Whereas, you know, an attack on a financial solu institution absolutely could be highly debilitating, but it might not be life threatening. And so that's a really interesting turn. I also think there's gonna be increasing pressure to save costs, right? To consolidate tool sets and to rethink the [00:18:00] architecture in a security organization to.
Up dollars to continue to chase the the attackers. The fourth thing I would say is the concept of ai. We're also seeing some startups emerge that are starting to look at the fidelity of ai, right? And making sure that AI cannot be manipulated to result in an outcome that could be. Anywhere from life threatening to a nuisance, right?
But that's gonna be very, very interesting. The more we see AI get adopted, I think the more that risk grows and we're gonna have to see, you know, more solutions emerge. I see the future
Steve Hamm: fascinating modern age. Is this what the future holds? What we just talked about was kind of like what's happening in the, in the coming months.
But I'm gonna ask you to put on your visionary cap for a moment. Looking out. Five years or more. Mm-hmm. What are the emerging technologies that could help transform business, the economy, even society, you know, focus on [00:19:00] cybersecurity or broader if you want.
Nicole Bucala: One of the problems that I think we're seeing, again, exacerbated by covid is a problem in the educational sector.
I think we're still seeing teachers and parents rationalize a child's use of technology if it's everything from a mobile phone to social media to online textbooks. There's lots of different opinions on the pros and cons of that, and I think in the next five years we will actually see more studies come out that will show the various benefits of different approaches for different types of learners.
I also think we've seen, you know, speaking of security, the impact of cybersecurity attacks on a school system that has gone completely digital. Right? Right, right. And so I think we're gonna see, uh, in increased investment in security from an educational perspective. So that's a very interesting one. And then again, as we see some of this regulation that's come out really promoting the use of electric vehicles, I think we.
Much greater exposure from a security perspective to the [00:20:00] energy sector. And so, again, you know, apologies for taking this back to security, but I think as we see different technology trends, whether it's in ed tech or whether it's in driverless vehicles, there are security consequences of those booms. And so I think, you know, we're gonna, we're gonna see a lot more driverless vehicles of all types over the next five years, but we're also gonna see a lot of security issues come out of that as well.
So,
Steve Hamm: yeah, one of our recent guests came from a, a security firm, a specialist firm. They actually focus on bought attacks or bought, bought use for defrauding advertising in the advertising business. But it was just became so clear that this is like a cat and mouse game where, you know, the people who are defending get a new technology.
The people on the other side are quickly trying to overcome it. It seems like, I mean, ever since I can remember talking about cybersecurity security software, it's really been this kind of give and take and, and it's hard to tell [00:21:00] who's in the lead and, and nobody's in the lead for very long. So how do you see that playing out?
I mean, do we ever get to a point where the people who are defending privacy and, and assets and, and systems, Get out ahead and, and, and we can think about a really totally secure
Nicole Bucala: environment. I would say it depends on the. Yeah. You know, I think in the United States we've been fairly reactive when it comes to putting budget forth within companies to pay for security solutions to juxtapose United States to a country like Israel.
Right. And I did at one point work for an Israeli startup that was founded by an Xun 8,200, um, member. Right. So they. Very staunch security technologies that come out of that country. And you know, I think they're very proactive and they're somewhat ahead of the attacker. Right? Yeah.
Steve Hamm: You mean like security is, security is kind of designed in to everything from the beginning.
[00:22:00] Is that That's exact. That's
Nicole Bucala: exactly right. That's very well said. Good, good. Yeah. Now,
Steve Hamm: as a woman with a successful career in technology and specifically in cybersecurity, what advice do you have for other women interested in this?
Nicole Bucala: Some people think that to go into cybersecurity, you need a master's or a bachelor's in cybersecurity or electrical engineering and computer science, and you need to be technical, and I think that is becoming less and less true.
I think that as more and more of these cybersecurity businesses become mainstream, what these companies need is really good business leaders that understand how to provide a good customer. How to think about the total customer life cycle, how to think about driving essentially a good business. I think we've definitely seen in the sector a drawdown from investment in these SaaS companies, right?
Especially as interest rates have risen. I also think we have, uh, challenges in sales cycles. The enterprise cybersecurity sales cycles are very, very [00:23:00] long, right? It often. Many people to get those deals closed. And I think there's an opportunity to optimize how selling is done. And so when we think about women or just talent in general, right, that may want to enter the industry, I think there's a myriad of operational skillsets and selling skillsets that can also bring, bring value.
So, so to, to answer your question in a nutshell, I would tell anyone who wants to get into cybersecurity, lean into your strengths. There's a role for.
Steve Hamm: Yeah, that's interesting. I would've, I, I would've expected a little bit of a different answer just because, I mean, my sense is that you have both technology training and also business training and it.
It seems like cybersecurity always just seems just much more complex to me than, than so many other, so many other domains within the technology business. But you're saying that people can, can do it from the business side as long as they really have this kind of customer focus and customer [00:24:00] dedication.
You know,
Nicole Bucala: essentially, I think that the security industry is very dynamic and so if you're willing to. Yeah, you can do it. It is a very technical sale, and so if you enter it from the business side without technical experience, you're gonna have to learn the technology and how to speak technically. But as long as you have that learning and growth mindset, I think it's very possible.
Yeah,
Steve Hamm: yeah. Well, that's cool. Well, we've, we've, we've come to the end of our questions. I wanna tell you, I think it's, it's been a fascinating conversation. And I think data B is really a big idea and I congratulate your, your people for doing it and you guys for, for taking it out into the market. This, this whole idea of the fabric of weaving all the data together from, uh, from different departments or different domains that, you know, get breaking down those silos with that and using that as the platform, a common platform.
I think that's a very big idea. So thanks for bringing that to.
Nicole Bucala: [00:25:00] Oh, well thank you so much and thank you again for the great partnership that we have here with Snowflake. We certainly wouldn't be able to, uh, launch this great offering without it. So yeah.
Producer: Are you interested in learning how to build on Snowflake?
Join other developers, data engineers and data architects at Snowflakes Build dot local event series. Roll up your sleeves and explore the possibilities of building on snowflake with local in-person instructor-led workshops taking place across more than 30 global cities. Now learn more and register at www.snowflake.com/build.local.