'The game has just begun' in advanced generative AI

US firm Trellix was created last year following the merger of McAfee’s enterprise business with FireEye’s products division into a 40,000-customer company with over US$2bn in combined revenues.

In Latin America, the group now lists about 5,000 customers, with 1,500 each in Brazil and Mexico, and a presence in the Caribbean and Central America. 

The challenges the company faces to protect its customers are not necessarily new to the market, as they include the advanced sophistication of criminals, bolder ransomware, and new ‘doors’ to external breaches with virtualization, among other things, but they are set to increase exponentially with the expansion of automation and especially the boom in technologies such as advanced generative AI.

In this interview, Trellix’s VP for the US and Latin America, Ryan Goss, talks about the company’s vision for this new brave new world.

BNamericas: Which drivers are fuelling Trellix in Latin America one year on?

Goss: We like to say we're a startup, but a startup with over 40,000 customers worldwide. And we actually have quite a footprint in Latin America. We now have over 1,500 customers each here in Brazil and in Mexico, as we have a presence throughout the region, in the Caribbean, Central America. We have roughly 5,000 customers across Latin America.

Now with a formal structure, with local country managers, a dedicated operation under the new brand, we expect to capture the many opportunities in the network and systems security landscape. There’s a lot to be done.

BNamericas: Which markets are you giving particular emphasis to? 

Goss: We're investing and we're going to invest heavily in Brazil. It’s a massive market for us. And in terms of levels of sophistication, especially around cybersecurity. 

We have some of the most sophisticated customers in the region, by far [in Brazil]. Government, finance, telecom, manufacturing, you name it. So we'll continue to invest heavily in the country to support our customer base, as well as our more than 300 partner channels in the country. 

Then there’s Mexico, another very important market for us, of course.

We have three major regions for Latin America: Brazil, Mexico and what we call multi-country. This latter region itself is massive for us as well. We have a huge team located in different countries to support our partners and installed base. And in terms of employees, our biggest office in the region is Bogotá.

BNamericas: You mentioned some traditional verticals for the security segment. Which other sectors are you looking at in the region these days, or threats, perhaps?

Goss: It’s interesting. The other verticals I’d say are oil and gas, retail, healthcare, for sure. They offer great opportunities too, and great security risks as well. We break down our go-to-market worldwide into three segments. One is what we call majors, which are the biggest companies in the world. 

We call the part in the middle enterprise or mid-market, and then we have the commercial space, the base of the pyramid. And as you can imagine, we deal with different levels of sophistication and needs and complexity in each of these layers. The smaller ones also require security, but they don’t necessarily have the knowledge or the manpower. And this is something we want to assure they have.

You can buy the best of the best in terms of technologies, but you’re still going to have a staff issue. A challenge to effectively, implement, figure out, manage on a day-to-day basis and make sense of all of the stuff that these solutions are providing for the customers. So we really want to try and make it easy for them.

BNamericas: The region has seen an increase in attacks, in ransomware events against industry systems. Vulnerabilities have grown in recent years with the pandemic, as well as with the growth of automation, industry 4.0. And now we seem to be opening new ‘doors’ with advanced, generative AI and other emerging technologies. How do you see that?

Goss: This is particularly a huge area of investment for Trellix. At our Advanced Research Center, ARC for short, not only are we continuing to evolve our R&D, we're also working on threat intelligence. This means getting insights on what's happening on the dark web, discovering a technique or a ransomware attack, a new entry point. 

We share that in real time, not only with our community but also with governments and even our competitors. The adversaries have the advantage because they share everything. Trellix has been one of the leaders in sharing intel with our customers and with our community as a whole. We have over 600 integrations in our XDR platform, including all our competitors. 

From an engineering standpoint, data science, with artificial intelligence and machine learning, is a huge advantage to us. The telemetry that we have for our 40,000 customers is unparalleled and creates a huge data lake for us. We have over a billion of what we call sensors around the world. It can be an endpoint, a network device, e-mail.

BNamericas: And what can we expect in terms of security demands with the new technologies? I mean, there have been already reports of incidents involving major companies making use of ChatGPT, as well as of cybercriminals using it for identity manipulation.

Goss: I think we're just at the beginning of this race. The game has just begun. It's yet to play out. At ARC we're trying to monitor what is taking place in these new generative technologies, trying to stay ahead of those who distort its capabilities. 

It’s a challenge. We've mapped some new forms of threats, security breaches, through specific vulnerabilities created not specifically by ChatGPT itself, for example, but by how an employee used it from within a company network, for example.

It’s amazing what these technologies can do. But I think the challenges in terms of data protection will increase. It’s happening. Now, we're also looking at ways to leverage ChatGPT potentialities ourselves within the company. 

BNamericas: Where does Trellix store all the data it collects?

Goss: We're big partners with AWS. A lot of our datasets are with them. We have a global footprint and we also have to observe data sovereignty issues, government requirements, customer requirements for data to be local. But we also have our own private datacenters. So it's a mixture of both.