Trellix offers an open and native extended detection and response (XDR) platform that helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Pulse 2.0 interviewed Trellix’s Chief Information Security Officer (CISO), Harold Rivas, to learn more about his professional journey and Trellix’s core values.
Harold Rivas’ Background
Rivas joined Trellix in December to lead the global security and compliance initiatives. Rivas said:
“In my role, I’ve incorporated learnings from two decades of industry experience where I honed my skills and broadened my perspective on cybersecurity. Trellix marks my fourth CISO role, my first outside of the financial services and FinTech space. Long before I stepped into a CISO position, I identified a passion to help companies strengthen their information security infrastructure through better management of vulnerability and threat detection, security operations, risk and compliance, and IT outsourcing deals, to name a few.”
“I believe in the importance of continued learning. After achieving my Bachelor of Science in Business Administration and Master of Business Administration, I pursued various industry certifications, including CISSP. As an active public speaker and proud member of the FBI’s InfraGard program, I share my perspective with the next generation of information security professionals and help protect our critical infrastructure.”
“At Trellix, my position is unique as I am dedicated to both Trellix’s security and that of our customers. I wear multiple hats, not limited to traditional cybersecurity tasks. My role encompasses a range of responsibilities, from risk management and compliance to collaboration with various departments such as sales, public relations, human resources, and legal. Aligned with Trellix’s Soulful Work movement, I am invested in shaping the future of the CISO profession, including improving the day-to-day for all SecOps teams, setting them up for success to prevent burnout and encourage retention.”
Favorite Memory
What has been Rivas’ favorite memory working for Trellix so far? Rivas shared: “I love meeting our customers and connecting with them individually as often as possible. At the RSA conference this year, I met many of them face-to-face. Our customers deal with the same challenges, so we share stories, lessons learned, and unique approaches we’ve picked up during our careers. Sharing a nugget of wisdom that may help them on their journey is very satisfying.”
Core Products
What are Trellix’s core products and features? Rivas explained:
“Trellix is redefining the future of cybersecurity with its open and native platform with extended detection and response (XDR) capabilities. Our platform enables organizations to bolster their protection and resilience against advanced threats, while streamlining SecOps teams’ workflows with automation.”
“The Trellix Endpoint Security Suite is another crucial component of the platform, offering a complete end-to-end security solution. This suite comprises Trellix Endpoint Security (ENS), Trellix Endpoint Detection and Response (EDR), and Trellix Endpoint Forensics, with key capabilities like proactive attack surface management, rich threat prevention stack, efficient alert triage and response, AI-guided investigation, and powerful forensics for root cause analysis.”
“Additionally, Trellix offers Network Detection and Response (NDR) for detecting and stopping evasive attacks. Our cloud-delivered infrastructure and email solutions provide enhanced security across the enterprise.”
“Trellix also provides services spanning risk and compliance, threat intelligence, security operations, data protection, cloud security, and incident response. These offerings help fill in organizations’ security gaps and ensure comprehensive security coverage.”
Significant Milestones
What have been some of Trellix’s most significant milestones? Rivas cited: “#SoulfulWork: Despite industry-wide efforts to close the cyber skills gap, it continues to grow, holding us back from innovation and ultimately putting our nation’s security at risk. Trellix announced its #SoulfulWork initiative at RSA Conference 2022 because we believe taking an informed, critical vantage on the state of diversity across industries is an essential element of instituting change.
In addition to challenging our internal approach to talent recruitment, training, and retention, Trellix has also announced several ongoing initiatives to support this core goal:
1.) Student Sponsorships – undergraduate and graduate students from the College of Southern Nevada, Duke University, Prairie View A&M University, Shenandoah University, St. John’s University, St. Phillips University, and the University of Nevada Las Vegas receive hands-on training from Trellix experts, networking and professional development opportunities, and free eLearning to support skill development.
2.) Diverse Partnerships – partnerships with Hispanic Alliance for Career Enhancement and Latinas in Tech, and the Historically Black Colleges and Universities Career Program.
3.) Women in Cybersecurity – Trellix partnered with Gotara to invest in the career wellness of women at Trellix. Trellix and Gotara’s joint goal is to support women as they navigate and thrive in their careers with us and in the cybersecurity industry.
On July 31, 2023, the success of our ongoing Soulful Work movement and our commitment to the future of our cyber workforce was highlighted in the National Cyber Workforce & Education Strategy released by the White House and The Office of the National Cyber Director.
Xtend Partner Program Launch: To reinforce our commitment to a partner-led strategy, Trellix introduced the Xtend partner program in Fall 2022 to enhance profitability, engagement, and growth for its global partner ecosystem. This unified program prioritizes the partner’s needs and offers tailored support for each partner’s business model and local demographics, leading to better customer outcomes. Key elements include partner enablement through demand creation using sales plays, premium post-sale support, and professional services to build managed offerings. The program also supports partners’ professional growth and continued education.
CISO Council: Responding to findings from our 2023 Mind of the CISO report – which highlighted the growing need for CISO engagement and support – last month, Trellix launched its “The Mind of the CISO” initiative, one particularly of interest to me! This initiative, spanning an inaugural CISO Council, research, and webinars, aims to create a community for sharing valuable insights and lessons, fostering discussions, and addressing common challenges faced by CISOs.
From first-hand experience, I understand the importance of equipping CISOs with the tools and knowledge to defend against emerging threats. The CISO Council, comprised of CISOs from diverse industries, enriches the conversation with collective wisdom and experiences. By shedding light on the CISO’s world and fostering dialogue, we create a more resilient cybersecurity landscape.”
Differentiation From The Competition
What differentiates Trellix from its competition? Rivas affirmed:
“Trellix brings a new mindset to the cybersecurity industry — focused on XDR, holistic partnerships, and unlocking SOC analyst potential.”
“At Trellix, we embrace the power of diverse perspectives and value the input of our partners and customers. By placing the human element first, we ensure everyone enjoys the meaningful work they do. Our living XDR architecture is designed to adapt swiftly to the ever-evolving threat landscape, providing advanced cyber threat intelligence. We are redefining security, empowering every member of your organization with the confidence that comes from being consistently more secure each day.”
Future Company Goals
What are some of Trellix’s future company goals? Rivas concluded:
“As we pursue our mission to revolutionize our global security operations, we are embarking on a new, consolidated path that emphasizes accelerated innovation. By attracting world-class leaders to drive transformation and deliver results, we aim to meet the growing demand for our XDR platform, supporting its rapid adoption among customers. We prioritize empowerment of our engineering and product teams to spearhead innovation, ensuring we stay at the forefront of the industry and continue to exceed our customers’ expectations.”
