The changing landscape of cybersecurity

Speaker 1:

This is ClientSide from Fox Agency.

Nathan Anibaba:

Baldeep Dogra is the director of product marketing at BlackBerry. He is leading the industry strategy for BlackBerry with a particular focus on government and global financial services. Baldeep is global technology leader with 20 years of experience in enterprise and proven execution against strategy. He has played a pivotal role in the turnaround of BlackBerry as the company pivoted from a device-centric organization to one leading in enterprise software and services in security, risk and privacy, Baldeep Dogra, welcome to ClientSide.

Baldeep Dogra:

Thank you very much for the kind intro, Nathan. It’s my absolute pleasure to be here with you today.

Nathan Anibaba:

Really excited to have you on the show, we had you on our webinar and it was amazing, so we decided to invite you back on so we can ask you more questions and dive deeper into some of the points that you made. So, you’ve been with BlackBerry for about 17 years now, so you’ve had an insider’s view on how the company has changed from a handset manufacturer when you ruled the world, to where you are now, a leader in cybersecurity. We had Brian Clevenger on the show from BlackBerry, VP of marketing, a few weeks ago and he walked us through some of the major milestones. From your perspective, I thought it’d be interesting to start the show with how have you seen the company evolve over the last 17 years and talk us through the major milestones from where they were in early 2004 to where they are today as leader in cybersecurity.

Baldeep Dogra:

Wow, yeah. Good place to start, actually. Now, you know as a company, we’ve shaken ourselves out those shackles of being a hardware-centric company and we try not to talk about our formative years too much. However, I feel the company will only grow if it learns and adapts and that’s what I’ve witnessed and part of in the past, wow, 17 years. I was interviewing a candidate recently and she asked me, “How come I’ve been in BlackBerry for 17 years? What made you stay?” I said, “Well, look, it’s continuous reinvention, while maintaining our core mission, which is to make a difference.” Innovation, reinvention is critical and the way I see it, I’ve seen that every five years there’s been that reinvention, that transformation. When I joined in 2004, it was all about form factor and we needed to grow in enterprise. Then five years later it was about nonorganic growth, we’d made acquisitions like QNX and AtHoc for critical communications.

Then there was the iPhone, the iPhone came out and then it was all about apps. And then five years after that, we had to pivot and it’s changing. We began to pivot to software and then five years after that we acquired Cylance. Now we’ve got that shift to cybersecurity. I would say that throughout that time, I’ve been focused on enterprise customers, their needs and building teams to respond to those needs. Although where we are today is a big change from having customers like Jonathan Ross and his wife, Jane, David Beckham, Karen Brady, Matthew Vaughn, we had the Ritz Hotel and the Royal household, they love … All the Royals loved using BlackBerry devices.

Nathan Anibaba:

They loved their BlackBerrys.

Baldeep Dogra:

Absolutely.

Nathan Anibaba:

Interesting.

Baldeep Dogra:

Yeah. It’s less of that now because celebrities and enterprise don’t really mix together, but yeah, good memories.

Nathan Anibaba:

Some of them do, Elon Musk, Jeff Bezos, go down the list. There are some that have transitioned, but yeah, they’re not David Beckham. Let’s put it that way.

Baldeep Dogra:

I know, oh well.

Nathan Anibaba:

So, before we get into talking about the pivot that BlackBerry have made and also what you’ve seen in marketing, you’ve got a really interesting background yourself, which I think it’s worth just spending a moment or two on. You’ve got a background in physics and astronomy and that’s not the typical background that you would normally see from marketeers within enterprise businesses. What impact has that had on the way that you think about marketing and growth?

Baldeep Dogra:

Yeah, that’s a great question, actually. I’m a bit of an odd case, aren’t I? Look, so I think what underlines everything is passion. I really wanted to do astrophysics and my parents didn’t talk me out of it because I really wanted to do it. I wasn’t a boffin, I’m not really a walking brain by any stretch, but I had a passion and that stretched my imagination, that subject. I can’t think of any other subject that would stretch your brain to the limit, to the point where you think, “Maybe, actually I’m not supposed to understand anything beyond infinity.” University was great, I loved it and I loved doing all the astronomy, those late-night experiments and that kind of stuff. There’s a lot of maths, yes, I know, but it was fun. It was really good fun.

I remember sending one of the universities first emails and it was actually to an external recipient using SMTP, to a professor in Cambridge. That kindled my appreciation for messaging because that’s where I was going to get to once I left university, that’s when I started working in the nineties and that’s where the passion came into it and that was to make a difference, right?

Nathan Anibaba:

Mm-hmm (affirmative).

Baldeep Dogra:

We all know IT was growing in the nineties and messaging was a key part. That allowed me to go into consulting and then into sales, and that helped me get a job at RIM, which is what we were called then, Research In Motion, and I was in technical sales, mainly leadership roles, but then I wanted to do something different a couple of years ago.

I had a great team, but I wanted to try something different. I actually think I belong in marketing, I was always supposed to come here. I think that’s because of my creative skills, creativity, I love it, because that stood out the most in my previous roles and management would say to me, “Oh, you know what? You should have been a marketeer.” I used to come out with all these one-liners and stuff like that.

But most of all, I love framing issues and needs, and creating new things, creating new solutions to problems, and really into photography, so there’s this artistic side to me as well. I think I get that artiness and creativity from my mom. She’s a writer and an artist as well, so I feel I got something to fall on there and I think it’s all come together in marketing.

Nathan Anibaba:

I would say so. So, as director of product marketing, what are you responsible for? What are your main responsibilities?

Baldeep Dogra:

Yeah, great question. Look, I joined at an exciting time. I joined my current role at an exciting time because we were rebuilding after the Cylance acquisition and I knew my current boss, I knew him had had a little chat with him, Nigel Thompson. I said, “I want to help you out. What can I do?” Look, as a company, we’re essentially built on two pillars, cybersecurity and IoT. IoT is where our QNX division lives, for example, and essentially I have ownership of the UEM area of cybersecurity and all the mobile aspects of our UES part of our cybersecurity as well. The UES includes some really exciting products that are built at our Cylance AI platform, and luckily I’m building a team to help me with that, so there’s a lot to do.

Now, in addition to that, I’m continuing to build on our vertical messaging too, in addition to helping out with partners and messaging to partners, whether they’re solutions vendors, channel partners, or strategic partners. Now, the objective here is to get our customers to think beyond the endpoint and look more holistically at the user experience and securing that experience in a preventive and productive way.

Nathan Anibaba:

And clearly marketing for BlackBerry represents so many different touch points, and you’re talking to so many different verticals and customer segments as well, all the way from SMB, all the way up to the enterprise. What role does marketing have in the way that it influences preference, the way that it influences demand? Can you talk us through what the role of marketing and your role is on the overall growth of the customer base at BlackBerry?

Baldeep Dogra:

Yeah, it’s becoming even more important. So, you had Brian Clevenger before and he works in corporate marketing, these guys overarch our message, who is BlackBerry today? What are we about and where are we going? And we play a key part, how does cybersecurity fit into that message and how do our products fit into that as well? When I was in sales, I remember I believed in the saying, everyone works for sales. Now that I’m in marketing as well, I feel that everyone is a marketeer. Because in sales, you want people at the dinner table to talk about, “Look at this great device,” or, “Look at this great piece of software. Look at this great app I’m using, it’s really secure.” You want to be at the pub and you could show off or you could be in a concert, but a marketeer has to go the next level, be a bit more creative.

Oh, you know what, you’re at a dinner table, you’re talking about somebody’s job and what they do, and you could come out with an example and then you could actually bind their experience that little better. That’s what I really like, because now you are taking the customer experience, so that it means something, so that it has value. That’s where I think our role is, absolutely 100%. We need to make sure that everyone understands what that value is that we’re giving to our customers and listen to them more because that value could change over time and we need to adapt. In order to meet that, we have things like customer engagements, where we have in-person and virtual events, like advisory councils, where we listen to our customers and allow a discussion to happen between our customers and get some action points that we can actually take away.

We’ve got our own security summit in October that we all take part in, but we also take part in other major large industry events as well, present at keynotes, take part in breakout sessions and we’re getting more and more engaged with those. I’m actually looking forward to my first in-person event in November.

Nathan Anibaba:

That’s exciting.

Baldeep Dogra:

I haven’t done one of those since February 2020.

Nathan Anibaba:

Oh my God.

Baldeep Dogra:

Yeah, in front of real people, I can’t wait.

Nathan Anibaba:

Are you sure you don’t want to put on your Zoom at the same time? Probably make you feel a bit more comfortable.

Baldeep Dogra:

I might end up doing that just for habit’s sake.

Nathan Anibaba:

Just for old time’s sake. Right, exactly.

Baldeep Dogra:

Exactly.

Nathan Anibaba:

So aside from events and media and advertising, what other commercial channels are you guys using to drive the business forward, to deepen the emotional connection with the customer base and to ultimately drive demand?

Baldeep Dogra:

Yeah, I think our direct engagement is incredibly important and we’ve got a team dedicated to that. I think our engagement through our partner community is huge. Now, most of our sales is done through our channel partner community. Listening to them is incredibly important because they give a different perspective, a different take to the value that we need to provide our customers. So, we listen to them. We actually have a completely separate team dedicated to our channel partners with a way to be able to promote and message everything that we do in a way that they will feel that they can be a part of and that it will just resonate with them and help them in their business, but also to respond to their customer needs.

Nathan Anibaba:

And we know as well that in B2B, consumers and decision makers, and especially people at the enterprise, are far more emotional than they are rational, even though a lot of us still create communications that are far more rational in nature because we feel decisions should be driven by logic and rationality, when in actuality, there are so many of us … Human beings are essentially this walking bag of emotions.

Talk about how you’ve used emotional messaging in your communication to drive deeper engagement with the brand to drive the business performance. Is it something that you think about a lot? Maybe talk a little bit about that.

Baldeep Dogra:

Yeah, the brand is incredible. When I joined BlackBerry in 2004, you may or may not remember, some people might do, but we were represented by an envelope in motion and when we changed our name from RIM to BlackBerry, we changed the logo to a group of data packets in motion, which if you look carefully, it spells the letter B twice, demonstrating BlackBerry security, within these data packets, so it’s quite clever and that remains with us today.

So here’s a little interesting side note for you. In 2008 we were, believe it or not, number one on the list of global Superbrands. I think we were first on that list for a couple of years. I don’t know if you’ve seen Superbrands, they’ve got this great big book that you get if you’re on the list and we beat Coke.

Nathan Anibaba:

Amazing.

Baldeep Dogra:

Not many companies have done that.

Nathan Anibaba:

Phenomenal.

Baldeep Dogra:

And that was 12, 13 years ago. That was when we were at the peak of our emotion. But now the brand is less about emotion and more about trust. We just don’t want to be trusted by enterprise leadership, we want to be trusted by the end user as well because we’re building our software to allow maximum productivity while giving them peace of mind. We feel that will lead to more emotional attachment with the functionality we provide, because now they can do the work they want to do wherever they want to on whatever the device they want to, and that’s why our BYOD story is so strong as well. So, we feel that that will bring an additional layer of emotional attachment to our products and services.

Nathan Anibaba:

Let’s talk a little bit about cybersecurity. We’ve seen several high-profile cybersecurity attacks, even over the last 12 months that have affected all sorts of businesses, across all industries and across all geographies, actually. In what ways have those sorts of attacks affected your customer’s behavior in the way that they think about threat detection and the way that they think about protecting themselves from third-party threats?

Baldeep Dogra:

Yeah. Cybersecurity’s changed so much in the past 30 years. You probably remember the days when there was one little virus coming out and an antivirus company would respond to it in a day, or days, or weeks. It’s not like that anymore, you’ve got to be very quick and that’s why we prefer preventative medicine as opposed to reactive. But I think generally, the rise of these attacks is quite alarming and they’ve definitely brought the prospect of disruption front of mind. I think that’s the key thing here. Now, we know ransomware is all about criminals asking for ransom, however whether they get paid or not still impacts the day-to-day business. Time really is money and you take time away in a cyber attack.

In addition to this, customers are also more cognizant of the impact of cyber attacks. So, not just their IT infrastructure, but also what we call operational infrastructure as well, or OT, which is industrial equipment and assets, even things that are monitoring the supply chain. So you’ve probably seen, there’s been a lot of attacks on supply chains as well. That’s why I’ve got a huge focus at the moment on manufacturing and utilities because their industries, for example, which have seen more growth in cyber attacks, particularly on the OT side, the operational side.

Nathan Anibaba:

Really interesting. So, as it relates to manufacturing then, let’s say, what are the main threats that the manufacturing sector are open to or prone to these days and how do they protect themselves?

Baldeep Dogra:

Yeah. I think fundamentally, we need to be absolutely clear on this. I would say there’s an even split, give or take, between internal and external threats. Internal threats is all about cyber hygiene, with threats that could stem from things like a lack of process to deal with external threats, for example, to users clicking on phishing links or accidentally going on to malicious websites, or even using apps that have been exploited for malicious use. In the main, the users are innocent, it’s not their fault, but that’s something that process can help fix. That’s something that education can help fix and behavior. So, that’s what we call the internal threat.

Nathan Anibaba:

So, how do businesses stop that? I mean, it’s very easy. I mean, in a busy day, you’ve got a million different emails. You’ve got lots of tabs open, if you look at my computer.

Baldeep Dogra:

Yeah, I know.

Nathan Anibaba:

It’s very easy to click on a link that is sent from what you think is a colleague or an associate. How do businesses stop that, when actually in many instances, it’s just an innocent click?

Baldeep Dogra:

I know you can’t stop it all, can you? There’s bound to be something that somebody can’t recognize. I saw an article recently where some threats from the Far East were malformed URLs, where they were actually written in Cyrillic and not in the Roman fonts that we’re used to. If you can recognize that, don’t click on it. You can’t tell everybody that, not everyone can see that one font is different to the other and that it’s origin could have been from somewhere else.

So, yeah, I completely agree, not everyone’s at it. So, that’s why you need to be prepared for those external threats and one of those is ransomware, right?

Nathan Anibaba:

Mm-hmm.

Baldeep Dogra:

Which continues to plague every industry. Do you know that so far in 2021 alone, we were talking about 2021 just a minute ago, but so far, there’ve been about 304 million attacks and that’s an increase of 150% increase on last year. That includes high profile attacks like the Colonial Pipeline where they paid almost $5 million, but you know, it’s going to happen, but you’ve just got to be prepared for it and prevent anything like that.

Nathan Anibaba:

Help us put that kind of stat into perspective. I mean, what is the impact of that number of cyber attacks on business outcomes, on lost revenue, on performance, on productivity? I mean, help us quantify the impact of those cyber attacks a little bit.

Baldeep Dogra:

Yeah. I mean, I don’t have a firm amount on those 304 million attacks yet. I, I actually got it from SonicWall, some great stats. Last year we lost 20 billion to ransomware.

Nathan Anibaba:

Wow.

Baldeep Dogra:

And that was about 200 million attacks. So, I think we’re close to 40 to 50 billion this year so far.

Nathan Anibaba:

Just from companies paying-

Baldeep Dogra:

Just from companies paying out ransoms, yeah.

Nathan Anibaba:

Wow, that’s phenomenal.

Baldeep Dogra:

It’s a lot, I mean, Colonial Pipeline paid $5 million but the impact to their business, it’ll just dwarf the ransom that they paid. So, they just felt they had to pay it.

Nathan Anibaba:

Really interesting. Impact on brand, and reputation, and customer trust.

Baldeep Dogra:

Exactly.

Nathan Anibaba:

All the rest of it.

Baldeep Dogra:

100%.

Nathan Anibaba:

So, what’s the role of leadership in all of this? I mean, should it be driven by the CISO and the head of IT alone? Is it just their remit? Because it seems as though, when everything’s going well, they’re not really troubled and everyone’s saying that, “Yeah, you’re doing a great job. Continue doing what you’re doing.” It’s only when the company has an attack, is when they’re brought into sharp focus and everyone starts pointing fingers. It’s kind of a thankless task in many ways. What should be the role of leadership in identifying and mitigating cybersecurity threats?

Baldeep Dogra:

Yeah, the CISO role is very tough at the moment. I remember once having dinner with a bunch of CISOs, and this was about 11 years, or 10, 11 years ago, a CISO of a major international firm said to me he loved BlackBerry because it ticked his three boxes of securing data at rest, securing data in transit, and it prevented data leakage. That was then, and that’s still the case now, by the way but things have moved on with things like zero trust and the need to be cyber resilient. As such, you’ll find that the chief operating officer is key to making sure that hygiene is being driven.

The head of risk has a huge interest because risk to the financial outlay of what these threats will cause is very, very big on their agenda. So, the chief risk officer, or whoever is heading up risk will be pretty much accountable as well. But then you’ve got the CIO, who will play that pivotal role to ensuring that the infrastructure cashes those checks, that it follows through. It makes sure that they’re able to meet it from a technology perspective. But yeah, all the other heads have a place in saying, “Right, as a business, we need to approach this in a certain way. We need to make sure that we are resilient and that we do have continuous operations.”

But it doesn’t stop there because the leadership now have to count on other teams like the user experience team and other user groups. They’re just as important because they can help with that education. They can help contribute to reducing insider threats through knowledge, through using devices properly and apps properly, and that sort of stuff.

Nathan Anibaba:

I spoke with a CISO of a large financial services company the last year actually, and he said that one of the interesting things that they do is they actually interview those individuals responsible for some of the cyber attacks. Reformed criminals, they’ve done their time and they’re now talking to CISOs about how to prevent cybersecurity attacks. How much of the work that BlackBerry do really involves speaking to, and learning from these people? Because to a certain extent, cybersecurity is very much a reactive … or the perception from the outside, is that it’s very much a reactive program. There is a threat, there is a nefarious individual somewhere in the world, who develops some code, writes some code and attacks an organization. We are then reacting to then, what has been done. How much of what you’re doing is about being proactive, stepping into the shoes of the attacker and actually preempting the threat that is being proposed?

Baldeep Dogra:

Yeah. And that’s where prevention is better than cure. It’s like COVID, get the jab and it’ll help you in the long run. It’s the same with cybersecurity. When you think of the organization as a system, it’s very important to think of, “Right, what are the components of that system and how do we prepare that system for an attack? How do we prevent the attack?” That’s what we come in and that’s why our Cylance AI machine learning capability is very, very important.

What’s critical is that it’s been learning for the past seven, eight years. It’s a well-learned model. As you probably know, machine learning is only as good as how much it learns. We’ve learned a lot. Our model has learned a lot. So, all these attacks that you’ve seen recently, we could have prevented all of them and Colonial Pipeline could have prevented that ransomware from happening and they wouldn’t have lost the $5 million in the ransom, and they wouldn’t have lost the many millions in operational costs after that as well.

Actually, to us, that’s making a difference. We want to make sure our customers know that they can prevent all this stuff from happening. Educate the users, best practices. Every good security policy these days is tips on being able to identify malicious communications, we just discussed that. But what happens if they do click that link? We need to make sure that it doesn’t go any further.

Nathan Anibaba:

And then just bringing the interview to a close, Baldeep, I mean, what things are you most excited about when you’re thinking about the future of cybersecurity and the evolving threat that is always on the horizon, but yet still, quite far away? How do you think about what the future of cybersecurity looks like?

Baldeep Dogra:

On our last talk, I remember one of the other delegates saying we shouldn’t worry and he’s right. We shouldn’t really, because it’s not a good look for anyone, but we shouldn’t be complacent either. I honestly think that if you think of, when you’re at home, you lock your front door, you close your windows, you set your alarm up, you set up your security cameras. You’re doing that because of peace of mind, and that’s because that’s all we can do. Cybersecurity’s exactly the same. Be prepared to prevent those attacks, maintain the hygiene, educate users and review regularly.

Then the other thing, which I think is a mix of exciting and scary, is the next transformation in computing, quantum computing, and the revolution it will bring in computing speed, and cybersecurity will need to adapt as well. A well-learned AI/ML model will be even more critical to have when that happens.

Nathan Anibaba:

My final question, you’ve seen BlackBerry go through this tremendous digital transformation over the last 17 years. What advice do you give to aspiring brand and technology leaders about how they best handle their own internal digital transformations?

Baldeep Dogra:

Yeah, I think that’s a good question. I look after students as well in the team, and I always say to them, “Don’t follow a crowd if you can help it. Do something you enjoy, do something where your skillset can be used, broadened and made richer, and be prepared to learn and soak in the transformational change in technology because it’s going to happen.” It’s a daily thing. It’s very exciting for sure, but stay focused on the customer and the customers’ needs. Without them, we’ll be pointless. And it needs creativity, don’t be afraid to try something new.

Innovative thinking is more than just improving technology. It’s about adapting and improving behaviors too. And yeah, most of all, enjoy it, have fun.

Nathan Anibaba:

Great place to end. Baldeep, thank you so much for doing this.

Baldeep Dogra:

No, thank you, Nathan. It’s been great.

Nathan Anibaba:

If you’d like to share any comments on this episode or any episode of ClientSide, then find us online at fox.agency. If you’d like to appear as a guest on the show, please email zoey@fox.agency. The people that make the show possible are Zoey, our Booker slash researcher. David Clare is our head of content. Ben Fox is our executive producer. I’m Nathan Anibaba, you’ve been listening to ClientSide from Fox Agency.

Speaker 1:

Join us next time on ClientSide, brought to you by Fox Agency.