Detection at Scale

Illumio's Erik Bloch on Getting Security Fundamentals Right Before Adding AI

Jul 15, 2025
Erik Bloch, VP of Security at Illumio, brings a wealth of experience from transforming security teams at giants like Cisco and Salesforce. He emphasizes the need for solid security foundations—like effective ticketing systems—before jumping to AI tools. Erik critiques traditional security metrics as often misleading and highlights the importance of aligning security with business goals. He also discusses how managed service providers might lead in AI adoption due to their structured processes, pointing out the critical role of data in making informed security decisions.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ANECDOTE

Early Career: Boxcar Investigation

  • Erik Bloch investigated a major Cisco source-code theft early in his career.
  • That Boxcar case led him to start and lead Cisco's CERT team.
ADVICE

Get Fundamentals Right Before Adding AI

  • Do establish basic processes and measurable metrics before buying new security tools.
  • Avoid relying on shiny objects to fix broken or missing processes.
ADVICE

Use Tickets To Measure Team Capacity

  • Use tickets and well-defined states to capture the work your SOC actually does.
  • Calculate team capacity and compare it to incoming volume to identify overloads.
Get the Snipd Podcast app to discover more snips from this episode
Get the app