Cyber risks don’t respect borders. Vishal Rao, CEO at Trellix and an attendee at the Global Cybersecurity Forum Annual Meeting 2025, shares lessons from the company’s global operations on how cross-border and cross-sector cooperation can strengthen incident response, threat intelligence sharing, and workforce development in cybersecurity.

Cyber risks don’t respect borders. What lessons from Trellix’s global operations can guide cross-border, cross-sector cooperation in areas like incident response?

I agree entirely that cyber risks and adversaries don’t respect borders. At Trellix, we understand cyber risks and threats demand a united front. Incident response is most effective when nations, industries, and organizations move from siloed playbooks to shared cyber strategies built on transparency, aligned with industry standards, and joint exercises. When borders fall away in cooperation and collaboration, defenders gain the speed and agility needed to outpace adversaries. Two-way sharing of threat intelligence between public and private sectors is how we build a stronger defense.

In your twin roles as a CEO overseeing two cybersecurity companies, how do you envision the future of integrated security platforms?

From my vantage point, I see the future of integrated security platforms as a shift from fragmented point products to a more unified and cohesive ecosystem. Customers no longer want to stitch tools together – they want platforms that are open, intelligent, scalable, and adaptive, built with simplicity and resilience in mind. As such, open product integrations will be the defining factor in reducing this complexity and maximizing value for customers.

Additionally, integrated security platforms need to be more than “financial platforms” or a collection of point products under one commercial umbrella. The value of the platform is in the simplicity of the operational and management investment. This is the platform vision we bring to our customers.

What advice would you give CISOs on adopting new tech while keeping security strong and teams interconnected?

The role of the CISO today is very demanding and challenging. CISOs must be both innovators and protectors. The best path is to adopt emerging technologies boldly, but weave them into an interconnected fabric where security is shared, not siloed. Once teams feel aligned and empowered, security technologies become a catalyst for growth and not just another layer of defense.

CISOs today must be innovators, protectors, and collaborators.

How can the private sector and governments collaborate more effectively on threat intelligence sharing in combating advanced persistent threats? Can you share any examples of successful initiatives or partnerships?

Information sharing is crucial as cybersecurity is a shared problem. Our experience has shown that collaboration works best when governments and enterprises adopt a ‘mission-critical’ mindset toward threat intelligence sharing. A few examples include the Joint Cyber Defense Collaborative (JCDC) in the U.S., where CISA partners with companies to share actionable threat data in real-time, and Europol EC3, where, as a member of their advisory group on internet security, Trellix collaborates on IOCs and supports investigations and operational takedowns. Aligning government insights with private-sector telemetry reduces response time and strengthens overall protection.

There are areas where stronger collaboration would be beneficial for all, such as certification overlaps, which can vary by region. A recognized international equivalency could help streamline the regulatory process and reduce costs for customers.

Additionally, the CISA 2015 law, which runs out at the end of the government fiscal year, needs to be reauthorized to ensure that strong cybersecurity information sharing between the government and the private sector can continue with as much legal protection as possible. A failure to reauthorize the law would likely result in reduced information sharing with the government and among private sector partners, due to an abundance of caution from legal teams.

The global cybersecurity workforce shortage is currently at 2.8 million. How is Trellix approaching skills development, especially for women in cybersecurity, to bridge this gap?

This is a very important topic. Trellix is tackling the workforce shortage by investing in programs that expand access to tools, mentorship, and skill development. We’ve partnered with universities, nonprofits, and industry groups to build stronger candidate pipelines, with a particular focus on women in cybersecurity. From targeted internship programs to leadership development initiatives, our goal is to make cybersecurity not just a career path, but an inclusive community where diverse perspectives can help fuel stronger threat defense.

Additionally, we are leveraging AI in two distinct ways to help tackle the talent gap. We are integrating AI into our products and security platform to enable cyber teams to scale more effectively and efficiently as cybersecurity demands grow. Additionally, the future of work at Trellix is being shaped by the acceleration of our Enterprise AI adoption. We’ve already seen transformed operations and elevated customer and employee experiences through these AI innovations.

In your experience, what skills are most urgently needed for the next generation of cybersecurity professionals to tackle emerging threats?

Given the current state of cybersecurity, it is essential the next generation of cybersecurity professionals master both technical depth and strategic breadth. Skills in cloud security, AI/ML, and threat intelligence are critical, but so are essential soft skills such as collaboration, communication, and critical thinking. Cybersecurity is no longer just about building firewalls; instead, it’s about anticipating risks, managing complexity, and aligning security with business outcomes.

Related post

View all