Hot Topics
Cloud-Native Security Topics 

Techstrong TV: From Facebook to Lacework

, ,
by Alan Shimel

Jay Parikh left Facebook and is now a co-CEO at Lacework. How did this come about and what does he hope to accomplish? We catch up with Jay to find out. Video is below followed by a transcript of the conversation with Alan Shimel.

Recorded Voice:         This is Digital Anarchist.

Alan Shimel:               Hey, everyone. Welcome to another TechStrong TV segment. I’ve got a first time TechStrong TV interview for you today. He is the co-CEO, newly installed co-CEO at Lacework, but he’s also pretty well known in our world to begin with. Let me introduce you to Jay Parikh. Hello, Jay, how are you? And welcome.

Jay Parikh:                 Hi, Alan. It’s great to be here. Thank you.

Alan Shimel:               Nice to have you here. We got your name right, right?

Jay Parikh:                 You did. You did.

Alan Shimel:               Good. I wanted to make sure we get it out there. So, Jay, I kind of set the table. You’re recently announced as co-CEO at Lacework, and we’re gonna talk about that. We’re gonna talk about Lacework in just a moment, but I thought we’d start off with you, Jay.

Our audience is a very – It’s a tech audience. These are cyber folks, DevOps, cloud native, digital. Many of them may have heard about you or know of you, but for those who haven’t, give them a little bit of your personal background?

Jay Parikh:                 Yeah. So before joining the Lacework team here in the last couple of months, I spent about a little over 11 years at Facebook as the head of infrastructure, as well as the VP of global engineering in the company from about 2009, till 2021 earlier this year. Was fortunate and blessed to have worked with an incredible team, saw incredible scale, challenges, technologically, organizationally, et cetera.

And we learned a lot. It was a fast-paced environment with all the scale challenges that we had, both in is supporting the user base, but also the overall business, new products. And the team at Facebook that I supported was responsible for the, as I like to call it, from the dirt to the device. So, the team had to go figure out where to go and build data centers.

And we custom built all of our own data centers, all the equipment that went in there, the entire networking architecture, as well as all the software systems that were installed on all of that infrastructure. So effectively, it was like a public cloud offering, but it was internal to Facebook and supported all of the family of apps that Facebook today manages, supports offers to the world.

Alan Shimel:               Excellent. And look, I mean, so I have a lot of friends who have either worked at Facebook over the years, or have dealt with, not just Facebook as a customer or user on the app or the web, but worked with the IT folks at Facebook. And you wanna talk about hyperscale right there. There’s Google, there’s Facebook, there’s Twitter, maybe Apple, hyperscale to the max. So, not a job for the shy or who [crosstalk].

Jay Parikh:                 No, when I arrived at Facebook, there was 300 million people using Facebook. And it was at that time, just facebook.com, the website. There wasn’t really a mobile. And when I departed earlier this year, there’s about 3.4, three and a half billion people using the family of apps, which includes WhatsApp, Instagram, Messenger, Oculus, all of that. So, pretty big numbers. It –

Alan Shimel:               Meets a good chunk of the world population, right?

Jay Parikh:                 Yes.

Jay Parikh:                 So Facebook’s now something you can be proud of the rest of your life and we’re on new adventures. And Lacework is today’s adventure. I think our audience – Look, I’m a cyber-guy for almost 25 years. I know Lacework, I know them because we deal with them here at Security Boulevard, at devops.com, and all of our sites, Container Journal, et cetera.

But as security vendors go, I don’t know if everyone out here in the audience knows Lacework. So why don’t we start there, Jay, let’s talk about what Lacework what Lacework’s about and maybe about why you were attracted to it, what you found it interesting.

Jay Parikh:                 Yeah, absolutely. So, I spent a couple of months before joining full-time as co-CEO with Dave Hatfield advising the company. So I was able to kind of come behind the curtains, really get involved with the team, help the team, start to understand more about the product, more about the market opportunity, the customer base, the technology, et cetera.

So that I got a much deeper understanding of how things worked, what the opportunity was, what the challenges were and kind of where the vision would take us in terms of overall building out and scaling the company and the offering. So in many ways, it was a great way to kind of come in and learn a ton more for a couple of months. And then the role kind of just felt natural. It wasn’t something that I think we had planned when I first started.

But I would say as you know, and part of that journey of sort of coming in and working with the team and learning, the underlying premise that Dave and the team told me when I first started to learn about Lacework around, first of all, we all know that there’s just a tremendous amount of activity in the cloud.

More stuff is moving to the cloud. The stuff that has been moved to the cloud is getting bigger. Enterprises are looking for the cloud for flexibility. They wanna move faster, they wanna bring new products, new value to their customers in a faster way, a more flexible way. There’s so much innovation or so much technology that you can get your hands on in the cloud and iterate and build quickly.

And that I think is just super exciting. And then you look at kind of the one – There’s a couple things that are in common for all of those enterprises in today’s world, no matter where you are in the world, if you’re in public cloud, if you’re in healthcare, if you’re in government, if you’re in consumer, if you’re in manufacturing, no matter where you are, are, and what you’re doing in the cloud, one of the biggest concerns that everybody has is cyber.

And the threat vectors that we know of today are just, I think, still a scratch on the surface of all of the unknowns that are gonna develop over the years. The cloud providers themselves keep offering new services, there’s services, third parties in the marketplace that people are leveraging. People are building new applications. So we’re still in a very kind of early stage of learning what it means to secure the cloud.

And the thing that’s really interesting to me about being at Lacework is our approach is, first of all, the company was started in the cloud and is only focused on the cloud. So we have no sort of legacy offerings or any kind of conventional approaches. And so the approach has been singularly focused on the crowd on the cloud so that we can maximize kind of the energy of building products that suit the needs and solve problems for customers today.

But because we’re using a data-centric approach, we collect a lot of data from a typical enterprise. We process all of that. We derive insights from that. And then derive the value in the different products that we offer to the customers. So things like anomaly detection with the polygraph system that allows you to really find that needle in a haystack, really find the problems before they compromise a big part of your environment.

And it requires a lot less manual work. The response time is far – We save people time, we save people. And we hopefully we’re able to help them find these problems sooner, which then either eliminates kind of other long lasting impact in hacks and whatnot, or find it quickly and so that they can respond to it quickly.

And I do think that just the data-centric approach is so important in today’s world and fast-moving cloud infrastructures and all the data and all the applications and all the containers and all the developers that are touching a production environment. You have to have just a machine based approach that’s on data.

And mining that data has been so instrumental in eCommerce, in social media, in all sorts of applications today in the internet. So that should be at the forefront of how to approach the hardest cybersecurity in the cloud problems today.

Alan Shimel:               Agreed. We do regular video shows, I call them TV shows, but they’re videos. A series a little longer than these interviews. They’re with a panel and they’re like 40, 45 minutes. We started a new one. I recorded the first episode of it yesterday on observability.

But really the conversation quickly turned to scale. And it’s the same issue we’re running into in cybersecurity now, too. For a long time, especially in cyber, it was about, can I get a log on this? Can I grab a log for this? So, whether I’m looking as it proactively or forensically, if I have that log data, I could see what the heck’s going on.

And for a long time, for the bulk of my 25 years in security, the game was about how much data can we capture, but the rules, the game’s changed in the last couple years, which is we could virtually capture every piece of data you want. The question is, can you handle it? What are you gonna do? Is it just data sitting in some data lake, or can you do analysis?

Can you take actionable intelligence outta there? Can you do something to prevent either this attack or the next attack? Can you make that data valuable, not monetize it, but monetize it? It’s not enough just to be able to collect data. That’s become a, so what? What are you doing with that data, is where it’s at. And as you said, it’s driven advertising, it’s driven social media, it’s driving application development, but it needs to drive security as well.

Jay Parikh:                 Yes, completely agree. Agree. And the thing is that the data keeps changing. People are deploying apps across multiple clouds. They’re deploying different technologies today. And keeping up with that is a very, very heavy lift for an average enterprise.

And our job at Lacework is really to be that technological platform that can collect all this data that can keep up with the changes in the cloud providers, APIs, logs, what’s happening in sort of the containers, et cetera.

Also, be able to bring in third party, other data, to kind of add to the mix of what is the understanding of normal, what threats could be out there, what are known threats that are emerging threats, and being able to sort of adapt, keep kind of changing kind of how the engine works and processes that data so that we can stay current in real time with how the world and how these infrastructures are changing over time.

And ideally over time, there’s, can we learn from the entire customer base and see trends happening more globally, and being able to deliver that insight and value back to customers in sort of a preventative case saying, “Hey, these things are known to be bad or these things could be problems, be careful if you’re about to take this step or that step.”

So that’s another thing when you can harness the data individually for customers, but collectively for the entire industry. And that’s one of the things that is super exciting about the problem in the product and also the technological scale challenges for us at Lacework.

Alan Shimel:               Agreed. Agreed. So let’s talk a little bit about co-CEO. As we were talking off camera, I’ve seen several instances of it over the last, instances where people co-CEOs. I mean, traditionally you saw it in very early startups where you had two founders and they were both CEOs, but then at some point it’s sort of one guy runs the engineering or one person runs the engineering and one person runs sort of the business.

They may keep that co-CEO, Monica, one may become CTO or COO, or what have you. Lacework’s a little back, it was already an ongoing concern that was fairly successful, bring you on now as co-CEO. How does that work? What was behind it?

Jay Parikh:                 Yeah. So, a couple of things here just to count. Dave and I have known each other back when we worked at Akamai. So for 20-some odd years, we worked together, we’ve always stayed in touch. And he called me up back in April, I think it was of this year saying, after I’d left Facebook, if I could come in and start advising and helping out.

And I’d planned to just help the team out. I just thought, “Hey, I can come in and help think through maybe some scale challenges or product challenges or some more organizational stuff.” And then as we got working together with the team here, the entire team, it just started to gel. It just was something where it just felt, I don’t know, it’s hard to explain, but it felt right.

We were working together, the team welcomed me and it felt natural like we’d been working together for a really long time. So Dave had come back with this, “Hey, we’ll be able to build the business faster if we have two of us. And I think it requires, one, is we have a very long tenure of having worked together, known each other, very strong trust between the two of us, a very aligned value system in terms of what we think is important to build an iconic and a tremendous company.

What we value in people, what we value in the culture, what we value from an execution perspective. Now, to be clear, my focus is much more on the innovation R&D side of the house of the company and days focused on go to market and business operations and a few other things.

And then we overlap in a bunch of areas for how we wanna run this company with the rest of the leadership team. So, I do think that it is a special model and the thing that Dave and I are really excited about working together is, we think that we can help accelerate the growth of the company because now there’s two of us, we’re gonna be able to help guide and help the team make decisions faster.

We can also get to more places because there’s two of us and we can sort of serve our customers and our employees better because we just have more cycles because of the two of us, but we are very, very aligned on everything. And it’s more fun this way. They always talk about these leadership jobs kind of being lonely. And this is a little less lonely, when we have each other to kind of talk through difficult challenges or opportunities, or be excited about things that we’ve won at.

Alan Shimel:               Absolutely very cool. I’m gonna be watching. I wanna see how this unfolds and how it comes out. I thought Lacework was well on their way to begin with. So, all good there. Jay we’re overtime actually, but it was a pleasure talking to you. I didn’t wanna stop. You know what, now that you’re part of the team over there though, you can’t be a stranger on here. So [crosstalk].

Jay Parikh:                 I’d love to come back. I will love to come back and –

Alan Shimel:               Standing invite, anytime you wanna come. We also do a lot of shows around security, CISO talk and stuff like that. Love to have you on a panel on those as well. They’re a lot of fun.

Jay Parikh:                 That sounds good.

Alan Shimel:               Good. All right.

Recorded Voice:         Great to chat, Alan.

[End of Audio]

Alan Shimel

As Editor-in-chief of DevOps.com and Container Journal, Alan Shimel is attuned to the world of technology. Alan has founded and helped several technology ventures, including StillSecure, where he guided the company in bringing innovative and effective networking and security solutions to the marketplace. Shimel is an often-cited personality in the security and technology community and is a sought-after speaker at industry and government conferences and events. In addition to his writing on DevOps.com and Network World, his commentary about the state of technology is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.

Alan Shimel has 55 posts and counting. See all posts by Alan Shimel