{"id":7853,"date":"2026-04-17T10:01:00","date_gmt":"2026-04-17T10:01:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=7853"},"modified":"2026-04-17T10:01:00","modified_gmt":"2026-04-17T10:01:00","slug":"palo-altos-helmut-reisinger-sees-a-cyber-sea-change-ahead-as-ai-advances","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=7853","title":{"rendered":"Palo Alto\u2019s Helmut Reisinger sees a cyber sea change ahead as AI advances"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

In two decades,\u00a0Palo Alto Networks\u00a0has evolved from a next-generation niche player to one of the largest global cybersecurity giants today. Under its mantra of \u201cplatformization,\u201d the company has catapulted its revenues over its closest competitors and boosted its stock valuation to over $130 billion.<\/p>\n

No stranger to AI use in cybersecurity, Palo Alto recently announced its participation in\u00a0Project Glasswing<\/a>, an AI-based vulnerability-discovery initiative led by Anthropic that many are viewing as a structural shift for the cyber industry<\/a>. The initiative, which includes 10 other major technology companies as coalition partners, including AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, and Microsoft, aims to leverage Anthropic\u2019s Claude Mythos to improve the security of the software that underpins much of the world\u2019s technical infrastructure.<\/p>\n

It is in this context that Computerworld Spain spoke with\u00a0Helmut Reisinger, CEO of Palo Alto Networks for EMEA, in Madrid at the company\u2019s Ignite event on April 14. The interview was conducted in Spanish, a language that the multilingual Austrian executive and PhD holder speaks fluently.<\/p>\n

Following are excerpts from that interview, edited for length and clarity.<\/p>\n

Computerworld Spain: Let\u2019s start with the recent announcement of Palo Alto\u2019s participation in the exclusive Mythos project, which few companies have access to due to the power of this technology and the risk of it falling into the wrong hands. Or is this just a marketing strategy?<\/strong><\/p>\n

Helmut Reisinger:<\/strong> Indeed, this is a restricted release that only a few companies can access for vulnerability testing. We\u2019ve witnessed firsthand how this pioneering model represents a radical shift. With it, we\u2019ve detected zero-day vulnerabilities in an unprecedented number of operating systems and browsers. And it\u2019s capable of turning most of these vulnerabilities into working exploits, with all the risks that entails. For now, we can\u2019t say much more. We\u2019re currently working on providing more information through a\u00a0blog. In any case, the important thing is the context in which this is happening.<\/p>\n

On the democratization of AI.<\/strong><\/p>\n

Yes. At Palo Alto, we\u2019ve been using AI to improve cybersecurity for a long time. Back in 2014, we integrated\u00a0machine learning\u00a0technology into our systems, initially just\u00a0firewalls. But we also develop cybersecurity solutions specifically for AI. The major challenge today is that, according to a Stanford University report, only 6% of AI deployments are implemented with appropriate cybersecurity. And this is happening in the age of agents, where for every human identity there are approximately 80 machine identities, and even more if we include agents. That\u2019s why, thanks to our acquisition of Protect AI, a company founded by Ian Swanson, formerly head of AI at Amazon, we\u2019ve launched a security solution for AI deployments, language models, and agents.<\/p>\n

This is just one of several purchases Palo Alto has made recently, correct?<\/strong><\/p>\n

Yes, we just closed the deal [in February] with\u00a0CyberArk<\/a>, a leader in identity security. At Palo Alto, we\u2019re convinced that AI and identity are two worlds that must go hand in hand, especially now in the era of generative systems and agents.<\/p>\n

Another acquisition we recently completed, in January, and which falls within this context of addressing the current AI landscape, is that of\u00a0Chronosphere<\/a>, a leader in observability. Chronosphere is capable of managing and protecting massive volumes of AI-generated data at a lower cost \u2014 half the price \u2014 of other market players. This is an important acquisition because observability is essential in cybersecurity.<\/p>\n

And finally,\u00a0we\u2019ve acquired Koi<\/a>, a deal I expect will close in a few days. Koi\u2019s technology focuses on agentic endpoint security \u2014 protecting businesses from the risks of using AI agents and autonomous development tools operating on users\u2019 devices. Koi\u2019s technology will be integrated into our Cortex XDR platform to monitor what AI agents are doing on users\u2019 computers and detect if they are being manipulated to execute malicious commands.<\/p>\n

I imagine effectively integrate all these companies presents significant challenges.<\/strong><\/p>\n

That\u2019s right, because many IT companies, when they make acquisitions, focus more on contractual than technological integrations, but that\u2019s not our approach. Our strategy involves complete technological integrations, like Protect AI, which is now part of our network platform. This aligns with our commitment to platformization using a modular system.<\/p>\n

It\u2019s clear that \u2018platformization\u2019 is the company\u2019s mantra and a way to simplify life for customers, but doesn\u2019t it also create greater dependencies, including vendor\u00a0lock-in?<\/strong><\/p>\n

Yes, we sometimes hear clients say they don\u2019t want to put all their eggs in one basket. But that\u2019s precisely why our strategy is modular, so the client can decide. It\u2019s also true that all the clients who have experienced a massive data breach have opted for complete platformization. In fact, our founder [Nir Zuk] has always said that \u201ceveryone will switch to platforms as soon as they suffer a mega-breach.\u201d<\/p>\n

The speed of platform adoption, therefore, will be determined by the client themselves, their business, their use cases, their existing contracts, and so on. We are also making efforts to reduce costs to encourage clients to migrate and simplify their platformization process. Furthermore, we mustn\u2019t lose sight of the fact that the approach to cybersecurity must be comprehensive; it\u2019s a global chain.<\/p>\n

Regarding cost, Palo Alto has a reputation for having powerful but expensive technology. What\u2019s your opinion?<\/strong><\/p>\n

Compared to the level of protection we provide our customers, our technology isn\u2019t that expensive. On the other hand, the cost also reflects all the innovation included in our solutions.<\/p>\n

How do you see Palo Alto Networks\u2019 major competitors, primarily Fortinet and CrowdStrike?<\/strong><\/p>\n

The cybersecurity market is fragmented, but we lead it. That said, we have to win every single day.<\/p>\n

The current, highly turbulent geopolitical climate is having a significant impact on the cybersecurity field, as well as on customers\u2019 IT purchasing decisions. Does being a US player in Europe affect Palo Alto? Are you seeing a shift among public sector clients toward more local options?<\/strong><\/p>\n

CISOs with high levels of responsibility know very well that a wealth of telemetry data is essential for effective protection, and that\u2019s why we aren\u2019t seeing a decrease in demand. That\u2019s the primary reason. Furthermore, each region and country has its own legal frameworks and regulations, which we fully respect. In fact, we were among the first companies in the world to sign the\u00a0European AI Act\u00a0and ensured we also obtained the corresponding national certifications.<\/p>\n

Our view on sovereignty is that we must find a balance between perfect sovereignty and zero sovereignty. When we talk about sovereignty, we can refer, for example, to hardware. Regarding this issue, we must accept the interdependence we have between different global markets; this happens, for example, in the field of chips. But if we talk about data sovereignty, this is something that can be easily achieved.<\/p>\n

We implement the Bring Your Own Key\u00a0(BYOK) policy for many clients\u00a0to ensure that the telemetry data sent by their devices is encrypted and protected. We are not interested in accessing the personal data our clients handle; we only use telemetry, application identity, user, and device data. It was precisely thanks to this type of analysis that we were able to discover the attempted intrusion using SolarWinds<\/a>, although, as it occurred years ago [2020], it was carried out using\u00a0machine learning\u00a0tools.<\/p>\n

How is the current war in Iran affecting the threat landscape?<\/strong><\/p>\n

This has many implications. Our Unit42 team recently published\u00a0a report<\/a>\u00a0outlining how the joint military offensive launched by the United States and Israel activated the Iranian-aligned cyber ecosystem, creating a scenario of digital confrontation that transcends the region and combines\u00a0hacktivism, political messaging campaigns, and pressure on critical infrastructure.<\/p>\n

In this regard, I want to bring up the issue of sovereignty again because what can a company do if its infrastructure is, for example, bombed? In other words, what does the concept of sovereignty mean in an emergency situation? We already have clients in the Middle East who are rethinking their sovereignty strategy because of this situation. Furthermore, as we saw earlier, we are talking about telemetry data, not other types of data. Ultimately, all of this shows that the concept of sovereignty is fluid.<\/p>\n

Returning to Europe, in less than two months Palo Alto will be opening new offices in Spain and, in addition, a \u2018hub\u2019, correct?<\/strong><\/p>\n

Yes, we want to establish a center of excellence here. In Europe, in addition to Madrid, Palo Alto has large offices in London, Amsterdam, Paris, and Munich. From Madrid,\u00a0Jordi Botifoll\u00a0has been leading the business for 87 countries \u2014 not only in Southern Europe, but also in the Middle East, Africa, etc. \u2014 for the past three years.<\/p>\n

And what are your expectations for the new center of excellence? Why have you chosen Spain?<\/strong><\/p>\n

Cybersecurity requires a lot of technological expertise, and Spain has very good engineers who can help our clients in case of emergency, both through our incident response unit, Unit 42, and through our partners, such as Telef\u00f3nica Tech, Kyndryl, and Orange, because ours is a technology company, not a service company.<\/p>\n

How many employees do they have in Spain, and what will the number of employees be at the new center?<\/strong><\/p>\n

I can\u2019t break down local numbers, but overall, across the entire company, once the 4,000 CyberArk professionals are integrated, we\u2019re already around 20,000 people worldwide. Our main development centers are in California and Israel, although we also have others in Poland and Lithuania.<\/p>\n

Looking ahead, significant challenges in information security are coming with the arrival of the post-quantum era.<\/strong><\/p>\n

Yes, and we\u2019re already preparing. We\u2019ve launched Quantum Safe Security<\/a> to help organizations get ready for the post-quantum era. Because the big question scientists and experts are asking now is when \u2018Q Day\u2019 will be, which might arrive sometime between 2029 and 2035. Furthermore, integrating CyberArk technology will help ensure that credentials used by machines cannot be compromised through quantum decryption.<\/p>\n

The cybersecurity of the future must be real-time, highly automated, and simple for customers, or what we call modular \u2018platformization.\u2019<\/p>\n

Finally, what would you say is the biggest challenge for CISOs today?<\/strong><\/p>\n

Shadow AI<\/a>. We must prevent AI from suffering the same fate as other technologies in the past, creating what\u2019s known as\u00a0shadow IT. AI deployments must be accompanied by robust cybersecurity. And AI and identity management must go hand in hand. Another concern is the fragmentation of solutions. I was recently speaking with an executive at a large European bank who told me they have 60 different solutions; the gaps between these systems are a clear invitation to attack.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

In two decades,\u00a0Palo Alto Networks\u00a0has evolved from a next-generation niche player to one of the largest global cybersecurity giants today. Under its mantra of \u201cplatformization,\u201d the company has catapulted its revenues over its closest competitors and boosted its stock valuation to over $130 billion. No stranger to AI use in cybersecurity, Palo Alto recently announced […]<\/p>\n","protected":false},"author":0,"featured_media":7854,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-7853","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/7853"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7853"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/7853\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/7854"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7853"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7853"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7853"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}