Q&A: Cybereason CEO Lior Div on Responding to COVID-19

I have been actively counseling CEOs  on how best to respond to the ongoing COVID-19 pandemic, and wanted to make those recommendations available to everyone. Below, read a question and answer session with me on the COVID-19 pandemic. 

What has Cybereason’s response been to the COVID-19 crisis?

Responding to the unknown is part of our DNA. So when COVID-19 hit, we followed a playbook we have built over years -- not just a checklist, but a methodology to respond to the unforeseen. We certainly didn’t anticipate a pandemic, but as a cybersecurity company with deep roots in the military, we are constantly faced with different situations -- including crises -- that require us to respond to unknown adversaries that take different forms. 

With that in mind, our first step in responding to the pandemic was to try to really understand the magnitude of the situation globally. We developed an evolving guide to continually assess all areas of the business that could potentially be impacted. We examined these questions with careful deliberation: Are our employees safe? Is the transition to remote work simple and low stress? Is our business secure and can we continue to operate efficiently? And of course, what do we need to do to continue to protect our customers?

We identified eight key focus areas for our business and continually assess if we are responding and adapting appropriately across them. One focus area is employee communication. We are very deliberate about what we choose to say to which region of our team and ensure our rationale is sound for saying it. For example, not every government is responding the same way to the COVID-19 situation, and we are trying to respect each region’s differences and not assume that “one-size-fits all” for our entire global workforce.

Scrutinizing each of these focus areas happens every day with my management team without fail. We do it consistently and methodically. We assume nothing and question everything.

How did you handle the situation on the ground?

Cybereason has offices in Boston, London, Tel Aviv, and Japan - all of these areas have been impacted by COVID-19. In many ways, being a global company helped us respond effectively to this situation. We were able to anticipate changes to prepare our workforce as COVID-19 moved from country to country. There were no clear answers on how it should be handled, but we worked to get as informed as we possibly could. We managed to capture and understand the magnitude of the impact to businesses before it affected most of the countries we operate in. 

For example, two weeks before others in the U.S. considered closing offices, we already had the full playbook written based on our experience in Japan and started to use it locally in the US then EMEA. This enabled us to quickly decide what we needed to do to support our team and when. We sent our team to work from home in the early days of the crisis to make sure everyone was safe and comfortably settled. And we prepared to support our customers in any way we possibly could; not only in terms of their security but helping ensure the health of their other business functions where we had expertise they could benefit from.

We let our customers know immediately that we are here to take the load off if they need it. We began offering free monitoring services to our customer base so we can take some of the burden off them. This situation offered an opportunity for prepared companies to show leadership, and I’m proud we managed to do that.

How is the pandemic impacting your workforce and your company culture?

We are a cloud-first company. So when it comes to actually operating the business, the  transition to remote work wasn’t a big leap for our team, especially when compared to those companies that have never had to work outside of the IT perimeter. This was also made easier by the plan we have in place for how the company will operate if we don't have access to the office. The bigger challenge our team has faced is not rooted in technology but rather how to function remotely on a regular basis in a way that continues to push the business forward. Clearly this is something teams everywhere are feeling right now. I believe we are doing it well.

When it comes to maintaining our culture, I think we are showing real resilience. Perhaps what I am most proud of is how our company values have guided us through this time. As a CEO, I am obsessed with communicating and living our values. I wear them on my t-shirts; sign my emails with them; read them at the start of every company meeting. Obsessed. I believe that, in many ways, they’ve served as a compass for us during this time. 

One of our core values as a company is to #BeDaring. We try to live that every day, and this situation definitely calls for it.

Another core value is #UbU.You Be You. We don’t want employees to pretend to be someone different at work than they are at home. If you have your kids at home with you, you just won’t be able to respond to requests as quickly, or attend as many virtual meetings. And if you do attend that meeting, you may have a child on your lap. It is important to us that the team knows it is OK and that family comes first. 

A third core value is #EverEvolving. We immediately understood that this transition was going to affect the rhythm of the company. Most employees cannot work in a closed room and attend organized meetings with no interference. You have to accept that not all people will not be able to work continuously throughout the day. They will inevitably have to work in shifts at different times, to go to the grocery store, to take care of the kids, and so on. We do not want inflexible work expectations to add to their stress in any way. In the current situation, people’s personal and professional lives are blurred so we try to respect the way they need to prioritize their time.

What support are you providing your customers at this time?

The most important thing we have provided our customers thus far is the understanding that we can take care of any incidents that they face during this time crisis and new remote work realities. We are here to support them. 

This is the time to show our customers decisive leadership and genuine help. We gave our customers access to our security services at no cost for thirty days. If an incident happens, they can call us and we will handle it. We want to remove a burden from them, not add another one on. We respond immediately and enable our customers to be secure. Our job is to protect our customers through this unprecedented time.

Have you seen an increase in attacks against your customers?

Yes. The number of incidents we are seeing and the phone calls I am personally getting has significantly increased. The majority are related to hospitals and nonprofits, with needs arising from the pandemic. We have seen that hackers realizing that if they attack these kinds of organizations during the crisis, the probability that they get paid ransom goes up pretty significantly right now. Hospitals don’t have the time to handle a cyberattack in this situation. At Cybereason, another core value is #NeverGiveUp. I’m happy to say we managed to respond to all of these needs very quickly, even those that weren’t our customers but in desperate need of help to stay operating during the crisis. Attackers are accelerating right now, and we need to be there for our customers, especially those that don't have the manpower or ability to access their systems remotely.

How is the pandemic affecting you and your family personally? 

My kids are still able to attend school remotely, and it’s been fascinating to see that the educational process is actually working. I’m not sure if it works quite the same way, but it has kept them connected with their community and interacting with their friends.

Personally, I like to meet with people. It’s why one of our core values is #WinAsOne. I love the in-person back and forth that you can really only get when you are in the office. To be isolated at home, not interacting with people spontaneously, is not the way I like to operate. I understand the importance of staying home right now and support it, but personally I can’t wait to get back. If I could, I’d get all 600 employees from around the world together in person the minute we know it is safe. I thrive on their energy and enthusiasm to run the business. For now, I try my best to absorb that energy over Zoom. And so far, it’s working.


For more insights from Lior and other industry-leading CEOs, join us for a live panel this Wednesday, April 15th at 10:30am (EST) and don't forget to include any question you may have for our panel.


Lior Div
About the Author

Lior Div

Lior Div, CEO and co-founder of Cybereason, began his career and later served as a Commander in the famed Unit 8200. His team conducted nation-state offensive operations with a 100% success rate for penetration of targets. He is a renowned expert in hacking operations, forensics, reverse engineering, malware analysis, cryptography and evasion. Lior has a very unique perspective on the most advanced attack techniques and how to leverage that knowledge to gain an advantage over the adversary. This perspective was key to developing an operation-centric approach to defending against the most advanced attacks and represents the direction security operations must take to ensure a future-ready defense posture.

All Posts by Lior Div