Blog
/
Zero Trust Segmentation

API Security CISO Richard Bird on the Power of Cyber Creativity

Raghu Nandakumara
Senior Director, Industry Solutions Marketing
May 14, 2024
23 min. read
Richard Bird, Chief Security Officer at Traceable AI

In cybersecurity, challenging the status quo isn't just a strategy — it's a necessity. It's the spark that ignites breakthroughs. It's the force that propels us in the ongoing battle against modern cyber threats.  

Recently, I had the privilege of talking with Richard Bird, the visionary Chief Security Officer at Traceable AI. Together, we discussed the latest cybersecurity innovation, including the power of storytelling and the strategic fusion of Zero Trust and API security. 

About Richard Bird: CISO at Traceable AI

Richard is a distinguished figure in cybersecurity. He is now the Chief Security Officer at Traceable AI, a top API security company. With extensive experience in both corporate and startup environments, he brings a wealth of knowledge to the field.  

His engaging presentations and distinct style are characterized by tattoos and bowties. They reflect his vibrant commitment to driving innovation in the cyber industry. Richard is a member of CyberTheory Zero Trust Institute. He is also an Executive Member of CyberEdBoard. He actively helps shape cybersecurity best practices.  

A non-traditional cybersecurity career path

Richard's unusual path into cybersecurity shows the power of diverse experiences.  

"There are very few things in my career that I'm just super proud of, and one of those is being a non-traditional technologist," he said "I didn't come from an MIS or CIS background; I came from a totally different track.”

Richard’s degrees in political science, international relations, and Japanese language alongside his time in the military and work as a construction project manager combined to make him a perfect, albeit unconventional, fit in tech.

"After I came out of the military, it just happened to be right at the nexus of time when project management was an extremely critical skill needed in technology. Somebody saw something in me that I didn't see myself,” he said.

Richard's transition into cybersecurity was serendipitous, driven by a blend of skill and opportunity – and creative thinking. If you've met Richard, you know he weaves storytelling and "mic drop" analogies into his cybersecurity approach.  

He cites music as a building block of his creativity and problem-solving mindset: “A natural inspiration and motivation touchstone for me comes from growing up listening to music. I heard incredible lyricists and musicians attack issues and problems within society with their words. When I speak publicly, one of my goals is to really connect with people emotionally.”

The cybersecurity gap: Awareness vs. action

Richard highlighted what he sees as a widespread issue of cognitive dissonance in the cyber industry: the gap between awareness and action. While organizations are better at acknowledging their security vulnerabilities, they are still finding it challenging to take the next step of securing against those risks.

Richard attributed this struggle to distractions and competing priorities in the corporate landscape which hinder efforts to proactively manage risks. When leadership doesn’t understand why security is important, they can’t prioritize budgets and initiatives effectively. From Richard’s view, creative storytelling can help bridge this divide, especially with non-expert audiences: "Storytelling is one of the major tools we have to help fill those gaps."

Extending Zero Trust to API security

As the Chief Security Officer at Traceable AI, Richard now focuses on one the most important and future-forward categories affecting the industry: API security.  

How does API security work? Think of it as having a lock on your front door, safeguarding your home. APIs act as the doors enabling software applications to exchange data. You secure your house from intruders by locking your doors. API security does the same for your data. It keeps unauthorized users out and stops them from tampering with it. It involves using security measures to thwart hackers from exploiting API vulnerabilities to preserve the safety of your digital assets.  

In today’s threat landscape, cyber resilience is critical for every organization. The best way to achieve resilience is through Zero Trust, a globally validated security strategy based on the mantra of “never trust, always verify.” For Richard, Zero Trust should be the “gold standard of cybersecurity,” especially with the proliferation of API use.

I asked Richard his thoughts on the future of Zero Trust and API security. Richard sees a cyber landscape where every layer, including APIs, is fortified with Zero Trust principles. This would create flexible, scalable networks that stay resilient against inevitable cyberattacks.  

As Richard succinctly puts it, "Zero Trust eliminates the easy ground," signaling a future where cybersecurity resilience is paramount. Mic drop.  

Listen, subscribe, and review The Segment: A Zero Trust Podcast

Want to hear my complete discussion with Richard? Listen to our episode on our website, Apple Podcasts, Spotify, or wherever you get your podcasts. You can also read a full transcript of the episode.  

We'll be back with more Zero Trust insights soon!

Related topics

No items found.

Related articles

4 Common Objections to Zero Trust Segmentation — And How to Overcome Them
Zero Trust Segmentation

4 Common Objections to Zero Trust Segmentation — And How to Overcome Them

Zero Trust Segmentation is a proven way to prevent ransomware propagation, but may seem overwhelming for IT leaders at midsize organizations. Here are four common objections we've heard from them and how to overcome each.

Read more
What Zero Trust Definitions Get Wrong – And How to Make It Right
Zero Trust Segmentation

What Zero Trust Definitions Get Wrong – And How to Make It Right

Get the definition of Zero Trust right by learning why Zero Trust is a destination but the work to achieve Zero Trust is a journey.

Read more
4 Things You Need to Know About Illumio at RSA Conference 2023
Zero Trust Segmentation

4 Things You Need to Know About Illumio at RSA Conference 2023

Join Illumio in San Francisco for RSA Conference 2023 April 24-27.

Read more
John Kindervag Shares Zero Trust's Origin Story
Zero Trust Segmentation

John Kindervag Shares Zero Trust's Origin Story

Learn how John Kindervag got started with Zero Trust, his early research into Zero Trust best practices, and his advice for organizations on their Zero Trust journey.

Read more
Get 5 Zero Trust Insights from Microsoft’s Ann Johnson
Cyber Resilience

Get 5 Zero Trust Insights from Microsoft’s Ann Johnson

Hear from Ann Johnson, Corporate VP of Microsoft Security Business Development, on cyber resilience, AI, and where to start with Zero Trust.

Read more
5 Zero Trust Tips from Cylera’s Chief Security Strategist
Cyber Resilience

5 Zero Trust Tips from Cylera’s Chief Security Strategist

Learn more about HIoT and medical OT security and how you can better shore up healthcare operations with Zero Trust.

Read more

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?

Learn more