Q1. You’ve championed the idea of “enterprise-grade everywhere” to bring top-tier protection to SMBs. With nation-state actors increasingly targeting mid-market supply chains, how do you expect Broadcom ESG to evolve that vision in 2026?
The reality we’re seeing in late 2025 is that nation-state and APT actors don’t check your revenue before they scan your vulnerabilities. They are targeting the 'M' in SMB specifically because mid-market firms are often the digital backdoor into larger critical infrastructure.
In 2026, we are evolving 'Enterprise-grade everywhere' by increasing product and feature accessibility down-market. Making some of the most advanced capabilities like Adaptive Security easier to use for smaller teams that have to split time and resources in ways that dedicated enterprise teams don’t.
We also recently launched capabilities that don't just detect attacks but predict them based on living-off-the-land (LotL) behaviors. For 2026, the goal is to make Incident Prediction capability a standard for smaller companies, allowing teams to stop advanced persistent threats before data exfiltration begins, without needing a SOC the size of a Fortune 100 company.
Q2. In your opinion, what is/are the biggest mistake(s) organizations make when trying to scale endpoint detection and response (EDR) across hybrid on-prem and cloud environments?
The biggest mistake I see is 'console fatigue' disguised as modernization. Organizations often try to solve hybrid complexity by buying a shiny new point solution for the cloud and stitching it to a legacy tool for on-prem. They end up with fragmented visibility where data doesn't flow between the endpoint and the network layer.
When you scale EDR in a hybrid environment, the endpoint cannot be an island. If your EDR agent sees a process spike but can’t correlate it immediately with a suspicious network connection or a data loss event in the cloud, you’re flying blind.
We believe the fix is a data-centric platform approach. You need a single agent that feeds a unified data lake—what we’re doing by integrating Carbon Black’s telemetry with Symantec’s network insights. The mistake is chasing 'new' when you really need 'integrated.' You have to strip away the noise and focus on high-fidelity signals that span the entire hybrid estate, not just the laptop.
Q3. What key sessions or booth demos from Broadcom ESG are you most excited to showcase at Black Hat Europe 2025? What do you expect will be top-of-mind concerns for security decision makers at the event?
I’m particularly excited about the work our threat intelligence team is showcasing. Dick O’Brien, our Principal Intelligence Analyst, has some compelling new research on how ransomware groups are adapting their extortion models to bypass traditional defenses. He and our security strategist, Paul Miller are giving a talk on modern AI-enabled Red vs Blue teaming called AI Unleashed: The Next Generation of Cyber Defense and Offense, that you don’t want to miss.
At the booth, we’re showcasing the full power of the Symantec + Carbon Black. We’re demoing our Incident Prediction capability, which is a game-changer for stopping 'living-off-the-land' attacks where adversaries use legitimate tools to hide. We’re also showing our integration with Google Cloud, demonstrating how we can deliver SSE (Security Service Edge) protections with massive bandwidth performance—proving that security doesn't have to be a bottleneck.
As for top-of-mind concerns, NIS2 compliance is huge here in Europe right now. Leaders are scrambling to ensure their supply chains are resilient. Beyond that, the weaponization of AI is the elephant in the room. Decision-makers want to know: 'How do I protect my data from being fed into public LLMs?' and 'How do I spot AI-generated attacks?' Our demos are designed to answer exactly those questions.
