In today’s cybersecurity environment—with new types of incidents and threat vectors constantly emerging—organizations can’t afford to sit back and wait to be attacked. They need to be proactive and on the offensive when it comes to defending their networks, systems, and data.

It’s important to understand that launching an offensive cybersecurity strategy does not mean abandoning traditional defensive measures such as deploying firewalls, intrusion detection systems (IDS), anti-malware software, patch management, security information and event management (SIEM), and other such tools.

Going on the offensive with cybersecurity involves taking extra steps to preemptively identify weaknesses before bad actors can take advantage of them. It means thinking like they do and anticipating their moves. While the idea of taking a proactive approach to security is not new, it has taken on greater significance given the level of risk so many organizations face today.

Threat hunting strategy

One of the most effective ways to be proactive with security is to deploy a threat-hunting strategy. Cyber threat hunting is a proactive defense initiative in which security teams search through their networks to find and isolate advanced threats that evade existing security tools.

Whereas traditional solutions such as firewalls and IDS generally involve investigating evidence-based data after an organization has received a warning of a possible threat, threat hunting means going out to look for threats before they even materialize.

Gain visibility

Several key components make up the foundation of a strong threat-hunting program. The first is the ability to maintain a complete, real-time picture of the organization’s environment so that threats have no place in which to hide. If the security team is not able to see the threats within their organization’s environment, how can it take the necessary steps to stop them?

Having the kind of visibility that’s needed can be a challenge for many organizations. The typical IT infrastructure today is made up of diverse, dynamic, and distributed endpoints that create a complex environment in which threat vectors can easily stay out of sight for weeks or even months.

That’s why an organization needs technology that allows it to locate each endpoint in its environment and know if it’s local, remote or in the cloud; identify active users, network connections, and other data for each of the endpoints; visualize lateral movement paths attackers can traverse to access valuable targets; and verify whether policies are set on each of the endpoints so they can identify any gaps.

Proactively hunt for threats

The second key component of threat hunting is the ability to proactively hunt for known or unknown threats across the environment within a matter of seconds. Security teams need to know if there are active threats already in the environment.

They need to be able to search for new, unknown threats that signature-based endpoint tools miss; hunt for threats directly on endpoints, rather than through partial logs; investigate individual endpoints as well as the entire environment within minutes without creating a strain on network performance; and determine the root causes of any incidents experienced on any endpoint devices within the environment.

Remediating threats

The third foundational component of threat hunting is the ability to respond to and resolve any threats that the security team finds within the same unified platform. Finding a threat is not enough—it has to be obliterated.

A threat-hunting solution should enable security teams to easily shift from threat hunting to response by using a single dataset and platform; quickly applying defensive controls to endpoints during an incident; learning from incidents and, through this knowledge, hardening the environment to prevent similar attacks,and streamlining policy management to keep endpoints in a secure state at all times.

What to look for in a threat-hunting solution 

A key factor to look for in a threat-hunting solution is the ability to use statistical analyses to better understand whether particular incidents are notable. That can only happen when a system can enrich data telemetry in real time, at scale, and in constantly changing situations.

Security teams can leverage every log source, piece of telemetry, and bit of endpoint metadata and traffic flow in an aggregated manner to get a clear understanding of what’s going on. Threat actors will not be able to get into an organization’s environment completely undetected. It’s only a matter of whether the threat-hunting team is leveraging the right data to track them down.

It’s important for security hunting teams to have high-confidence threat intelligence and to follow the right feeds. While enriching alerts with real-time intelligence is not always easy, it’s vital for success. Teams need to work with trusted sources of data and must be able to filter the data to reduce false positives as well as false negatives.

In addition to threat hunting, organizations can leverage services such as penetration testing and threat intelligence. With penetration testing, an organization hires a service provider to launch a simulated attack against its networks and systems to evaluate security.

Such tests identify weaknesses that might enable unauthorized actors to gain access to the organization’s data. Based on the results, the security team can make any needed enhancements to address the vulnerabilities.

Cyber threat intelligence is any information about threats and threat actors that is intended to help companies mitigate potential attacks in cyberspace. Sources of the information might include open-source intelligence, social media, device log files, and others.

Over the past few years, threat intelligence has become an important component of cybersecurity strategies, because it helps organizations be more proactive in their approach and determine which threats represent the greatest risks.

By being proactive about security, organizations can be out in front of the ever-expanding threat landscape. They can help to ensure that they’re not just waiting impassively for attacks to come, but taking initiatives to stop bad actors before they can act.

Learn how a converged endpoint management platform can help CIOs keep pace with tomorrow’s threats. Check out this eBook, The cybersecurity fail-safe: Converged Endpoint Management.

Security

By Hock Tan, Broadcom President & CEO

Since we announced our intent to acquire VMware last year, customers have expressed to me their excitement about VMware’s momentum around cloud-native apps in its Tanzu business. Tanzu is a central part of VMware’s software portfolio and its multi-cloud strategy, and will remain that way after Broadcom’s acquisition of VMware closes.

The future of enterprise IT is multi-cloud — the ability to distribute applications and services across a combination of clouds. A combined Broadcom-VMware will empower customers to modernize and architect their IT infrastructure with large-scale, secure, and reliable yet flexible solutions.    

The move to multi-cloud is changing the way modern software applications are designed and built. Kubernetes clusters, which VMware’s Tanzu business enables, have become a core component of modern software applications, making them more resilient, easier to manage, and capable of running in internal environments and between different clouds.  As a result, enterprises can accelerate the speed and agility of innovation within their organizations in a multi-cloud environment.

VMware-enabled software factories

VMware customers are leveraging Tanzu to run some of the most mission critical cloud-native applications in the world, including government agencies that are essential to national security. The battlefields of tomorrow are digital domains, which means the tools essential to a country’s national defense have to be both physical and virtual.

Just last month, the U.S. Department of Defense (DOD) announced a $9 billion investment in a multi-cloud infrastructure across all domains and classification levels. Even before this major move to multi-cloud, VMware’s Tanzu Labs has already been at work assisting DOD in building its digital defense capabilities by going cloud-native, engaging in workforce reskilling, and developing software. VMware Tanzu Labs partners with organizations worldwide to accelerate the delivery of software and modernize legacy apps, while reducing operating costs and risk working side by side with customers to build capabilities, transfer skills and knowledge, and instill a process that shows immediate and lasting impact. In a short time, Tanzu Labs has made an immediate and lasting impact on DOD’s efforts to use all its tools, virtual and physical, to protect U.S. interests.

Seven years ago, in response to the growing potential of digital confrontations with adversaries, Tanzu Labs sought to work with DOD to improve speed and agility in software development, starting with increasing the digital proficiency of U.S. soldiers and service personnel. With no existing footprint of tools, practices, or personnel, DOD and Tanzu Labs were starting from scratch when they first stood up a VMware-enabled Software Factory within the U.S. Air Force, and did it in only 120 days.

Today, the U.S. Air Force Software Factory is now self-sustaining, employing more than 1200 people who build mission critical systems that will increasingly leverage a multi-cloud strategy.  The DOD has followed suit by standing up additional software factories within the U.S. Space Force and the U.S. Army. Tanzu’s methods of enablement helped create a learning environment within the factories that provides foundational knowledge to soldiers, airmen, sailors, guardians and government civilians. The mission objective is self-sustaining factories that can continuously deliver enterprise grade software into the hands of constituents.

Executing on the mission: The Army Software Factory

When it was stood up in 2021, the Army Software Factory established several key objectives, including increasing overall digital proficiency throughout the Army; enabling Army soldiers to effectively defend and fight in an increasingly data-centric battlefield; solving real and virtual Army problems by leveraging agile development security operations in multi-cloud technology and cybersecurity; and harnessing the culture of the U.S. innovation economy through close collaboration with tech entrepreneurs and academics.

Since then, the Army Software Factory has worked with Tanzu Labs to train more than 100 Army soldiers and civilians in the art of modern cloud-native development practices, skills, and culture to prepare for defending and warfighting across real and digital battlefields. This training will have long-term benefits for the U.S. Army, helping to maximize the long-term scalability and sustainability of modern software development and delivery.

Building on VMware Tanzu’s work with DOD

DOD’s Software Factories are just scratching the surface when it comes to cloud-native application development and the future of virtual national defenses. With its multi-cloud strategy very much in the initial stages of development, DOD is building and deploying more modern applications every year.

Modernizing legacy systems as part of DOD’s move to multi-cloud is a national security imperative. Through its partnership with Tanzu Labs, DOD is poised to succeed by continuing to invest in software factories that build, secure, and deploy cloud-native applications for its national defense and warfighting capabilities. It’s a model that is also drawing the attention of other U.S. government agencies that are also embracing multi-cloud environments. Upon the close of Broadcom’s acquisition of VMware, we will remain committed to this partnership with DOD, and we look forward to building similar mission-critical collaborations across the U.S. government.

The move to a #multicloud future has the power to change how #software apps are built. Learn more from Broadcom

Cautionary statement regarding forward-looking statements

This communication relates to a proposed business combination transaction between Broadcom Inc. (“Broadcom”) and VMware, Inc. (“VMware”).  This communication includes forward-looking statements within the meaning of Section 21E of the U.S. Securities Exchange Act of 1934, as amended, and Section 27A of the U.S. Securities Act of 1933, as amended.  These forward-looking statements include but are not limited to statements that relate to the expected future business and financial performance, the anticipated benefits of the proposed transaction, the anticipated impact of the proposed transaction on the combined business, the expected amount and timing of the synergies from the proposed transaction, and the anticipated closing date of the proposed transaction.  These forward-looking statements are identified by words such as “will,” “expect,” “believe,” “anticipate,” “estimate,” “should,” “intend,” “plan,” “potential,” “predict,” “project,” “aim,” and similar words or phrases.  These forward-looking statements are based on current expectations and beliefs of Broadcom management and current market trends and conditions. 

These forward-looking statements involve risks and uncertainties that are outside Broadcom’s control and may cause actual results to differ materially from those contained in forward-looking statements, including but not limited to: the effect of the proposed transaction on our ability to maintain relationships with customers, suppliers and other business partners or operating results and business; the ability to implement plans, achieve forecasts and meet other expectations with respect to the business after the completion of the proposed transaction and realize expected synergies; business disruption following the proposed transaction; difficulties in retaining and hiring key personnel and employees due to the proposed transaction and business combination; the diversion of management time on transaction-related issues; the satisfaction of the conditions precedent to completion of the proposed transaction, including the ability to secure regulatory approvals on the terms expected, at all or in a timely manner; significant indebtedness, including indebtedness incurred in connection with the proposed transaction, and the need to generate sufficient cash flows to service and repay such debt; the disruption of current plans and operations; the outcome of legal proceedings related to the transaction; the ability to complete the proposed transaction on a timely basis or at all; the ability to successfully integrate VMware’s operations; cyber-attacks, information security and data privacy; global political and economic conditions, including cyclicality in the semiconductor industry and in Broadcom’s other target markets, rising interest rates, the impact of inflation and challenges in manufacturing and the global supply chain; the impact of public health crises, such as pandemics (including COVID-19) and epidemics and any related company or government policies and actions to protect the health and safety of individuals or government policies or actions to maintain the functioning of national or global economies and markets; and events and trends on a national, regional and global scale, including those of a political, economic, business, competitive and regulatory nature.

These risks, as well as other risks related to the proposed transaction, are included in the registration statement on Form S-4 and proxy statement/prospectus that has been filed with the Securities and Exchange Commission (“SEC”) in connection with the proposed transaction.  While the list of factors presented here is, and the list of factors presented in the registration statement on Form S-4 are, considered representative, no such list should be considered to be a complete statement of all potential risks and uncertainties.  For additional information about other factors that could cause actual results to differ materially from those described in the forward-looking statements, please refer to Broadcom’s and VMware’s respective periodic reports and other filings with the SEC, including the risk factors identified in Broadcom’s and VMware’s most recent Quarterly Reports on Form 10-Q and Annual Reports on Form 10-K.  The forward-looking statements included in this communication are made only as of the date hereof.  Neither Broadcom nor VMware undertakes any obligation to update any forward-looking statements to reflect subsequent events or circumstances, except as required by law.

No offer or solicitation

This communication is not intended to and shall not constitute an offer to buy or sell or the solicitation of an offer to buy or sell any securities, or a solicitation of any vote or approval, nor shall there be any sale of securities in any jurisdiction in which such offer, solicitation or sale would be unlawful prior to registration or qualification under the securities laws of any such jurisdiction.  No offering of securities shall be made, except by means of a prospectus meeting the requirements of Section 10 of the U.S. Securities Act of 1933, as amended.  

Additional information about the transaction and where to find it

In connection with the proposed transaction, Broadcom has filed with the SEC a registration statement on Form S-4 that includes a proxy statement of VMware and that also constitutes a prospectus of Broadcom.  Each of Broadcom and VMware may also file other relevant documents with the SEC regarding the proposed transaction.  The registration statement was declared effective by the SEC on October 3, 2022 and the definitive proxy statement/prospectus has been mailed to VMware shareholders. This document is not a substitute for the proxy statement/prospectus or registration statement or any other document that Broadcom or VMware may file with the SEC.   INVESTORS AND SECURITY HOLDERS ARE URGED TO READ THE REGISTRATION STATEMENT, PROXY STATEMENT/PROSPECTUS AND ANY OTHER RELEVANT DOCUMENTS THAT MAY BE FILED WITH THE SEC, AS WELL AS ANY AMENDMENTS OR SUPPLEMENTS TO THESE DOCUMENTS, CAREFULLY AND IN THEIR ENTIRETY IF AND WHEN THEY BECOME AVAILABLE BECAUSE THEY CONTAIN OR WILL CONTAIN IMPORTANT INFORMATION ABOUT THE PROPOSED TRANSACTION.  Investors and security holders may obtain free copies of the registration statement and proxy statement/prospectus and other documents containing important information about Broadcom, VMware and the proposed transaction once such documents are filed with the SEC through the website maintained by the SEC at http://www.sec.gov.  Copies of the documents filed with the SEC by Broadcom may be obtained free of charge on Broadcom’s website at https://investors.broadcom.com.  Copies of the documents filed with the SEC by VMware may be obtained free of charge on VMware’s website at ir.vmware.com.

About Hock Tan:

Broadcom Software

Hock Tan is Broadcom President, Chief Executive Officer and Director. He has held this position since March 2006. From September 2005 to January 2008, he served as chairman of the board of Integrated Device Technology. Prior to becoming chairman of IDT, Mr. Tan was the President and Chief Executive Officer of Integrated Circuit Systems from June 1999 to September 2005. Prior to ICS, Mr. Tan was Vice President of Finance with Commodore International from 1992 to 1994, and previously held senior management positions with PepsiCo and General Motors. Mr. Tan served as managing director of Pacven Investment, a venture capital fund in Singapore from 1988 to 1992, and served as managing director for Hume Industries in Malaysia from 1983 to 1988.

IT Leadership, Multi Cloud

A group of Google employees are yet again speaking out against Google’s defense contracts, this time asking the company to shelve its $1.2 billion Project Nimbus contract for the Israeli government and military. Google partnered with Amazon to bid for the project.

Under employee pressure, Google has previously dropped one US government defence contract (Project Maven), and shied away from another (JEDI).

In a video posted on Youtube, a group of Google employees including Palestinian, Jewish, Muslim, and Arab staff expressed their concerns over Project Nimbus, which they claim will provide surveillance and other forms of powerful AI technology to the Israeli government and military. They are also speaking out against “the anti-Palestinian bias” they have witnessed within the company. 

“By doing business with Israeli apartheid, Amazon and Google will make it easier for the Israeli government to surveil Palestinians and force them off their land,” said the group that calls itself Jewish Diaspora in tech.

While Google said Project Nimbus is a mere cloud computing contract for Israeli government, a report from The Intercept  pointed towards training documents and videos that showed Google is providing the Israeli government with a full suite of machine-learning and AI tools that would give Israel capability to surveil people and process vast stores of data on the Palestinian population.

Google employees’ protest against Project Nimbus has been led by a Jewish employee, Ariel Koren, who resigned from the company this week after protesting for over a year against the project and what she terms Google’s attempts to silence her.

“Instead of listening to employees who want Google to live up to its ethical principles, Google is aggressively pursuing military contracts and stripping away the voices of its employees through a pattern of silencing and retaliation towards me and many others,” Koren wrote in a letter to colleagues explaining her decision to resign.

Koren, who worked in Google’s marketing division, first spoke about the issue in an internal group for the Jewish Google employees, but said she was “put on moderation” by some group members, banning her from posting anything in the group.

She and other employees subsequently started the Jewish Diaspora in Tech group to continue their protest against the company.

As Koren resigned from Google, at least 15 other employees published audio testimonies against the company’s “anti-Palestinian” bias. Many among the activists are also holding press conferences in a multi-city protest across the US.

Tech giants face heat over political disagreements

Political disagreements among employees have been clashing with technology development and making talent shortages an even bigger issue among technology giants who are constantly trying to upend competition with new advancements in AI and other areas.

Four years ago, Google was forced to end its participation in a large US Department of Defense contract, Project Maven, which was supposed to use AI to interpret video information to target drone strikes. Four thousand Google employees signed a petition demanding the company and its contractors stay away from ever building warfare technology.

Seeing those protests, when it came to bidding for another DoD project called JEDI (Joint Enterprise Defense Infrastructure), Google decided to stand down.

Similar calls have been made by employees of Microsoft and Amazon against projects that have political leanings or implications on wars. Technology workers across the industry have been participating in several protests as they stand up and speak out against injustice.

While Google has been on the back foot in earlier protests, this time Google doesn’t seem to be backing off as it slowed hiring and pushed employees to work harder.

In a clear sign that dissent would no longer be tolerated at the firm, Google spokeswoman Shannon Newberry spoke to The New York Times about Koren’s allegations, saying, “We prohibit retaliation in the workplace and publicly share our very clear policy. We thoroughly investigated this employee’s claim, as we do when any concerns are raised.”

Aerospace and Defense Industry, IT Management

A group of Google employees are yet again speaking out against Google’s defense contracts, this time asking the company to shelve its $1.2 billion Project Nimbus contract for the Israeli government and military. Google partnered with Amazon to bid for the project.

Under employee pressure, Google has previously dropped one US government defence contract (Project Maven), and shied away from another (JEDI).

In a video posted on Youtube, a group of Google employees including Palestinian, Jewish, Muslim, and Arab staff expressed their concerns over Project Nimbus, which they claim will provide surveillance and other forms of powerful AI technology to the Israeli government and military. They are also speaking out against “the anti-Palestinian bias” they have witnessed within the company. 

“By doing business with Israeli apartheid, Amazon and Google will make it easier for the Israeli government to surveil Palestinians and force them off their land,” said the group that calls itself Jewish Diaspora in tech.

While Google said Project Nimbus is a mere cloud computing contract for Israeli government, a report from The Intercept  pointed towards training documents and videos that showed Google is providing the Israeli government with a full suite of machine-learning and AI tools that would give Israel capability to surveil people and process vast stores of data on the Palestinian population.

Google employees’ protest against Project Nimbus has been led by a Jewish employee, Ariel Koren, who resigned from the company this week after protesting for over a year against the project and what she terms Google’s attempts to silence her.

“Instead of listening to employees who want Google to live up to its ethical principles, Google is aggressively pursuing military contracts and stripping away the voices of its employees through a pattern of silencing and retaliation towards me and many others,” Koren wrote in a letter to colleagues explaining her decision to resign.

Koren, who worked in Google’s marketing division, first spoke about the issue in an internal group for the Jewish Google employees, but said she was “put on moderation” by some group members, banning her from posting anything in the group.

She and other employees subsequently started the Jewish Diaspora in Tech group to continue their protest against the company.

As Koren resigned from Google, at least 15 other employees published audio testimonies against the company’s “anti-Palestinian” bias. Many among the activists are also holding press conferences in a multi-city protest across the US.

Tech giants face heat over political disagreements

Political disagreements among employees have been clashing with technology development and making talent shortages an even bigger issue among technology giants who are constantly trying to upend competition with new advancements in AI and other areas.

Four years ago, Google was forced to end its participation in a large US Department of Defense contract, Project Maven, which was supposed to use AI to interpret video information to target drone strikes. Four thousand Google employees signed a petition demanding the company and its contractors stay away from ever building warfare technology.

Seeing those protests, when it came to bidding for another DoD project called JEDI (Joint Enterprise Defense Infrastructure), Google decided to stand down.

Similar calls have been made by employees of Microsoft and Amazon against projects that have political leanings or implications on wars. Technology workers across the industry have been participating in several protests as they stand up and speak out against injustice.

While Google has been on the back foot in earlier protests, this time Google doesn’t seem to be backing off as it slowed hiring and pushed employees to work harder.

In a clear sign that dissent would no longer be tolerated at the firm, Google spokeswoman Shannon Newberry spoke to The New York Times about Koren’s allegations, saying, “We prohibit retaliation in the workplace and publicly share our very clear policy. We thoroughly investigated this employee’s claim, as we do when any concerns are raised.”

Aerospace and Defense Industry, IT Management

By Hock Tan, President and Chief Executive Officer, Broadcom

I recently visited Washington, D.C. to meet with policymakers and government customers to talk about the future of cybersecurity. Broadcom Software solutions secure digital operations across the federal government, and our Global Intelligence Network (GIN) evaluates and shares insights on the ever-evolving cyber threat landscape with U.S. law enforcement and intelligence agencies to ensure the safety and security of our critical infrastructure customers and the cyber ecosystem.

During my visit, I had the honor of meeting two superb public servants working to secure our global information technology infrastructure: National Cyber Director (NCD) Chris Inglis and Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly. President Biden could not have selected two more talented and experienced leaders to work closely with the world’s leading IT security companies and IT-dependent government agencies that comprise our virtual and physical critical infrastructures.

JCDC Collaboration

It can’t be overstated: without public-private collaboration to secure our critical virtual and physical networks, economies and governments around the world would be at the mercy of bad actors. It’s in that commitment of collaboration to better protect critical infrastructures that I was proud to be nominated by the President of the United States to serve on the National Security and Telecommunications Advisory Committee (NSTAC), and why Broadcom Software was honored to accept Jen Easterly’s invitation to be one of the first private sector “alliance members” in CISA’s Joint Cyber Defense Collaborative (JCDC).

Formed in August 2021, the JCDC is an action-driven forum that brings together federal agencies and the private sector to strengthen the nation’s cyber defenses through better planning, preparation, and information sharing. The JCDC showed quickly it could make a difference:In February 2022, our threat hunters uncovered Daxin, a sophisticated malware being leveraged as an espionage tool. We discovered that Daxin was targeting foreign governments that were not our customers. Thanks to our engagements with CISA through the JCDC, we informed the CISA team of the threat, and they connected us with the appropriate officials from the targeted foreign governments. Together, we were able to detect the malware and remediate infected computer systems. Jen and the CISA team also issued a Current Activity alert that linked to a Broadcom-published blog, alerting other government and critical infrastructure networks about Daxin.  

The Future

Given the success of the JCDC, and Broadcom’s overall engagement with the federal government, you can imagine how thrilled and honored I was to meet Chris and Jen in person and talk about additional ways we can deepen an already creative, collaborative, and productive partnership.

As the NCD, Chris and his team are developing a national cyber strategy that they will be presenting to the President later this year. Chris has written that to better protect the cyber landscape, we will need to shift the burden away from individual end-users of IT products toward larger, better-resourced private and public organizations. Rather than leaving it to end-users to find and add security to the IT products and services they use on their own, Chris would like to see security developed and integrated into the overall IT infrastructure more holistically. We at Broadcom Software already have undertaken a number of initiatives designed to build-in security in the development, implementation, and maintenance of our products, ranging from supply chain hardening to Zero Day prevention and notification.  Not every vendor takes these types of proactive measures, which presents policymakers with important questions on whether it’s better to regulate or to incentivize this shift, or to use a combination of both. While there are no straightforward answers to these questions, Broadcom Software will continue to offer safe and secure products.

Chris and Jen also have been tremendous advocates to promote private and public initiatives to build a stronger cyber workforce.  And they are taking steps to do something about it.  The most important assets essential to the security of IT networks and law-abiding nations are the talented professionals who make cybersecurity their cause and calling. Yet, skilled IT workforce shortages require both expanding and upgrading our overall talent pipeline, as well as improving communications between and within governments and the private sector. Jen has been highlighting CISA’s Cyber Innovation Fellows initiative, where private sector employees can be “detailed” to CISA part-time for up to six months to better understand CISA and work to build stronger relationships between the public and private sector. Jen was inspired by a similar program run by the National Cyber Security Centre (NCSC) in the UK, which has been enormously successful.  And Chris recently hosted the National Cyber Workforce and Education Summit at the White House, which focused on building our nation’s cyber workforce by improving skills-based pathways to cyber jobs and educating Americans so that they have the necessary skills to thrive in our increasingly digital society.

While these are important initiatives, what resonated with me most in our meetings is the value of Broadcom’s partnerships with the public sector, and especially with leaders like Jen and Chris and their exceptional teams. Meeting them during my visit was an important milestone for Broadcom Software, but more meaningful to me and our team is the continued collaboration and positive impact we will have going forward to protect critical infrastructures across government and industry.

Hock Tan, President and Chief Executive Officer, Broadcom:

Broadcom Software

Hock Tan is Broadcom President, Chief Executive Officer and Director. He has held this position since March 2006. From September 2005 to January 2008, he served as chairman of the board of Integrated Device Technology. Prior to becoming chairman of IDT, Mr. Tan was the President and Chief Executive Officer of Integrated Circuit Systems from June 1999 to September 2005. Prior to ICS, Mr. Tan was Vice President of Finance with Commodore International from 1992 to 1994, and previously held senior management positions with PepsiCo and General Motors. Mr. Tan served as managing director of Pacven Investment, a venture capital fund in Singapore from 1988 to 1992, and served as managing director for Hume Industries in Malaysia from 1983 to 1988.

Data and Information Security, IT Leadership