Featuring: Brad Schaufenbuel
Payroll & HCM CISO

In this brief but powerful video, Brad Schaufenbuel, VP and CISO at a major U.S. payroll and human capital management firm, explains why traditional security tools no longer meet the moment. His team faces targeted threats from extortion attempts to disruptions aimed at payroll systems supporting one in eleven Americans.

Brad shares why runtime protection, visibility across SaaS and cloud environments, and AI-powered detection are now essential. Watch the video and read the full transcript below to hear why his team trusts Mitiga to deliver fast, actionable insights when it matters most.

I’m Brad Schaufenbuel. I’m vice president and chief information security officer (CISO) at one of the largest payroll and human capital management companies in the United States, and I lead a team of 100 exceptional cybersecurity professionals.

We face a lot of the same threats that other organizations that have resources in public cloud do, as well as some that are pointed toward the payroll and HCM industry. For instance, we have threat actors who are trying to steal our customers’ data and extort us, as well as threat actors who are trying to disrupt payroll—since we pay one in eleven Americans.

Prevention is essential, but it’s focused on before the threat actually materializes. You need protection in real time, when someone’s trying to exploit a vulnerability that you don’t know about—like a zero-day threat. You need something that, at runtime, can identify that anomalous activity and stop it.

The things that concern me the most are the fact that I don’t have visibility across multiple public cloud resources, SaaS applications, and identities. Those tools are insufficient for breach detection because they’re focused on prevention. They scan your cloud assets, they look for known vulnerabilities and misconfigurations, and alert you to those so that you can fix them. But they don’t actively mitigate threats in real time.

Organizations should consider a cloud detection and response solution like Mitiga in order to get quick time to value, to get full visibility into their software-as-a-service, their public cloud resources, and their identities. And to get AI-based threat detection.