Getty Images/iStockphoto
Cyber security and the channel
Leading lights in the industry give their assessment of where the cyber security market is headed in the second half of 2019
Where is the cyber security market going as we enter the back end of 2019? What are the opportunities out there for the channel? We canvas opinions from a number of those operating in the industry.
Ryan Compagnone, EMEA channel director, edgescan
“As-a-service is where all business is headed. From the perspective of an end-user, there is a huge cyber skills gap and an evolving threat landscape to contend with. Businesses don’t have the bandwidth to manage their risk effectively. Particularly when you start looking at complex areas like application and API security, where all business is under pressure to provide digital services rapidly, and security often takes a back seat.
“MSSPs have the opportunity to be heroes, negating the need for their customers to hire expensive in-house security personnel, while recognising recurring revenue, which we all want.”
Anna Russell, vice-president of enterprise data-centric security, comforte AG
“Looking at recent General Data Protection Regulation (GDPR) fines and new upcoming regulations, organisations around the globe see an urgent need to protect sensitive data. While there is a positive change in terms of the budget allocated to cyber security, most businesses have a hard time finding the right vendors and solutions to support sustainable, cross-regulatory compliance. In our data-driven economy, it is crucial that those solutions not only help you to comply, but also allow you to monetise data to stay on top of the game.
“As a company, we see a growing interest in data-centric security. More and more organisations are focusing on the protection of data, implementing a zero-trust architecture, rather than trying to prevent breaches.”
Andrew Clarke, director of strategic alliances and channel partnerships, EMEA, One Identity
“Whenever partners think about security, disciplines such as firewalls, AV and IDS/IPS spring to mind, but one area that is often overlooked is privileged access management (PAM) – a foundational solution that underpins other security approaches by controlling and managing admin/privilege accounts that, if used maliciously, could undermine the security solution’s function and behaviour.
“As new threats emerge, a root cause behind the threat has been identified as one where the attacker has gained privilege access and used that to escalate their access within a company – thus creating a springboard for other attack vectors.”
Mike Murray, chief security officer, Lookout
“As cyber criminals become more sophisticated and their attack methods more complex, there will be a greater need for advanced security. As a result, a trend we will see is the demand for cyber security technology that incorporates algorithmic machine learning and artificial intelligence (AI).
“With machine learning and AI security, businesses will have the chance to stay one or two steps ahead as there will be an improvement in the way modern threats are detected, analysed and remediated.”
Paul Reeves, senior partner account manager, Alert Logic
“Amidst a surge in high-profile hacks and mass GDPR fines, cyber security has become critical to the entire business. To fully secure workloads and stay ahead of cyber threats, companies need the right security technology for their environments as well as experts – including security operations centre (SOC) analysts, data scientists and security researchers – who can monitor, validate and escalate incident reports.
“Many businesses turn to security-as-a-service solutions to help solve the technological complexity and the shortage of security talent in the marketplace. This customer need offers channel partners an important opportunity to add value by extending their portfolios to include cyber security. By addressing pain points for their customers and providing assurance around the security of their IT environments, partners deepen their engagement with their customers, while adding valuable margin to their revenues, making for a win-win partnership scenario.”
Liron Barak, CEO, BitDam
“The number of malware attacks has risen year on year since 2010. According to analysts, this upward trend is expected to continue unabated.
“Reinforcing this prediction is the state of the cyber security landscape, which continues to strengthen the hand of the attacker. Resources, including public exploit databases and online courses, are readily available to them, they are rarely caught, and the proliferation of collaboration channels among organisations presents them with new penetration vectors and possibilities.
“Depending on the attacker’s incentive, these factors provide the opportunity to make good money and/ or hurt organisations that they believe cause harm to others without opposition or persecution.”
Ghazal Asif, senior vice-president of worldwide channels, Cybereason
“There is a definite trend around diversity and gender balance in the workplace and the partner ecosystem continues to become more diversity aware. Companies are offering science, technology, engineering and maths (STEM)-based programmes that target future generations. I am seeing more and more partners, resellers and VARs offering apprenticeships and new leadership programmes.
“And there is a particular focus on women. For instance, Softcat has an initiative around “women in the workplace” and its CEO would like to add more women to the board. Accenture has said it wants to have a gender-balanced workforce in the next five years.
“One of the biggest trends involves the transformation many VARs are experiencing going from a hardware to software business. In addition, value-added services are more and more a focal point as partners are having to emphasise their clear differentiators to close new deals. Their customers are smarter, more nimble and expect added value today. Finding ways to augment and expand existing services is really important in a crowded market.”
Marcus Bragg, vice-president of sales and marketing, AT&T Cybersecurity
“While technology is critical to the success of a good security strategy, if you don’t have the right people in place and processes to set it up, maintain and evolve it, it will fail. MSSPs should start by working with trusted vendors who will not only take the time to train them, but focus on building a lasting, loyal relationship.
“From there, they can start a discussion about how they can work together to build out a managed security service practice or ask for recommendations for other vendors to help build out the practice. Aligning with local educational institutions will also help MSSPs to get the best emerging talent, as the skills gap is an issue that isn’t solvable in the near future.”
Javvad Malik, security awareness advocate, KnowBe4
“Cyber security is an ever-changing landscape and the needs and demands are constantly shifting. However, specifically for the cyber security channel, the following are the key trends that will gain traction in the near future.
“Firstly, an increased focus on privacy, which will impact corporate strategies. The channel will be asked to offer more rounded offerings that protect data in all its forms. Secondly, the platform trend will continue and organisations will look for more holistic offerings with fewer moving parts and less management overhead. Thirdly, companies will look to evolve beyond check-box thinking and look for offerings that provide measurable and consistent change. This includes an increased expectation for offerings to be continually updated and refreshed.”
Matt Hurley, worldwide vice-president channels and strategic alliances, OneLogin
“Cyber security covers a broad umbrella of areas and it is often hard to figure out where to start. One area that is undeniably a must is to protect your employees’, customers’ and vendors’ identities. There are many approaches to this, but a simple fact is that for many organisations, password management is an expensive and never-ending task for stretched IT departments.
“IdaaS (identity as a service) is one way to reduce by 80% the complexities organisations face and solutions exist to easily solve this very complex task.”