8 minute read
CHARTING A NEW COURSE
from AN OPEN APPROACH
by cxoinsightme
IN AN EXCLUSIVE INTERVIEW, BRYAN PALMA, CEO OF TRELLIX, TELLS US HOW THIS NEW CYBERSECURITY GIANT PLANS TO TAKE THE XDR MARKET BY STORM.
What does your brand name mean?
Advertisement
When we were bringing two companies -McAfee and FireEye – together, we wanted to make sure we had a new brand and a new identity because we would do something different in the market. So we looked at what the existing branding across security looks like, and we found there were a lot of swords and shields and military-type analogies. That felt old to me because today, the threats are so dynamic. We’ve got nation-states involved in attacking corporations. The threats are constantly morphing and changing. So we thought this concept of living security seems more appropriate for today’s world - something that’s adaptable, organic, and changes and moves as you need it to. And that led us to think about the word trellis, an infrastructure that supports plants and trees. So we then changed that to Trellix.
How do you define XDR?
First of all, we don’t think about XDR as a specific product; we think about it as architecture. Today, collectively as McAfee and FireEye, we have a robust XDR portfolio. In my personal opinion, to call yourself an XDR player, you have to have an endpoint. We have two endpoints from FireEye AND McAfee sides that we are bringing together, and both perform EDR. And then you have to have security operation capabilities. We have that with a tool on the FireEye side called Helix. We also have a more traditional SIEM that we will leverage when integrated into our cloud-first security operations tool.
Is that Skyhigh Security, which was spun off recently?
That’s actually different. It is a CASB, and the secure web gateway is part of the Skyhigh business, which is focused on the security service edge market. We’re primarily focused on XDR. However, we ingest CASB and SWG as part of our XDR suite. But we also do that with over 600 other security technologies.
How do you plan to differentiate in the XDR market?
For starters, you got to have underlying XDR technology. If you don’t have an endpoint or a security operations console, I’m not sure you call yourself XDR. There are a lot of people doing that. We’ve got one of the most robust XDR platforms out there. So we’re going to continue to do a couple of things. We’re going to continue to innovate, especially when it comes to machine learning and data analytics. We think that’s a key piece. Second, we’re going to continue to automate and help security operations centres and analysts get more efficient and cut through the noise. Third, we will continue to be open and ingest from across the security landscape.
Will you continue to work with Mandiant now that they have been acquired by Google?
We have a very close relationship with Mandiant. Their CEO, Kevin Mandia, and I have a personal relationship. And we also have a multi-year business relationship with them, where we share telemetry, and they share threat intelligence. This relationship is going to continue to thrive and get stronger under Google.
Is it a good idea to automate security?
I don’t think it’s the only thing you can do. Many people think machine learning and automation can solve all these challenges we face now. I just don’t believe that I believe it’s a combination of getting more efficient through automation or getting better intelligence through automation. But you’re also always going to need people involved. So the question is, can you reduce the resources you need through automation?
What role would your Threat Labs play in the new company?
The Threat Labs is very critical to us. It’s an area you’ll hear a lot more from us. Historically, we haven’t had as big a microphone as we should have. We’ve been hesitant to break the news around vulnerabilities or malware. You’ll see us change that. But more fundamentally, we have over a billion sensors out in the market. We bring all that data back in, and we use that content to help power our products. Again, back to your questions about how we differentiate ourselves as an XDR vendor. We have some of the best telemetry in the business. And we’ll let that continue to power our Labs and our platforms.
Are you seeing any new threat vectors?
We know 90% of threats originate in email - it’s still very effective. We see a lot of business email compromise and impersonation-type attacks. We’re seeing them on email and also on mobile in the form of text. So that’s a very real problem. Ransomware continues to be a problem across the industry, especially for small and mid-sized businesses. We’re seeing what we’re now calling pseudo ransomware, which is not looking to collect a ransom, but wiping and destroying data. The big one is called HermeticWiper, which we found in Ukraine.
THRIVING ON CHANGE
RICK RUIZ, PRESIDENT OF STRATEGIC MARKETS AT KYNDRYL, EXPLAINS WHY THE IBM SPIN-OFF IS BULLISH ABOUT THE MIDDLE EAST REGION.
How do you plan to drive growth in the Middle East market?
We’re here because there’s so much transformation and innovation going on in this part of the world. We see the cloud taking off here, specifically the hybrid cloud. Every customer I meet talks about two things - cloud and modernisation. It’s even more pronounced here.
What is Kyndryl’s advantage?
So I like to think it’s two things. We’re a startup. But we’re a startup with 90,000 people and 4000 plus customers and decades and decades of experience in delivering mission-critical applications. As our chairman said, we are ready to support the hearts and lungs of the world’s vital infrastructure. So it is that scale and expertise coupled with our freedom of action that sets us apart. We were part of IBM, and of course, we were biased towards IBM. Now what we are biased toward is the needs of our customers.
You are building an ecosystem by forging partnerships with tech powerhouses such as Microsoft, AWS, VMware, etc. Can you share us with the strategy behind this?
Yeah, so it’s to go from predominantly an IBM portfolio to a portfolio that includes the full spectrum of solutions by forming strategic alliances with tech giants. You’ll see us start to integrate both our capabilities and their capabilities more together. The other thing you’re going to see us do is to improve our people’s skills. I’m very proud of the fact that we’ve increased the certification levels of our people manifold. It’s one of those unique things where it’s a win-win situation. It’s a win for our employees because they put their skills to improve their value, and they’re more involved and engaged. It’s a win-win for our customers because we bring more value to them. Especially here in the Middle East, we want to build up the capabilities of the people who live here or work here. We want to build up that capability by bringing in expertise from around the world.
The IT services market is already a bit crowded. How do you plan to stand out?
There are a lot of worthy competitors out there. What works in our favour are two things. Number one is we bring that speed and agility coupled with the scale. I think that gives us an advantage over some of the bigger ones. In addition, we’ve doubled the total addressable marketplace with what we’re going to go after. My division alone as an enterprise has capabilities in over 50 countries. So when we’re talking with a customer and if they need help in Turkey, Egypt, Saudi, or the UAE, we can deliver that because we have a presence. And also, some of the global partnerships we’re forming are unique, and not everybody has that strategy.
What is your addressable market?
Our total addressable market is around $500 billion, and before the IBM spin-off, it was about half of that. We are moving into new areas like data and AI and hyperscalers, where we weren’t allowed to play before.
How do you plan to transform your service delivery model?
In two ways. One is the skills- we are very people-intensive and capitalize on almost 90,000 employees worldwide. So it’s to scale them up and give them the tools and capabilities. The second is that we’re introducing more automation to our customers. This means freeing up our people so that instead of handling very mundane tasks, they can now upscale and move into the hot areas for our customers. So that’s where we see our ability to deliver uniquely versus many other companies.
Are you targeting any particular industry sectors here?
Yeah, we haven’t targeted a specific industry or sector. But we are very strong in financial services institutions, telecom, and transportation. We also have a lot of presence in the mining, industrial and retail sectors. Most of the needs of our customers in these areas are not specific to the industry. However, we will bring industry specialisation as we move into the new areas. But that’s probably down the road a little bit.
Which one is growing fast among your six core technology practices?
Cloud is growing fast all around. In every county, you see different stages in different growth. Here in the Middle East, we see a lot of cloud adoption. But, what is really starting to pick up is data and AI because customers have collected all this data, and now they want to do something with it. And the things I hear from our customers are cloud, digitization, and modernisation.
