SME Times News Bureau | 03 May, 2018
Most
of Indian small and medium enterprises have just started to think
about the convergence of IT-OT networks, and among those who have
adopted, most are struggling to figure out how to manage it, Skybox
Security's Regional Sales Director for India and SAARC, Rahul
Arora, said in an exclusive interview with SME Times.
Excerpts
of the interview…
Please
tell our readers about Skybox Security and its entrepreneurial
journey.
Rahul
Arora: Founded
in 2002 by current CEO Gidi Cohen in partnership with Moshe Meiseles
and Eran Reshef, with the vision of combining modeling and simulation
technologies, visualization and intelligence in a single platform.
Skybox is a privately held company with worldwide sales and support
teams serving an international customer base of more than 500
enterprises in over 50 countries. Headquartered in Silicon Valley
(San Jose, California), with R&D based in Herzliya, Israel and
field offices in the United Kingdom and Western and Central Europe,
India, and Singapore; the company has over 275 employees.
In
October 2017, after achieving a compound annual growth rate (CAGR) of
46 percent and positive cash flow (2014 - 2016) and proven
innovation to meet market demand, Skybox received $150 million
investment for a total funding to date of $314 million. Skybox
intends to invest in sales and marketing, customer care and R&D.
It will also be used for potential M&A activity, to capitalize on
the approximately $10 billion market opportunity in cybersecurity
management.
Our
award-winning Skybox solutions are used by the world’s most
security-conscious enterprises, government agencies and organizations
for vulnerability management, threat intelligence management and
security policy management. Eighty percent of our customer base is
enterprise or large enterprise; more than 40 percent is in the Forbes
Global 2000. The company serves all industries, from financial
services, service providers, government and defense, energy and
utilities (critical infrastructure), technology, healthcare,
consumer, manufacturing, etc.
What
are the product and services Skybox Security offers?
Rahul
Arora: Skybox
builds best-in-class cybersecurity management software, the Skybox
Security Suite, on an integrated platform. Our software reduces
security risks that attackers can find and exploit, such as device
misconfigurations and policy violations, as well as exposed and
unpatched vulnerabilities. We use advanced analytics,
automation and threat/vulnerability intelligence, providing
technology solutions in three
core areas:
Network
visibility, which includes visibility of assets, security control,
network topology, vulnerabilities and threats
Vulnerability
and threat management, which includes the discovery, prioritization,
remediation and tracking of vulnerabilities across hybrid networks
and diverse environments
Firewall
and security policy management across hybrid networks, which includes
such things as rule/policy optimization and cleanup, compliance,
change management, and rule life cycle management
These
capabilities extend across highly complex networks, including those
in physical, virtual, cloud and operational technology (OT)
environments.
What
is the significance of IT-OT security management in today’s world?
Rahul
Arora: Industrial and
critical infrastructure is becoming a more prevalent attack vector
for the modern hacker and cybercriminal. Standard security controls
implemented on IT networks often don’t translate or interact with
the OT environment. This means that malware or malicious attacks that
would be detected through next-generation firewalls, packet
inspectors and intrusion prevention systems could slip through
into ICS or SCADA networks.
There
are also risks and vulnerabilities present in the software and
firmware of control system networks; their development
methodology and security practices were designed and implemented for
a very different security and threat landscape. These aging
technologies lack encryption capabilities, data validation principles
and other widely used security best practices that have evolved since
their implementation.
Added
to the innate security shortcomings of industrial networks,
the threat landscape is rapidly evolving due to the availability
of exploits and other attack tools available on the dark web.
Cyberattacks can be quickly and easily launched on a global
scale. This means future attacks are going to be faster, more
frequent and will impact a much broader front and, to top it
off, attackers don’t need advanced skills.
Without
visibility of the devices, connections and security posture of
industrial networks, critical attack vectors can slip through the
cracks. Visibility, consistency and continuity are key to
understanding and mapping control systems and integrating them with
IT systems for a complete picture of the attack surface.
Please
elaborate how your different range of products can help an
enterprise?
Rahul
Arora: Today's
security professionals are tasked with many things but it all comes
down to protecting the organization from attacks and data breaches.
This is complicated by many different moving pieces, such as
constantly evolving threats, a complex, always-changing network and a
toolbox that’s overflowing with products that generate siloes of
disconnected, disparate data.
They
are also struggling to keep up with the increasing number of global
regulations, including the need to report on compliance with those
regulations. They simply don’t have enough resources to meet all
these demands in a timely fashion.
Without
intelligently automated security management processes -- capable
of understanding the larger context of the business and network -- enterprises waste precious time, resources and budget on
manual efforts, false positives and point products. Skybox helps
address all of these challenges with advanced analytics,
automation and intelligence.
Everything
we do starts with visibility of an enterprise’s attack surface, all
the ways in which that organization can be attacked. Security
environments today consist of myriad individual technologies:
servers, workstations, firewalls and other various security controls,
asset and patch management systems, security analytics, threat and
vulnerability intelligence, and more. Different vendors lead to
disparate systems not talking to each other or sharing common
management interfaces.
The
Skybox Security Suite is a security management tool. It acts as an
orchestration layer, using APIs to automatically integrate these
diverse technologies. We import all that data into a central location
to create a single record of information about an organization’s
network -- wherever it is, on-prem, multi-cloud and even OT. We
then turn this into a dynamic, continuously updated model that can
that be used to understand and control how data moves throughout the
network -- where access is allowed, where it’s blocked, where
exposures and security weaknesses exist, etc.
With
this model, we use analytics and automation to help streamline core
workflows and processes in firewall/security policy management and
vulnerability and threat management. This is critical, as security
teams are struggling with having too much data to sort through and
simply too few people to do it.
The
core things we help with are:
-
Total network visibility, including assets, security controls,
network topology, vulnerabilities and threats
-
Attack simulation and path analysis (across hybrid networks)
-
Vulnerability management, including the discovery, prioritization,
remediation and tracking of vulnerabilities across hybrid networks
-
Firewall rule/security policy optimization and cleanup,
-
Compliance management / unifying policy across hybrid networks,
including on-prem, multi-cloud and OT networks
-
Change management for firewall rules/security policies— including
risk assessment of changes
-
Life cycle management of firewall rules/security policy across
hybrid networks, including on-prem, multi-cloud and OT networks
Most
importantly, our software can scale to meet the needs of the largest,
most complex enterprise and government networks in the world. In
fact, 20 percent of the Fortune 100 rely on Skybox, including six of
the largest NATO countries and seven of the world’s largest banks.
How
much are the Indian SMEs aware of IT-OT security?
Rahul
Arora: Most
enterprises, regardless of size, are only just starting to think
about the convergence of IT-OT networks. IT-OT security is now on the
radar of many stakeholders, however, they are struggling to figure
out how to manage it, for all the reasons stated above — having
visibility of the networks (in a single dashboard) and being able to
truly understand the pathways/connections, as well as the exposures
and security weaknesses.
Are
Indian SMEs lagging behind their global peers in this respect?
Rahul
Arora: We
do not have the data to speculate on the state of SMEs in India. We
do know that compliance management is the number one operational
challenge for Indian businesses. Without network automation to
streamline workflows, data collection and analysis, tracking and
reporting, security teams simply can’t keep up with compliance
requirements. This is just the tip of the iceberg, however, as
security teams must also be concerned with the day-to-day protection
of their organization, including identifying exposures due to
vulnerabilities and security weaknesses.
Please
share your future plans.
Rahul
Arora: Skybox
will continue to invest in India, and the APAC region in general, as
it's a strategic priority for us.The
IT market is growing in sophistication, with a lot of companies
fitting the profile of our typical customer — enterprises or
organizations that are managing very complex networks. Indian
companies are serious about compliance and security, but are facing
many of the challenges mentioned above. We offer the broadest
cybersecurity management platform to help them streamline both.
Since
India is such a geographically diverse country, our partners are
vital for the Skybox business model. Because of this, we expect to
increase not just the breadth but also the depth of our channel
network in India. These target partners will range from
Indian System Integrators (ISIs), Managed Security Service Providers
(MSSPs) to Value
Added Resellers (VARs).
Currently, we work with many ISIs to assist with customers of any
size and scale around the world -- continuing to invest and drive
these strategic relationships.
Largely,
MSSPs are the preferred partner for Indian companies looking to move
from a capital expenditure (CAPex) to an operational expenditure
(OPex) model. They can leverage Skybox solutions such as
threat-centric vulnerability management (TCVM) along with their
primary services. No one else in the market can provide total attack
surface visibility to their customers -- our MSSPs partners increase
their monthly recurring revenue (MRR) and reduce customer churn with
our solutions. Not surprising, Indian SMEs are also frequently
compelled to outsource their security to a capable MSSP due to
increased threats and lack of resources internally.
Currently,
we are launching an improved channel program and partner portal in
India which will allow for greater rewards and resources for partners
who invest with us. They will be able to register deals and gain
access to online or classroom training programs and market
development funds (MDF). I am excited for our evolving channel
ecosystem, as we strive to engage with our partners in better ways
than ever before. Our ability to integrate with more than 120
technologies is paramount because it gives our partners more
opportunities to cross-sell and upsell into their existing customer
base. This ability to normalize diverse technologies allows our
partners to offer a single pane-of-glass view, attracting customers
who were out-of-reach before partnering with Skybox.