Ray Rothrock: We woke up just a couple of years ago. When Target happened, there’s some bad software inside networks. How did it get there? We say, “I have firewalls. I have data leak protection. I have all these stuff.” It happens because of mobile. It happens because of email. It turns out that the perimeter isn’t really the perimeter. We all live in a cloud world. BOYD devices show up on the network, bringing bad stuff. Now, that we’ve come to the conclusion that the bad stuff is inside, how do we deal with it? That’s what started in 2013 to now. Everybody’s got the bad stuff. They know they have the bad stuff. The question for a Senior Manager is it’s not a matter of if. It’s a question of when and what do I do about it when it happens. That’s RedSeal. We tuck into that trend where your networks got problems. We help sort it out. That’s the industry view.
By the way, as companies become more network-centric or using digital technologies to run their business, they become more vulnerable. Let me give you a specific example. July 8 this year. United Airlines, The Wall Street Journal, and the New York Stock Exchange all had a digital problem and all three shut down. It was a cyber event but it wasn’t a security problem. They just got problems. These things are complex. Three companies on the same day. Now, it’s with the CEOs because if you shut down an airline for a day, you affect the revenues.
Sramana Mitra: This is getting much more complex than it has ever been, and it will continue to get complex.
Ray Rothrock: My point is companies are now threatened. Their existence is now threatened. It used to be like stealing emails or credit cards. Now, I can bring down a whole company. Sony was brought down. It’s moved from the VP Engineering. Now it’s in the Board room.
Sramana Mitra: If you turn the tables and ask the question what should a Board do. The Board Members are not really equipped to deal with this. They don’t know how to detect security issues. How does governance work in this scenario?
Ray Rothrock: They’ll have to have policies, and they’ll have to make investments. They don’t have to depend on their teams to implement them. That goes back to measurement. How do we know that a company’s revenue is enough? Because we have audits of financial statements. How do we know cyber security got better? How do we know that the digital world in which they operate in is stronger, better, and more resilient? They measure it. That’s where we’re headed. That’s what Boards are going to be demanding of their teams.
Sramana Mitra: What do you recommend entrepreneurs who have some cyber security expertise who are looking for the next problem to solve look at?
Ray Rothrock: It’s bigger than cyber security. It’s now cyber events. There’s interdependency in the complexity. In being able to sort it out and apply a policy, there’s a huge opportunity. RedSeal is just one player in that category. Another thing is social networking had a huge impact as well. I think that a virtual network that lives over the physical network. I’ve to believe that there could be some applications in the social networking world that could have a cyber application. It’s like real estate. You have the dirt. You got the building and people in the building.
The ability to track interaction or block that information is not simple. Then we have cloud. The cloud is huge. You’re not going to stop it. Being able to sort that out, manage it, and control it would be a cyber area. Moore’s Law hasn’t evolved enough yet to make that possible. It’s possible but not economically possible. I think encryption is still an area of great exploration.
Sramana Mitra: Great! Thank you for taking the time.