Sramana Mitra: What does the opportunity landscape look like? What are the white spaces in the scope of what you are watching carefully?
Kelly White: This isn’t new, but in some ways, it is new. Digital transformation has driven organizations to rapidly outsource systems and services to a wide range of service providers.
This digital transformation has also been accompanied with a dramatic change in the architecture on which systems are built and operated. Think of the cloud ecosystems of Amazon and Microsoft.
There are brand new technologies in those platforms that didn’t exist 10 years ago and in some cases, two years ago. Those capabilities have come on so quickly and have provided such strong value propositions that they’ve been adopted faster than information security has been able to keep up.
There are two themes there. One is the rapid change in technology and the rapid outsourcing to third-parties. Information security is just getting good at traditional internal enterprise security. Now we’re seeing an increase in breaches that are occurring at third parties.
The internal enterprise processes and technology for managing that has not kept up. The second part is just the rapid adoption of new technologies and the cloud providers that are being used to deploy new systems. Information security is yet to develop effective solutions for those.
Because of that, you see some companies holding off completely on adopting cloud-based technologies. It’s just causing them to pause. You’re seeing the businesses just pause and say, “We’ve got to put the brakes on this because we’re not ready from a risk management perspective.” At the same time in the space of third-party risk management, companies don’t even know all of their vendors or what risk exposure they face with that vendor.
There’s a lot of white space. It’s like cyber security in the 90’s where it’s very uncommon that people had firewalls. That same frontier and opportunity exists in this space of understanding and protecting the new architectures that come along with cloud, and also managing that third-party cyber security risk.
Sramana Mitra: Who in the competitive landscape are attacking that problem in interesting, unique, and innovative ways?
Kelly White: RiskRecon and its competitors are certainly going after helping solve the third-party cyber security management problem. With that said, we all are innovating. RiskRecon is innovating very rapidly because of the vast opportunity there to increase our breadth and depth of assessments and automation to help solve that space.
We see tremendous innovation in our sector where there’s new functionality released on a weekly basis. In the cloud infrastructure space, you look at companies like ThreatStack that are doing things specifically engineered for that new architecture to help companies understand and manage that risk better.
We’ll continue to see innovation at an increasingly rapid space for new technologies, new approaches, and new data stores. The reality is that cyber security vendors are going to have to move faster than they traditionally have in order to keep up. That creates the white space. It creates opportunities for smaller and fast-moving companies to create solutions for that white space.
From an outcome perspective, we’ll see that the larger cyber security players will seek to acquire those smaller innovative companies filling the white space. The rate of technology change is going to continue to create opportunities that we can’t even predict.
Sramana Mitra: Thank you for your time.