Thought Leaders in Online Education: Felix Odigie, CEO of Inspired eLearning (Part 2)

Sramana Mitra: How do you go to market? Are people paying for different modules separately or do you have an all-you-can-eat kind of subscription model?

Felix Odigie: It’s a SaaS business model. We have different types of customers. We have enterprise customers, small business customers, and even have individual smaller  business customers who purchase their modules on our e-commerce platform. In other words, you can buy the product by the library where you have access to all of the products and you can deploy it to your employees, or you can just buy specific sets of courses depending on what you’re trying to enforce.

I did mention the other categories that we have like sexual harassment and HIPAA. Security awareness is our biggest because it’s quite prevalent but we have other compliance areas as well. We host the courses on our LMS which makes it easy to deploy to the customer and optimize the user experience. >>>

Thought Leaders in Cyber Security: Thycotic James Legg CEO and Jonathan Cogley (Part 3)

Sramana Mitra: The value proposition is still password management?

Jonathan Cogley: It’s a password vault but it’s really to prevent external or insider threats.

Sramana Mitra: Talk to me about what is the competitive landscape. This is a crowded space. What is the competitive landscape that you see around your product?

Jonathan Cogley: The space is getting crowded because there’s a bunch of people who are a little bit late to the party. Some of the big vendors are coming in. They’re trying to either acquire small startups that aren’t necessarily that successful and throw their weight behind it. One of the reasons we are able to succeed is due to the fact that we are a pure-play vendor. We don’t do anything else. CA is in the space too but they’ve entered recently. It’s much easier to beat them in deals because the customer can quickly see that this is not CA’s core focus whereas Thycotic has been doing this for 12 years. >>>

Thought Leaders in Cyber Security: Thycotic James Legg CEO and Jonathan Cogley (Part 2)

Sramana Mitra: What was that product that was the beginning of your transition from services to a product company?

Jonathan Cogley: The product’s name is called Secret Server. The simplest way to think about it is, if you think as an individual, all the passwords that you have are so many. They’re difficult to manage. There are some that don’t directly matter to you. We call them non-human passwords. You even have a few examples as a consumer.

If you think about the WiFi router at home, it doesn’t really belong to you but you need to know it and you need to keep it secure. If you think about that router, you need to know the admin password if you want to go in and change the specific settings for your home network. You need to know those credentials. If you roll that out to the IT department in an enterprise, they have those passwords except they are thousands of them. >>>

Thought Leaders in Cyber Security: Thycotic CEO James Legg and Founder Jonathan Cogley (Part 1)

Password management is a nightmare. See how the industry is evolving.

Sramana Mitra: Can one of you give us a background of the company and also please introduce yoruselves?

James Legg: I’m the CEO. Just to give you a background, Jonathan built and founded Thycotic and then decided he wanted some assistance in taking the company from roughly $25 million to $100 million. We’re fairly sizeable. He and I teamed up a year ago. Now we’re growing at a tremendous pace. I brought in several members of my team. This company today is growing at roughly 100% and we’re EBITDA and cash flow positive. We’re extremely profitable.

Sramana Mitra: Where are you located? >>>

Thought Leaders in Cyber Security: Amir Husain, CEO of SparkCognition (Part 5)

Amir Husain: Within our own area of cyber security, one of the things that’s happening at the large-scale level is that cyber security is being weaponized. This is very sad but it’s true. Cyber security is now becoming a weapon of warfare. You’ve seen where digital weaponry was used to rollback the Iranian nuclear program by almost two years. In that two-year period, space was created for a negotiated diplomatic solution to a crisis which, otherwise, would have resulted in a shooting war. God knows how many unknown examples that are not in the public domain exist.

Lately, there has also been an attack on the Ukrainian power grid. At the end of the day, nobody disputes the fact that that was a cyber attack. It brought 200,000 individuals off the power grid. These are large-scale attacks now and this is happening in the real world. The consequences and chances of digital threat resulting in actual physical damage are increasing.

They’re also becoming much more diverse. There’s already 500,000 cars in the US that could be remotely hacked. As they’re going down the highway at 70 miles an hour, you can call them to turn left or right. With self-driving cars, that will be taken to a whole different level. As this burgeoning industrial Internet >>>

Thought Leaders in Cyber Security: Amir Husain, CEO of SparkCognition (Part 4)

Amir Husain: There are lots of examples where we found binaries that were not registering on any one of the 60 different anti-virus engines and yet our machine learning anti-virus capability gave them threat rating as high as 80%. As we actually investigated the envelope manually, we discovered that there was an embedded threat, and that it was a mutation. Therefore, a signature-based system was not able to catch it. There’s lots of these examples. Now, we’re also starting to see in the cyber-physical domain where you have large physical systems where both natural problems as well as potential cyber threats can be tracked and discovered before they can cause any damage.

Sramana Mitra: Can we get to the last segment where the question is essentially, what is your view of emerging trends in the industry and open problems?

Amir Husain: I’ll first take a higher-level view above cyber security for a moment. One of the things that’s happening that is very revolutionary right now is >>>

Thought Leaders in Cyber Security: Amir Husain, CEO of SparkCognition (Part 3)

Sramana Mitra: I have a question in that context. There’s a lot of processing going on midstream of traffic coming in. Is it all happening in real time? How do you deal with delays and latencies?

Amir Husain: First of all, we’re not blocking things until the final answer arrives. In other words, we’re not inserting ourselves as a delay in the servicing of whatever requests our clients or customers are looking to service. All this data exhaust is going into our system and there’s a growing level of confidence being built up as deeper and deeper research is happening. You clearly don’t want to go to real-time NLP research query while you’re waiting on the customer to get their web page back.

Sramana Mitra: That’s right.

Amir Husain: We can do a lot of stuff in real-time, which is quicker. It might be knowledge that we have learned that we can apply. Still, there are things that might look fishy while you may continue to do what the system would have done as long as the action falls in the range of things >>>

Thought Leaders in Cyber Security: Amir Husain, CEO of SparkCognition (Part 2)

Sramana Mitra: Let’s take one of your customers and double-click down. In that use case, what I’d like to understand is where is the traffic being intercepted, how is it being modelled, what parameters is it being modelled against, and what is the nature of the AI algorithm driving this kind of predictive modelling.

Amir Husain: Just zooming out, let me first tell you how we deal with customers and what we provide specifically. We have a product called Spark Secure. Spark Secure can be deployed either in the cloud or on-premise. It’s delivered through a hybrid model. Spark Secure can ingest many forms of data. One of those might be, for example, proxy logs or firewall logs.

It looks through that semi-structured information. It can also look at binaries. It can also read articles and texts and textual description of security threats on the web. All of that data is used and fused together by these algorithms to build models of what constitute a threat. Not only is that threat detection capability >>>