Banking upon SOC based services, which have been intrumental in driving busines growth, Symantec is further planning to capture a larger share in the security market. In an
interaction with CRN India, Gaurav Agarwal, Managing Director – India & SAARC, Symantec, shares more details
How has been Symantec’s business in the Indian market; and how much is the company focusing on this market?
Blue Coat and Symantec have been functioning as one entity. Symantec used to be strong on the endpoint front, protecting loss of data through DLP, and working with most large banks, IT/ITeS companies, telecom companies. Whereas, Blue Coat was strong on the web access area for large enterprises. In the last 18 months, the integration has happened extremely well and with the combined capabilities of both Symantec and Blue Coat, we have the largest threat intelligence platform in the world. From our customer’s perspective, the advantage is that the sales person can showcase a large scale of offerings, unlike other security players who have point products. Recently, we also re-energised our SOC from India capability point of view. We re-launched our SOC in Chennai in August 2018 and we’ve seen tremendous traction. In India, traditionally we were not focused on selling SOC services; we were predominantly selling products. However, in the last six to nine months, we have enhanced our portfolio capability to sell SOC-based services. Overall, we’re growing twice the growth rate of the market.
Which key areas have given you a competitive advantage; and how are you leveraging emerging technologies?
Symantec has been using AI and ML for more than 10 years now – it comes naturally for building great security products. For example, our SOCs analyse 150 billion logs everyday. Conversions of 150 billion logs to 60,000 events to work on can only happen through the use of tools like AI and ML. Enterprises have numerous vendors, who speak different languages, have challenges and requirements. The biggest advantage that we have is the capability to replace point-products with a platform that can talk and understand every language. This ensures better integration and security postures. We have invested in a platform called ‘Integrated Cyber Defense Exchange (ICDX)’ which also integrates with other OEMs and partners in the industry, leading to better security.
Alongwith minor re-adjustments, we keep focusing on higher growth. When it comes to competition, we are watchful, but not worried because no other competitor has the scale, expertise and depth that we have.
How has been the market response to your SOC based services?
One of the high growth areas for us has been the SOC based services selling model in the last six to nine months. We are talking more and more about it with our customers and are seeing a lot of value. Large enterprises may have the tools, but not necessarily the skills to use those tools. This is where we can step in. We can help customers respond during the attack and post attack. We are seeing a lot of traction in this space and our business is growing at a much faster pace than our product business. In this area, we are working with one of the largest automotive companies, IT/ITeS companies and some of the largest state government bodies in the country.
There has been an increase in security budgets. Do you see that the budgets are being spent in the right direction?
Boards of companies not only want to understand security at a business level, but also the risks and how they can prepare better. Even the challenges that CTOs and CIOs have been traditionally facing with budgeting are being addressed. Now the challenge lies in whether they are prioritising the budget in the right way – figuring out what is the value of what you seek to protect. Then comes the challenge of getting the best out of the investments. In many circumstances, customers don’t have the right people, the right implementation, and the right skills to get the maximum out of the implementation.
In the past, you insisted on cohesive CCO and CIO collaboration. How will it work for the betterment of organisations and in turn, help you make inroads and offer your solutions?
A CCO ensures that the risk in the organisation is contained. Whereas, a CIO is responsible for choosing the tools that can contain that risk. Many times, the debate is about who has the right to choose the tools and whether the risk is big enough or not. Currently, I don’t think this collaboration is happening. The CIO of an organisation has a lot more maturity in choosing the tools and dealing with OEM vendors than the CCO, as traditionally, the CCO takes a more risk-based approach. Similarly, the CCO has a more mature understanding of risks than the CIO. In this scenario, vendors like us make sure that both understand the lengths from where they are coming, to ensure a cohesive decision-making process and outcome.
Between these two, where do you see the role of a Chief Digital Officer?
The initial role of a Chief Digital Officer was to help the Chief Marketing Officer (CMO). It was more of an external facing role which can help the organisation with digitising workflows, engage better with clients, suppliers and internal employees in the transition. The CDO also fits into the collaboration between the CCO and CIO to make sure that the digitisation journey is more user friendly and doesn’t increase security risks.
In terms of industries, which one has an increased focus on security spendings?
The government has clearly increased its focus on security. With the recent infrastructure investments, we see many growth opportunities. Secondly, we see good potential in startups, especially businesses which are built around e-commerce and mobile commerce. The manufacturing sector has been a little slower than banking, ITeS, telecom, and others. However, we are introducing some new solutions which should help the manufacturing vertical pickup speed as well. Overall, the new trend of migration to cloud has been a big driver for us.
There are many deployments happening in the cloud domain. What are the challenges faced in this area and how is Symantec positioned to help customers protect their cloud environment?
With migration to cloud, organisations establish a channel or connectivity directly to cloud. Secondly, when you move data to cloud, you have to understand how to protect the data in cloud, how to get visibility into the applications used by employees. Symantec has a solution for all the these As organisations move to cloud, they need to re-look at their security architecture, because the ownership of giving a safe cloud environment is with the cloud provider, but protecting the data is your responsibility.
The government is building cyber capabilities and conducting R&D on new technologies that can be leveraged for future. How can Symantec help in R&D and intelligence?
We share threat intelligence whenever the government requests. Right now, our work with the government is more towards helping them become secure by offering products and services in terms of both, threat intelligence, threat response, managed security services, etc.
In the overall journey, how critical has been the role of your channel ecosystem?
We are a channel based company and more than 90 per cent of the business annually gets transacted through the channel. Our partners extensively help us through the PoC, supply, post sales, implementation and in terms of people. We have partners who have good relations with both companies, Symantec and Blue Coat. In the last 18 months, partners have been through the journey of expanding their capability and portfolio.
What will be the key thrust areas for 2019 and beyond?
In terms of markets, our penetration in the enterprise vertical is very good. The revenue enhancements will come from the journey to cloud and SSL visibility. Customers need investments because the digital journey will need SSL inspection to facilitate the change to cloud. These two technologies will drive our enterprise discussions and most of our enterprise accounts. Most of our growth will be from SOC services, and SSL visibility, helping customers move to cloud from a security perspective. Symantec has made some great enhancements on the endpoint and technologies in the last six to nine months. Symantec has also recently bought Javelin, which helps protect active directory. The MSME space is where we would depend on our partners such as Airtel.