Riding the UTM wave: WatchGuard interview


Following the announcement of 30 percent year on year [YoY] growth in Malaysia, Computerworld Malaysia interviewed firewall security provider WatchGuard's Asia Pacific vice president Scott Robertson to give his take on the Malaysian and the regional security market in the coming year.


New Scott Robertson - WatchGuard USE modified 

Photo - Scott Robertson, Vice President of Asia Pacific, WatchGuard Technologies

What are your views on Gartner's recent prediction that Malaysia's IT spend will increase 10.2 percent and reach almost RM69.8 billion [US$21.29 billion] in 2014 (with a similar positive expectation from IDC)?

We need to look at changing IT landscape, which is very different from what it was a few years ago, and its impact on local businesses includes a range of new technologies that businesses are embracing for improving their productivities and efficiencies. The embracing of smartphones, tablets and BYOD [bring your own device] has been supplemented by engaging in new employment contracts and employment models such as outsourcing, insourcing or right-sourcing.

Companies are expanding the perimeter of their networks far beyond previous boundaries: not only with internal and external customers. This extending perimeter is taking in new technologies and opening doors to potential threats. The security breaches of 10 years ago have evolved into very sophisticated attacks using social engineering apparently coming through a trusted source. You could have seven different types of breaches in a single email.

Businesses across industry verticals need trusted advice on how to combat threats. In addition, the regulatory component is driving many organisations to put into place many compliance controls in Asia Pacific. Also laws around the personal privacy have been put into place in many countries in Asia with penalties attached including Singapore, India, Malaysia, the Philippines and others. Reputational risk is also another driver.

Improving productivity and controlling costs needs to be balanced with mitigating risk. No one wants to be the next headline such as the South Korea breach where 20 million bank cards were hacked, the Target breach, Google Malaysia last year: when I was in Tokyo recently, there was news of local breaches. Wherever we go, every country will now have news of breaches. All sizes of companies are affected and remember each record is worth about US$200 in the black market.  

These shifts all show that IT, which we see as an enabling technology, will continue to influence purchasing decisions for 2014 and into the future: so the recent predictions of healthy IT spending by both Gartner and IDC for Asia Pacific and Malaysia seem well founded. Consider that following the elections, companies can plan ahead five or more years into the future.

You have announced positive results for Malaysia and the region in general: how do you account for this and how do you plan to cope with the demand for your services in the near future?

We take the approach to try and change the language when we talk with customers: we need to change the language within IT security as the general industry discussion seems to be about the bad things. However, I see IT security as an enabling technology. Security can be aligned with company goals, depending on the company's maturity.

All companies need to increase revenue while reducing costs: we all have the same objectives. We need to do these without forgetting to mitigate risks. Most IT departments have to handle these stresses on a day to day basis. The focus should be on how security can play a different role.

Examples of how security can translate into business value include the following: In Asia Pacific, a convenience store chain Ministop from Japan has 2000 stores in South Korea helped, which installed our appliances. While meeting their security requirements, we managed to help them cut costs by 30 percent while freeing up more time for their IT department to manage risks. In India, an Agile software development house Synerzip reduced its ISP bandwidth costs by 50 percent by moving to our solutions. In the Philippines, a business outsourcing [BPO] provider PanAsiatic Solutions, with 3,000 staff [including 24 hour call centre activities] gained the benefit of zero downtime when testing fall over  experienced zero call loss with more than 1200 active users.

We will continue to affirm that security is a business enabler as well as being a critical function of the IT department.

Our 30 percent year on year (YoY) growth in Malaysia is attributable to a few factors: business confidence has increased recently despite last year's fears of a soft economy and the uncertainty that accompanies any general election. While the response to our solution WatchGuard Dimension is warm around the world, the solution is recent (launched last November) and it is really the increasing acceptance and adoption of unified threat management (UTM) by mid and enterprise companies in the region that has been behind the wave of growth for us.  The success of the UTM space is still gaining momentum as companies compare UTM's advantages to the traditional firewall approach.

Malaysia is our largest market in Southeast Asia, and we have customers across all verticals with especial strength in government, manufacturing and utilities. Banking and financial sectors are also increasingly successful in the last 18 months. We have 100 percent growth year on year in the higher end appliances.  Incidentally, it is possible that the forthcoming GST [government sales tax] proposed by the Malaysian government for 2015 may also inspire a pre-event purchasing spree.

We are also noticing more interest from larger enterprises in the Asia Pacific region. The National Library of Malaysia for instance has demonstrated serious interest in our solutions recently and we will be releasing a positive case study on this.

 What excites your customers about your solutions and what do you have planned in the near future?

[Robertson conducted a live instance of WatchGuard Dimension loaded onto AWS (Amazon Web Services cloud).] As you can see, Dimensions capability to see and report into network traffic in real-time is generating a lot of interest. This has helped to open up new areas of the market above and beyond the mid-range.

According to a recent annual report by SANS Institute [security research institute], security reporting often relies on daily log sheets: 35 percent of the respondents spent zero time on reviewing the stored logs. Only 24 percent would review logs as part of their normal workflow. We have the data but how can we put this into a logical intuitive format to help security and business?

Connected to this behaviour, a Verizon 2013 report showed that in 66 percent of cases, breaches were not discovered for months or even years. One (1) percent of cases identified the breach by using log data. Bringing in a digital forensic expert to shift through thousands of pages of log data is expensive.

Dimension brings real time reporting of network usage, user behaviour, what sites have been visited, and what has been downloaded as just some of the activity that is tracked. Dimension can be deployed on your cloud provider or private network.

A range of live dashboards such as Executive dashboard will bring up and help you identify possibly suspicious or potential threats in real-time and network behaviours over any period of time including to the minute and in colours from green to red. These visual reporting displays can be downloaded as PDF reports if needed by the business. In addition, red zones can help you make a business decision based on visual representations of the data. This tool applies big data analytics to security.

We are always looking at new channels for security. For instance, our recent collaboration [February 2014] with Japan's Kyocera, means that SMBs can now enjoy the first UTM security platform and multifunction printer [MFP] solution. This is important because many SMBs do not have the resources for a dedicated IT or security professional. Now the best in class reporting capabilities of our UTM platform are at the reach of Kyocera MFP customers.

Also, in the forthcoming RSA Conference in San Francisco, we will be announcing a new appliance called Firebox T10 for SOHOs [small office/home office] and enterprise executives who need remote access with a security standard comparable to their organisation's corporate network.

During your conversations with local organisations, have you noticed changes in the CIO or IT head's role?

The role of the CIO or IT Head has changed in the last five to eight years. There was a gradual change to move IT from cost centre to an area of business enabler or innovation.

Briefly, many IT heads appear to be adopting the business strategy approach and appropriate language to talk about returns on investment to the CFO. There was a shift to for IT heads to report to CEO but I think mainly the reporting is to CFOs. The IT head needs to continue to position himself or herself as a pillar of the business and keep to the message of helping to drive the business.

This shift is in parallel with the need to change language when we talk about security. From negatives to business enabling positives.