Anirban Chakravartti, Global VP, Channel Sales, Forcepoint, discusses about his organisation’s channel work in India and abroad in this exclusive interaction with us.
You’d like to talk about surveillance in data management?
We are a cyber security company. So, we think about the market differently compared to what the competitors are doing. Our main focus is human behavior and understanding two aspects: first, whether the identity of the person is right and secondly, if the intention of the person is right. Normally what happens is, a person wants to impersonate somebody else, and that’s where the exposure happens. Or somebody unintentionally clicks a link and exposes critical information of the organization, allowing attackers access to your network. So there is an intentional objective or an unintentional objective of an individual’s and the second one, which is very important, has the intention of the person changed?
I’ll give you an example. Normally, within an organization, everyone will have same set of policies and the security threat level of individuals will remain exactly the same. However, say, if I walk out of the organization and go 50 miles on the right or left, my security posture and risk levels might change, but the policy still remains exactly the same.
Forcepoint is the only company in the world right now, where our policy changes dynamically depending upon where you are, depending on the situation of individuals - from where and why users are accessing data, what critical data they are accessing and potential risk to critical data. Forcepoint has three technologies to protect users and critical data. The first one is called Dynamic Data Protection. So all your data, which is flowing back and forth, is encrypted, however, the traditional approaches to data protection tend to be rigid, limiting enforcement to permit or block only. Whereas, Dynamic Data Protection using a behavioral analytics engine, makes sure high-risk activity is prioritized and automates policies to protect critical data in near real-time, providing the highest security with the greatest end-user productivity.
The second one is called Dynamic Edge Protection, which is basically talking about the network and you have network devices consisting of SD-WAN, firewalls, proxy, all taken into one. And you’re basically using the same behavioral analytics to provide risk-adaptive security. And the third one is Dynamic User Protection, where we are protecting user interface. Behavior-analytics is used to identify risky behaviors to protect critical IP leaving the organization.
Can you talk more about behavior analytics?
We have a UEBA analytics engine which is machine learning (ML) and AI. We monitor individuals behavior over a period of time, categorizing it as normal behavior. And if you have deviation from the “normal behaviour”, the risk parameters, and accordingly, the policies move up and down depending upon how the individual’s behaviour changes. For example, every human being has a certain behavioral pattern. You come in every morning, you do few things which are standard for every day; you normally don’t change your patterns. For example, I only access certain set of information within the company. I normally don’t go to certain databases and start downloading. Now consider, somebody has been in the company for a long time and suddenly the system monitors that individual is downloading certain critical financial information. The system policies will automatically move up the risk level of that individual from green to amber. Further, if the system sees that he’s trying to download the information into a USB stick or taking a print out, the risk level will change from amber to orange. The moment the individual is trying to download the information from a USB stick, we will encrypt the data, so that the USB can be only opened within the company’s network. This is basically AI and ML enhanced and we are using is it across all our products.
If you look at the entire cyber security market, the objective of the market was, I will protect the attack surface, whereas, we are saying that protecting the attack surface is going to be impossible. We are protecting the individuals and critical data using behavior-centric dynamic protection. That’s our strategy.
So what are the challenges you’re facing?
Market awareness, the biggest challenge is market awareness. Behavior analytics is a totally different way to look at things. If you look at the last seven years, a trillion dollars has been spent on technologies, yet 90-95% of organizations have been breached globally. We are changing the paradigm the way organizations think and approach cybersecurity. Organisations can use our technologies in such a way that we can go stepwise, we’re not saying you have to replace everything. Start from somewhere using our technology and slowly start integrating other feeds, because we will go to ingest and ingest data from other products also. And that’s the biggest challenge because the industry has been trained to buy point products only. For e.g. every organization today wants to buy a Cloud Access Security Broker (CASB). But if CASB is not going to talk to DLP and doesn’t have behavior analytics, CASB is of no use to the organization. Because you may know your critical data is moving to cloud but how do you know, what is going from Cloud downstream? What critical data is going to cloud? Is that data really supposed to go to the cloud? Has the behavior of the person changed? Currently, if organizations are not doing all that, just having a CASB is of no use to anybody.
As a nation we are very dynamic and have individuals who display different sets of behaviour patterns. In this context, have AI and ML been adapted to address this situation?
I don’t think it has reached that point to be honest with you. AI monitors the framework based on certain patterns. The bigger the data pool, the better the analysis. And, that’s what AI does. What it is doing? It is seeing a pattern over a period of time and it’s creating a frame of reference based on the usage pattern. Now, if we look at India’s cultural aspect, the way people react to situations here are very different from, say, how one would react to the same situation in the US or UK. Similarly, the way Asians, Japanese, Chinese, or Indians would react is a little different. AI can take care of all that because it uses the same logic provided the pool of data is there.
Does behavioral pattern changes for different work profiles, one may have in different companies?
Yes, before I joined here, I was in a different company, and my profile of that job and my profile of this are totally different. As an example, I’m doing a global channel role, but I might be doing a global sales role before, so my behavior is going to be totally different because if I’m running global sales, I’ll access SFDC, I will do forecasting. In a global channel role, I’m looking at a program, I’m looking at channel data. So my behaviour is based on that pattern and AI can adapt to it.
In your global channel position, what is your role? And how do you want to expand your channel base in India?
I have been in channel all my life, and it’s been very good. I’m very proud to be part of Forcepoint, because the entire company and the management believes in channels. Many companies say it, but we have done everything possible in the last one year when I joined, of executing so that the channel gets the benefit. And it is a trust relationship. You can get enormous amount of force multiplying effect with channels, if you do things right. My first philosophy is making sure that we have a predictable and consistent program, so thatchannels can make money over a period of time. That’s number one. Making sure we can enable the channel properly, I’m investing quite a lot to enable the channel. We just launched a couple of programs, one, we are training partners on services as well as sales. At the end of the day what are we here for?We want to make sure the customers are happy. But my job at Forcepoint is to make sure our channel partners, who are interested in working with us, are trained properly so that they can deliver the same message with a very consistent view. That’s number two. I want to make sure they’re profitable. We’re running their businesses, we need to make sure they’re profitable. So that’s number three. And the final thing is, we want to partner with channels who’s interested in working with us, not just one time of the year. I want a long term relationship with the channel partners at Forcepoint. I’m looking for partnerships. We are very strong. If they are willing to invest, I’m willing to invest because I do not have bandwidth to invest in 5000 people. So, I’m looking for partners who are committed to us where we will go all the way - train them, provide the support, provide the demo units and make sure they make money, all these things which we are doing, we are creating a phenomenal program which is called Forcepoint Global channel partner programme. It has multiple layers. It has a medal program, it has a program for GSIs. It has a programme for Accredited Service Partners (ASP) and we also launched a partner portal. In the portal, you can do deal registrations, you can view your renewals, you can claim your MDF, you can apply for MDF, you can see your partner status. And on top of that, you can see your service ticketing status, everything on a single portal. So what does this do? My goal is , we want to develop a frictionless channel, globally. That is my motto for the company. The channel should feel they’re an extension of our organization. They should not feel they’re sitting on an island. I want them to be a part of the family. And that’s what we are trying to do as a company. The entire ethos of the company is to bring the channel together. We did our annual sales kickoff (SKO) and we were the first company to bring and make the channel guys sit with us for every training we did. There was no training we did where our sales were different than the channel salespeople. So whatever training we’re doing for our internal people, we’re doing exactly the same for the channel. We don’t consider them to be any different than us and I mean it from the bottom of my heart. I know for sure, if they feel the trust factor, I need not to worry about growth, it will automatically happen.
What is the geographical spread of your company in terms of channel base across India?
In 2020, India is going to be one of the focus countries outside the US where we will be investing heavily.
Are you also located outside the tier one cities?
We have partners outside of the Tier 1 cities. We reach these markets through our distributors, the tier-2 and tier-3 markets.
Do you have any channel expansion program in these locations?
We are expanding every day and we are investing heavily. We were with our distributors, Inflow and iValue last week. We spent quite a lot of time with their CEOs. The objective is to basically drive mix, work with them very closely to go after the mid-market, if you will, and invest with them going forward. So from the program standpoint, from a resource standpoint, from training standpoint, and most important things like the partner portal, we are making it easy for them to work with us.
Also, it’s not a question any longer, if you’re going to give margins to partners because everybody can give margins. However, is it easy to work with a company?That’s the most important thing. You will be amazed to know the momentum I’m having because of the partner portal. I’ve spent multi-million dollars on the portal. It’s a single sign on. You can seal your deals. You can see what has been approved. You can see your MDF documents. You can claim your MDF money. You can file for new MDF, new marketing programs you want to do. You can do all your system training on the side, exactly similar to what we do for our internal people. You can see your service tickets; it’ll tell you exactly what the status of the ticket is. You can also see how many people have been certified, what are your marketing dollars and how much revenues are building, the entire portal gives you one snapshot. What is important is that I’m making the administrative burden for the partner come down drastically, to make them profitable. See, there are two ways to make things profitable. Either you drive to more bottom line, top line and at the same time bottom line. But people do not look into the middle band from where efficiencies come. Our job is to win, we will focus on the top line and bottom line because everybody wants growth. But I want to make efficiency as one of the key areas where partners see value working with Forcepoint - Forcepoint is making my life easy to work with. They are a committed set of people, they believe in channel. And I want to work with them.
I’m seeing a massive momentum coming to us in the last eight weeks now. I am working with my strength when I say that I want to make my channel successful. And I’m not saying for the sake of saying, we are seeing the growth coming out of the channel and our entire company believes the investment which we have done in 2019; we have done maximum investment this year, and the same goes for 2020 and the same goes with India.
What is the growth rate of your channel?
Depending upon the region, I would say, whatever the standard cyber security growth is happening, we’re growing faster than the market. My North America business is doing phenomenally well. My India business is growing very well. Europe is growing very well and as I said, I’m growing at an average rate faster than the market. And the most important thing, the trust factor of the market has drastically changed for Forcepoint. The partner ecosystem doesn’t build a relationship on a one day affair. And we are trying to change that saying, I’m there with you in a long run. And therefore, I’m doing all these specific investment with the channel so that they see the value in working with us. I’m not saying that I’m going to give you a deal and I’m going to walk out.
This is a problem which is erupting now with many companies, as they are migrating to cloud and digital platforms. They are trying to, you know, marginalise the channel and this is really interfering with the channel businesses.
I am very clear, distributors and channels of Forcepoint are going to keep going even if I go to cloud. I will continue working with the distributors. And the objective is to use distributors marketplace. That’s the strategy going forward.
How are you doing as compared to some other companies who are also working in the field of cyber security?
I think we are doing good although it is very hard to compare, to be honest with you, because there are only a few companies who would have a portfolio of products like we do, we do network, we do data, we do end user.
What are your unique advantages? What is your edge over others?
Human-centric security is the most important thing; our objective is very clear. At Forcepoint, we want to make policies dynamic. The rest of the market’s policies are static. We are the first people in the industry to start talking about this and it is resonating well. Because your security posture changes drastically when you’re outside this room, the question is, how do others react? Nobody reacts to the dynamic policy, we are the only guys in the market and this is the vision of the company, to make it dynamic, because we come from a background of very protected environment. As you may know, we are owned by Raytheon. So at Forcepoint we understand the sensitivity of data much better than anybody else in the industry. We understand the sensitivity of data because we protect countries. So we know how that works. And I think we bring a huge value to the marketplace from that perspective.
You said that in next year India is going to be one of the focus countries. So how do you see the Indian market vis-à-vis the more evolved markets?
I think people here are very smart and astute. As far as investment is concerned, people are interested in knowing, they are interested in investing. I think the important aspect is, they’re very cautious. They’re very smart buyers. But the reason we have selected India as one of the key markets is, I think our story resonates very well with the kind of buyers we have here. When we talk to the CSOs here, they understand what we are trying to say.
India is supposed to be a very competitive market
I’m fine with the competition, the more the competition the better it is, because people will see our value better than anybody else. I will not get into a price war. There are two things – if the market is knowledgeable, it’s perfect, because I’m not selling commodity anymore, I’m selling niche and I can add value. The second is, if the market understands the difference, they’re willing to pay for it. It is like selling a bottle of milk, there is hardly any difference between companies selling bottles of milk, but I’m really selling some medicines which makes it very easy for me because if people understand the value, they will absolutely consider me, and India is a big market for us.
Cyber is one area where people want to protect their IP and assets. When there is a crunch – we have seen many places where we add more value. I’ll give you an example. Our technology which is called SD-WAN drastically reduces the cost of operations compared to anybody else, because we are bundling multiple products under one technology. A lot of companies have branch offices. And they have MPLS line as a backbone because it connects to the headquarters and then connects to the web. We are using next gen firewall, a world class product, which will reduce your cost of network and MPLS backhaul because it will go directly with a secured SD-WAN, taking it to the cloud and making sure any communication going to the cloud and back is all secure, we need not do backhaul. So we’re basically saving the cost of the infrastructure. Such solution works perfectly fine in India, because it’s a very diversified country, multiple branches, multiple locations. It makes perfect sense for us to invest here.
Because data migration is always happening?
So there is cloud, multiple countries, there is one headquarters and there are multiple small branches. The SD-WAN is a small box, it will encapsulate your data, it will protect your data that is going to the cloud and you can save a lot of money in your backhaul as a lot of data need not go to the headquarters, it can go directly to the cloud. That is how I think our technology is going to help.
I think we are absolutely committed to channels for growth and we are investing quite heavily and will continue working with the key countries and obviously around the globe.
Suppose a person from completely outside wants to become a channel partner. So do you have any processes or standardised methods?
Yes, absolutely. There are three tiers of partnerships at Forcepoint. We have Platinum, Gold and Bronze. Couple of things which we do is, suppose if you’re a bronze partner and you’re a brand new partner coming on board. You bring a net new opportunity to me, I’ll give you the same benefits as a Platinum partner. For the deal registration, we have applicable relationship for all three layers. So you bring me net new, I will treat you as special as anybody else. But it has to be net new for Forcepoint. And once you start building your expertise, spending time and investing resources in our business, we at Forcepoint will embrace you. I don’t care how big or small they may be. Somebody small today will be big tomorrow. I’m willing to bet on those people who are interested, but I need dedicated people. I’m looking for that willingness to work with me. I’m expecting you to say yes, I’m committed to you. If that relationship works, I think we are successful. That’s what we at Forcepoint are. We have seen a huge success in the US and other places and even in India, for that matter, where we have identified a certain set of partners. We’re going to be building key focus, as they can give us enormous amount of return, and they know that we are treating them really, really well. And they go an extra mile to work with us. So that’s the story.