The Gately Report: Perimeter 81 Set to 'Explode' in UK with MSP Partners, Texting Latest Vehicle for BEC Attacks
The global CASB market is set for massive growth through 2031.
Shutterstock
Channel Futures: What sort of growth are you seeing in terms of attracting MSPs and what’s fueling that growth?
Gary Read: I would say in terms of MSPs, right now we are gaining 10 new customers a day. We are also gaining no less than five new partners looking to partner with us on a weekly basis. And this is purely being driven by a number of things. One is the appetite and need to work from an office, those times are kind of gone now … to hybrid working. We’re seeing more of the network becoming a bit legacy when it comes to office network, and now everybody has the ability to get better speeds and feeds from the advancements of 5G. Wi-Fi locations seem to be giving a better output or input to the connectivity into the web. So people need to be able to experience access to all of their key applications and data, but not by being inside the four walls of a premises of their offices. So we’re seeing the retirement of legacy hardware. That’s definitely a massive shift we’re seeing. And then it’s, of course, making the corporate network be relevant and able to be achieved by working in a home or a coffee shop environment. And this is absolutely where we’re fueling the growth now.’
CF: Does this shift to hybrid work present particular challenges for organizations out there?
GR: Absolutely it does. When you start trying to put policies in place for not only individuals, but their machines, mobile devices, desktops and laptops, that starts to become a bit of a challenge. And I think the reason why we’re seeing such a big shift in MSPs specifically in being a key to our growth is that … finding talent and finding people that are security, networking and/or both evangelists or qualified becomes very difficult for some VARs and even some smaller service partners out there. So what happens is the MSP becomes more relevant and more dependable. And this is where the ability to have a single handshake conversation or contract becomes a little bit more necessary.
CF: What does Perimeter 81 have to offer MSPs? Is there anything new for them?
GR: So for us, the real key thing for MSPs is you will not find a company like Perimeter 81 when it comes to simplicity and speed. We can spin up, for example, 200 users of an organization right now with a couple of gateways. We can do this over a Zoom call hand in hand with our engineering team and their engineering team, building a live network and having it completely perimeter secure in the space of two hours. We have no hardware to ship, so we’ve not been impacted by any of the constraints of the chip shortages that have hit the industry. We’re very simplistic, but what we do offer is an enterprise grade security offering at an affordable price. And the other key thing that I’m really seeing that is resonating is the autonomy of our business. So for an MSP to be able to go into our cloud management orchestrator, spin up a couple of live gateways into our data center and then add policies and then dictate different protocols, and then start to add users in a couple of mouse clicks is music to their ears. And then we simply provide them with billing on a monthly basis thereafter for usage. So we’re very simple to use. I can’t emphasize enough how easy we are to work with as a technology. But also for an MSP, it’s great because they don’t have as much resources or time that they want to be spending necessarily going out and making multiple phone calls and trying to get equipment in one part of the world to the other.’
CF: In terms of zero trust network access (ZTNA), how does what Perimeter 81 offers differ from your competitors?
GR: If we look at the lT industry in general, there’s always been buzzwords or topics that people have jumped upon. So there’s what I call a bandwagon approach. SD-WAN is one. Then, of course, you’ve now got secure access service edge (SASE). Zero trust is, of course, the big conversation starter or relevant topic. Zero trust for us is done in a number of ways. We have a cloud management platform, which is more around orchestration management. But when we really get down to how we do it, we actually protect and secure the user. Our job is not to go to an application or an appliance level, but go to a user. So what can he or she have access to in our network. The way in which we do this is we’ve got things like device posture checks. People like you and I, we’ve all got mobiles or cells that none of us can live without. We can allow different posture checks on those devices. Are they running the right iOS versions? Are they running the right malware or antivirus on that device? And if the answer to any of those don’t fit the agenda of the company, you’re not coming into our corporate network. But what we can do is mitigate another element where we can do things like agentless models. So for clients or maybe contractors that are coming into the network or want to come into the network, we simply give them a virtual image of the desktop and the apps that they can and can’t search. But the one thing we’re not doing is allowing that individual to necessarily come in and touch the network. And this is where, of course, exploits are always more vulnerable.
CF: This past summer, Perimeter 81 reached $1 billion in valuation. What’s the significance to partners? Does this mean Perimeter 81 can do more for them?
GR: I would say it absolutely does, because what it shows is that we’re not going away. The security market is very saturated while it’s exploding in growth. There are thousands of different vendors coming in at different angles saying that they can do certain aspects of security, but the investment certainly allows us, one, to retain and bring in some some great talent. But two, and most importantly, it allows us to continually invest heavily, more so than we ever did already in R&D. So things like our secure web gateway (SWG) now with malware filtering and things like, and cloud access security broker (CASB), of course, that are being added into our portfolio. We’re constantly growing and evolving as the threats around the world continue to expand. So I would say it gives security to our partners, to our customers that, you know, 24/7/365, we’re not going anywhere overnight.
CF: Are there challenges associated with ZTNA adoption?
GR: I think the short answer to that is yes. What does zero trust look like to you as a customer or a user? And what is it like to you as an MSP? And then you’ve even got the vendor, what do they perceive to be zero trust? The way we we boil it down, zero trust is if you don’t like the look of something, or somebody isn’t following a specific set of guidelines and rules and rigor to come into the network, then quite simply, with the whole array of device posture checks, protocol supports, application acceptance, you name it, the control becomes that of the MSP. So you are in control of your own destiny. And that’s one of the key things. And what will happen probably in 2023 is there’ll be another element of security that has to get added as part of the zero trust protocol. But today, we’re fully compliant and fully regulated. We’ve got all of the key certifications and security operations center (SOC) compliances that you would expect to be considered that regulated and approved vendor for all things zero trust. So my answer to that is when you do your homework, make sure you’ve got a very defined list of what you perceive to be zero trust. And if they can’t meet those needs, then shop around because people like us, you know, we can check pretty much all of those boxes.
CF: What are MSPs’ biggest pain points when dealing with their customers and how is Perimeter 81 helping with those?
GR: For us, the pain point is shopping around. How do you get from A to B as quickly as possible, but you don’t cut corners so that you make mistakes. The process for Perimeter 81 very simple. We literally will have a partner come on to a session with us, we give them the 30,000-foot elevator pitch on the company, but more importantly, the tech and the architecture. It’s all done as a firewall-as-a-service that spins out into our cloud management and device posture check, to SWG, and then, of course, creating your own virtual tunnels, whether that be into Azure or whether into into Google or AWS. So the magic and simplicity that we take is you sit on a phone call with us, within 10 minutes you understand the architecture and company background, but then the magic happens in our demo. Literally within 10 minutes, we can sit there with a customer, a prospect or partner and show them a live demo where we will start to add gateways, we will add tunnels and we will do tunnel inspection if we need to. We will bring in users. We will then branch out into other hybrid cloud locations and it’s done within 10 minutes. And I think the beauty of it is we have an average sale cycle of 21 days. That’s how promptly we move from start to finish. And also we have a very open book when it comes to our pricing model. There is no back and forth again around tailored negotiations. We have an essentials, a premium and a premium plus. And then we have an enterprise package. The enterprise is very much for 1,000 plus users. We will sit down and of course, like any company, negotiate the best deal. But it’s a very open book.
CF: Can Perimeter 81 help partners and customers deal with any negative impacts from the ongoing economic uncertainty now and into 2023?
GR: I think that comes down to remote users and remote workers. There are many companies right now that are sitting with aging legacy appliances. So if you look at all of the different IT rooms around the world in these offices, the offices are becoming remote, so people are moving to home. So for us, I think the easiest and fastest approach is start to move away from having fixed legacy appliances that you’re paying a premium to a telco right now. Ther’s money right there that we can quite easily transfer into a cloud proposition, saving a significant 40% on overall operating costs as a business. Again, there’s no hardware, so you do not have hardware requirements from us. It’s simply pay as you grow. We’re also one of these vendors that don’t charge for elasticity of usage. So if you look at VPN users that are out there, sometimes you will be billed and charged as you use. For us, you pay for what you get. You can sit here now with an open VPN, I could accidentally go to sleep, leave it on … and I’m not being billed any extra money right now.
So there are a number of different aspects that we can help with, and I think it will start from removal of hardware, simplistic billing pay as you grow rather than pay as you use. And I think the last one is we’re not one of these security vendors that … will always try and sell you more than you need from us. If customers need to downscale, we don’t penalize for that. If customers don’t want to go on an annual contract, we can do a monthly payment with them. So I don’t think there are any vendors out there right now in the market doing as much as we are in terms of offering a bit of an ease for the pain points that the whole economical world is going through now and next year.
CF: What can partners expect from Perimeter 81 in 2023?
GR: From the United Kingdom, they will see a company that all of a sudden explodes on the map. We’ve been scratching the surface. We’ve been doing an amazing job in the Americas, and also across Israel and parts of the Middle East. But the United Kingdom, five weeks into the job, five brand new, very disruptive partners have already come on board to sign with us. We will be announcing those shortly. You will certainly see a big shift in our attendance in all of the key IT exhibition centers, all of the big national events that are taking place. And we will start to see more and more business driven into our channel. I would not be surprised to see us grow our partner community by over 100 partners in 2023. And I would not be surprised to see our revenues grow in excess of triple digit again for the United Kingdom by the end of 2023. And then finally on top of that, some other cool features that I believe are around CASB, malware within our SWG, always making improvements to our platform. We always call ourselves a unicorn or a rocket ship, but I think we’re literally just about to take off.
In other cybersecurity news …
Apple this week introduced three advanced security features, including end-to-end encryption of iCloud backups, aimed at protecting against threats to user data in the cloud.
With iMessage Contact Key Verification, users can verify they are communicating only with whom they intend. With Security Keys for Apple ID, users have the choice to require a physical security key to sign in to their Apple ID account.
And with Advanced Data Protection for iCloud, which uses end-to-end encryption, users have the choice to further protect important iCloud data, including iCloud backup, photos, notes and more.
Craig Federighi is Apple’s senior vice president of software engineering.
“At Apple, we are unwavering in our commitment to provide our users with the best data security in the world,” he said. “We constantly identify and mitigate emerging threats to their personal data on device and in the cloud. Our security teams work tirelessly to keep users’ data safe. And with iMessage Contact Key Verification, Security Keys, and Advanced Data Protection for iCloud, users will have three powerful new tools to further protect their most sensitive data and communications.”
Craig Lurey is Keeper Security‘s CTO and co-founder.
“Apple’s new data protections, especially the integration of security keys, are a welcome addition to the platform for security-conscious users, especially those who already use a YubiKey device to encrypt their data on iOS devices or want to use a security key, but need more incentive to make the investment,” he said. “Hardware security keys provide one of the highest levels of security for multi-factor authentication (MFA) setups, which is why Keeper allows YubiKey to work with our software.”
Melissa Bischoping is director of endpoint security research at Tanium.
“Apple has introduced these important security features to keep pace with the threat landscape and threats to privacy,” she said. “By leveraging these features, you can know that your data is encrypted. Even if the company holding the data is breached, you have additional assurance that you will not be a secondary victim. I am hopeful that this trend continues, as these protections are essential for reducing the secondary victimization of a services’ users after a data breach.”
Trustwave is reporting an increase in business email compromise (BEC) attacks via text messages. This seems to be part of a wider trend as phishing scams via text messages surge.
The Federal Communications Commission (FCC) observed an increase in unsolicited text messages, with 2022 nearly tripling the number of phishing texts reported to the FCC in 2019.
BEC remains one of the biggest cybersecurity threats today. Losses from this attack type have surpassed $43 billion globally, according to FBI. As time goes by, scammers are becoming more cunning with their lures.
The flow and nature of a BEC attack in text messaging is similar to email, where attackers usually impersonate company executives. Attackers make a legitimate request, such as asking for a wire transfer, sending a copy of an aging report, or changing a payroll account.
Among these requests, gift card fraud was the most common scheme in the second quarter of 2022, according to the Anti-Phishing Working Group (APWG). An Federal Trade Commission (FTC) report from December 2020 shows nearly one in four consumers who lost money due to fraud said they paid with a gift card. Target, Google Play, Apple, eBay and Walmart were the most reported gift card brands that consumers mentioned in fraud reports.
Maria Katrina Udquin is a security researcher at Trustwave.
“The threat landscape continues to change and BEC is evolving beyond email,” she said. “Whatever form a BEC attack takes, it is sure to have financial and reputational damage repercussions for many organizations. Combining awareness training, technical security and best practices training can help organizations in guarding against and possibly avoiding BEC attacks.”
Patrick Harr is CEO of SlashNext, an anti-phishing company.
“We have been seeing the trend of BEC steadily moving to mobile this year,” he said. “We call it business text compromise. Mobile devices are less protected and it’s much easier to obfuscate the sender details on mobile devices. The most popular tactic that we are seeing are cybercriminals sending these messages to new employees, who are not as familiar with company processes and are eager to perform well in their job. It’s essential to protect against these types of threat, that will most likely increase in 2023, by using mobile SMS/text protection against natural language-based attacks.”
Current defenses are not tuned to find BEC attacks, Harr said.
“These attacks are rising, via both email and mobile, and the gateway to ransomware and BEC continues to be phishing,” he said. “As phishing continues to grow as a vector for ransomware attacks, zero-hour, real-time threat prevention solutions are critical to prevent these threats. The ability to block employee web traffic to phishing sites, via malicious links and other vectors, and stop a ransomware attack at the start of the kill chain, is of the greatest importance.”
Cloud access security broker (CASB) presents a massive opportunity in the channel as the global market is set to reach $37.2 billion by 2031.
That’s according to a new Allied Market Research report, which expects a compound annual growth rate (CAGR) of nearly 19%. The market totaled $6.8 billion in 2021.
Leading CASB market players include Broadcom, Cisco, iboss, Lookout, Microsoft, Netskope, Palo Alto Networks, Proofpoint, Skyhigh Networks and Zscaler.
The rise in demand for work-from-home and remote working policies is driving CASB market growth. However, higher installation costs and maintenance challenges of CASB platforms restrict the market growth. Moreover, the integration of advanced technologies such as machine learning (ML) and data analytics with CASB solution suites is expected to present new opportunities for market growth in the coming years.
Based on component, the solution segment held the highest market share in 2021, accounting for around three-fourths of the global market. It’s expected to maintain its leadership status throughout the forecast period, due to the high demand for enterprise security solutions. However, the services segment is projected to net the highest CAGR from 2022 to 2031, due to the growing demand for detection security services.
Based on enterprise size, the large enterprise segment held the highest market share in 2021, accounting for more than three-fourths of the global CASB market, and is estimated to maintain its leadership status throughout the forecast period. However, the SMEs segment is projected to net the highest CAGR from 2022 to 2031, due to growing innovations in SMEs.
Based on application areas, the data security segment accounted for the largest share in 2021, contributing to more than one-third of the global market. This is due to growing remote working trends. However, the governance, risk and compliance segment is expected to net the largest CAGR from 2022 to 2031 and should maintain its lead position in terms of revenue by 2031, due to the growing need for network security solutions.
Based on region, North America held the highest market share in terms of revenue in 2021, accounting for more than two-fifths of the global market, and is likely to dominate the market during the forecast period, due to the growing number of cyberattacks in the region. However, the Asia-Pacific region is expected to witness the fastest CAGR from 2022 to 2031, due to the ongoing digital transformation in the region.
Vonage has launched its new Salesforce Shield for Vonage Contact Center (VCC) and Vonage for Service Cloud Voice (SCV).
This provides additional compliance with corporate and industry requirements. It also adds security features for agents using VCC integrated with Salesforce that enhances customer engagement while protecting customer privacy.
Both the VCC for Salesforce and Vonage for SCV solutions integrate all communications channels and plug into an organisation’s Salesforce interface, and support Salesforce Shield encryption. This allows users to benefit from the security Salesforce Shield provides, alongside Vonage’s cloud contact center solution to help businesses perform better, connect easier, and enhance engagement with their employees and customers.
For example, a health care company can manage personally identifiable information (PII) and protected health information (PHI) for its patients, without compromising the ability of customer service agents to search or run workflows and other key functions using that data to ensure patients continue to receive the best medical care.
Sanjay Macwan is Vonage’s CIO and CISO.
“Offering our customers the benefits of Salesforce Shield is a testament to our longstanding collaboration with Salesforce and commitment to enabling our customers’ success,” he said. “We expect this innovation to drive significant growth over the coming years, particularly with businesses in regulated industries.”
Salesforce Shield uses full AES 256-bit encryption to protect sensitive data across all Salesforce apps.
Vonage has launched its new Salesforce Shield for Vonage Contact Center (VCC) and Vonage for Service Cloud Voice (SCV).
This provides additional compliance with corporate and industry requirements. It also adds security features for agents using VCC integrated with Salesforce that enhances customer engagement while protecting customer privacy.
Both the VCC for Salesforce and Vonage for SCV solutions integrate all communications channels and plug into an organisation’s Salesforce interface, and support Salesforce Shield encryption. This allows users to benefit from the security Salesforce Shield provides, alongside Vonage’s cloud contact center solution to help businesses perform better, connect easier, and enhance engagement with their employees and customers.
For example, a health care company can manage personally identifiable information (PII) and protected health information (PHI) for its patients, without compromising the ability of customer service agents to search or run workflows and other key functions using that data to ensure patients continue to receive the best medical care.
Sanjay Macwan is Vonage’s CIO and CISO.
“Offering our customers the benefits of Salesforce Shield is a testament to our longstanding collaboration with Salesforce and commitment to enabling our customers’ success,” he said. “We expect this innovation to drive significant growth over the coming years, particularly with businesses in regulated industries.”
Salesforce Shield uses full AES 256-bit encryption to protect sensitive data across all Salesforce apps.
Perimeter 81 has set its sights on massive growth in the United Kingdom, and is counting on MSP partners and other partners to lead the charge.
Perimeter 81’s Gary Read
That’s according to Gary Read, Perimeter 81’s director of channel partner sales in the United Kingdom. The Israel-based company hired him recently to spearhead further growth in the United Kingdom. That includes bringing more MSP partners to Perimeter 81.
Perimeter 81 is a security service edge (SSE) and zero trust network access (ZTNA) provider. In June, it announced its valuation had reached $1 billion. That’s after completing a $100 million Series C funding round led by B Capital.
Participating investors include Insight Partners, Toba Capital, ION Crossover Ventures, Entrée Capital and publicly traded Spring Ventures. The financing will accelerate Perimeter 81’s growth, hiring and development. The company has more than doubled its annual recurring revenue (ARR) year over year.
Perimeter 81’s platform enforces a zero trust architecture, which became a federal strategy in the United States this year following President Biden’s executive order on improving the nation’s cybersecurity.
Local Representation in the UK
The United Kingdom does represent a new area for Perimeter 81, but not brand new, Read said.
“We’ve already had partners and customers utilizing Perimeter 81 over the last four years,” he said. “But as a result of the continued demand and enquiries that we see from partners and customers in the region, one of the key requirements that many of our key clients have asked for is local representation. So to
continue to fulfil those needs, we’ve deployed people like myself and my colleague Richard Leigh (channel partner manager), who will cover the north of the country.”
Perimeter 81’s end-to-end cybersecurity technologies integrate with cloud providers such as Microsoft Azure, Google Cloud and Amazon Web Services (AWS). Perimeter 81 serves hybrid clients in various industries, including finance, health care, technology, retail, insurance, education and more.
Scroll through our slideshow above for a Q&A with Read and more cybersecurity news.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like