The Gately Report: Qualys Partners Getting New Channel Program in Early 2024
Plus, ransomware attack hits Georgia school district.
![Qualys partners get new partner program Qualys partners get new partner program](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltcab17752b92b599f/65242b07dbf7e6d4fabc2d6d/The-Gately-Report-logo.jpg?width=700&auto=webp&quality=80&disable=upscale)
Channel Futures: How is your previous experience with Alteryx, AWS, MicroPact and more coming into play in this role?
Barb Huelskamp: I'm a builder by nature. It's actually one of the reasons I came to Qualys, because I saw a great opportunity to really help build and grow on what a fantastic job they've already done. But how can we continue to modernize that? My years of experience have really taught me that there isn't a right or wrong strategy. It’s what's the right strategy at the right time based on the industry, based on what's going on with the partners and the partner ecosystem, and aligning the program to not only the goals of the company, but what are our customers looking for out of our partners, and how we drive growth and value with and for our partners together.
I'm totally impressed by Qualys’ ecosystem, the nice names that we have in our partner ecosystem, from solution providers to distributors, ISVs and all the cloud providers. How can we work with them to really help drive growth with some more financial benefits, drive accountability for the partnership together, but also help them build on this MSSP practice? All of our customers are requiring more of those professional services and value-adds, especially with the skills gap that is out there and the increased cybersecurity risk that all of our customers are facing. So we really want to enable and support our partners to expand those professional services. We want to leverage their services to really drive more value to our customers.
CF: In late October, Qualys announced availability of its VMDR TruRisk, FixIT and ProtectIT capabilities in AWS Marketplace. Is this providing new opportunities for partners?
BH: So first I was totally impressed with the platform before I even started. My first week was at QSC, where we rolled out that platform and showcased to our customers and our partners how the platform can help them calculate cyber risk across disparate tools and data, how to articulate and communicate that across a variety of stakeholders in their language, helping customers connect the dots back to the balance sheet and then remediate, reducing their risk and effectively speeding up response to potential threats.
What we and our partners heard at the conference was we can help our customers better measure, communicate and eliminate cyber risk. So with partners, that helps our customers understand the context of the threat, the business intelligence to prioritize their actions and orchestrate that response. So connecting the dots to marketplace, more and more customers are turning to these ecommerce sites to acquire their solutions and we are very proud to be working across and with all of the cloud providers, and have our solutions in the marketplace so that as customers decide that is their acquisition strategy, we can meet customers how they decide to buy.
CF: What are your goals in terms of Qualys’ channel strategy and partner program? Are changes needed?
BH: We're looking to modernize the program. And so we're in the midst of that, planning and beginning to collaborate not only internally, but with some of our top partners on what that program should look like. So first will be more of a tiered program where we can reward partners for their increase in investments and achievements with Qualys. And that will include additional financial incentives, targeted pipeline demand-generation activities and role-based enablement paths. That is a big body of work for us. What we heard from our partners at QSC was we want to learn more, we are eager to participate in more training. So we're assembling role-based paths for sales, pre-sales and solution architects, as well as delivery engineers. And then the next step is how we help our partners continue to evolve and develop their professional services or managed service offerings. How do we impart our best practices? How do we help them respond more quickly to customers and mitigate that risk?
So there’s a big body of work underway right now, and our goal is to announce it in the first quarter and launch sometime between the first and second quarters. But again, that collaboration internally and with partners is our critical next step so that we can get their feedback and make sure that we hear their concerns and needs out in the field.
CF: Is Qualys’ partner ecosystem growing? If so, what’s fueling that growth? Is Qualys working to attract new partner types?
BH: We've got different types of partners, including large solution providers and resellers like Optiv, Guidepoint and SHI, GSIs like Orange, DXC and Deloitte, and MSSP partners in every part of the globe, including Accenture. But we also have some great technology alliances with ServiceNow, IBM, Cisco, all the cloud providers. And there's what I call the power of three opportunity between Qualys, its solution providers and those technology alliances because those solution providers and integrators really do provide that end-to-end solution to our customers when they're spanning across multiple technologies.
The partner ecosystem has been growing year over year. And when I look at the why, we've got a best-in-breed platform. Our customers and our partners can rely on the platform, and we're committed to a partner-centric strategy. I think our partners are seeing our commitment to continue revolutionizing our program and invest in their success. I think you're going to see our new program probably attract even more partners than we have today.
CF: Does Qualys have more to offer partners than its competitors? If so, how?
BH: I think we have a platform that spans the functionality that our customers are looking for. They're looking for a platform that doesn't force them to be piecing together disparate tools. So I do believe that provides our customers and our partners some differentiation. But when I think about are we offering them more, that's what we're focused on with the program. How do we provide our partners with more incentive, more enablement and better partnerships to help them succeed? And we want to invest in their ability to grow that service attach. While they love the technology, and they love the profitability and the growth that they can realize with Qualys, that service attach is equally important to them in creating stickiness for themselves in that long-term customer relationship.
CF: Simplicity and ease of doing business are really big in the channel. How does that fit into what you're working on with Qualys and your partner program?
BH: When we think about the vision for our channel program, I think an effective program has to drive incremental growth, but it also has to drive great customer outcomes with the partner. So we need to make sure that we're enabling them to create those great customer outcomes driving partner profitability, preference and loyalty. But one of the other imperatives I talk about is that operational excellence through simplicity.
You want a good partner experience, just like you want a good customer experience. And you also want that ease of doing business. So we're going to continue to invest in automation, how we provide better self-service and a single pane of glass. You hear a lot about partner portals. So we're looking at how can we leverage our partner portal to help partners self-service and manage their business with us in more efficient and productive ways. So we’re looking at things like the deal-registration process, access to content and thought leadership, access to competitive intelligence so when they're in the midst of an opportunity, they have access to the information that they need at that right moment in the sales cycle. So it's absolutely a focus for us in 2024.
CF: Many organizations are dealing with tight budgets. How is Qualys helping partners meet those organizations’ needs?
BH: What I love about the platform is we're connecting the dots or bridging the divide between cyber risk and business risk. More and more, especially with the latest U.S. Securities and Exchange Commission (SEC) ruling, executive leadership and boards need to understand what the investments are and what that ROI is providing to the organization. And our TruRisk platform does just that.
CF: What do you find most dangerous and surprising about the current threat landscape?
BH: I think there are a lot of emerging threats, which creates even more opportunities for our partners. Generative artificial intelligence (AI) is really boosting malicious actors' abilities. I think the skills gap and the people factor in cybersecurity risk is important. Supply chain attacks, we're hearing a lot more about that. So when an organization is looking at their own cybersecurity threats, it's not just internally, but with your vendors as well. And I just think there's a great opportunity for our partners to provide thought leadership to customers, helping them understand.
One of my favorite sayings is, "you don't know what you don't know." And just because you haven't had an attack doesn't mean you're safe. So how can you use our platform and the services from our partners to make sure that you are ahead of those threats?
CF: Does the evolving threat landscape play a role in shaping Qualys’ channel strategy and partner program?
BH: We really want to enable our partners to overperform in those service areas. So as an example, we want to build some specializations within our program, really providing partners with that sort of badge of approval for specific achievements. And one of them we hope to roll out is a TruRisk specialization where we can support our partners so that they have built their practice and business, and technical certifications across the entire platform. So we're really going to be spending a lot of time helping them build that skill set. They may enter into a customer, as an example, with vulnerability management solutions, and now we want to help them look left and right of that particular function across the span of the entire platform.
In other cybersecurity news …
A cybercriminal organization operating outside of the United States launched a ransomware attack on Henry County Schools in Georgia affecting more than 40,000 students. It caused restricted network access and internet outage across the district.
With the assistance of law enforcement, emergency management and third-party cybersecurity specialists, the district determined that an unauthorized user had gained access to a certain environment on its network.
According to Henry County Schools Superintendent Mary Elizabeth Davis, a portion of the school district’s network was accessed by the attacker(s). This portion contains primarily historical documents and procedural files.
A data mining team is reviewing the contents of this portion of the network and if any personally identifiable information is discovered, impacted individuals will be contacted, Davis said.
The full impact of this attack won’t be known until the data mining team completes its review, she said.
Nick Tausek, lead security automation architect at Swimlane, said educational institutions continue to face a barrage of cyberattacks, and as 2023 comes to an end it doesn’t seem to be slowing down.
“Henry County Schools confirmed that hackers gained access to a file storage area containing primarily historical documents,” he said. “The student and employee systems remain secure, but the BlackCat ransomware group has since added the school to its leak site. The FBI, Department of Homeland Security and Georgia Emergency Management Agency are investigating this attack.”
With this knowledge and as schools prepare for holiday breaks, prioritizing cybersecurity becomes even more crucial, Tausek said.
“Ransomware groups and threat actors are constantly evolving their tactics, targeting educational institutions with increasing sophistication,” he said. “With access to valuable student and staff data, schools must take proactive measures to safeguard their systems and information. This includes adopting solutions such as low-code security automation to enhance visibility into the IT environment, detect threats in real time, and configure a prompt and efficient response.”
SecurityScorecard’s latest research reveals 90% of the world’s leading energy companies experienced a third-party data breach in the past 12 months.
Other key findings include:
All of the top 10 U.S. energy companies experienced a third-party breach.
Ninety-two percent of the energy companies evaluated have been exposed to a fourth-party breach.
Thirty-three percent of energy companies had a C Security Rating or below, indicating higher likelihood of breach.
In the last 90 days, SecurityScorecard identified 264 breach incidents related to third-party compromises.
MOVEit was the most prevalent third-party vulnerability in the last six months, with hundreds of companies impacted around the world.
Ryan Sherstobitoff, SecurityScorecard’s senior vice president of threat research and intelligence, said more than two years after the major U.S. pipeline ransomware incident (Colonial Pipeline), the world still lacks a common framework for measuring cyber risk.
“Transparency and information sharing about cybersecurity is critical for national security,” he said.
Craig Harber, security evangelist at Open Systems, said third-party suppliers are critical to the operation of most modern businesses. Their systems are interconnected to form a trust relationship to prevent supply chain attacks, data breaches and reputation damage.
“Unfortunately, the resulting ecosystem of connected companies has become a favored attack path for attackers to gain access to larger companies that tend to have larger budgets and more resources to invest in cybersecurity,” he said. “So it is not surprising that when extended to include fourth-party suppliers with even smaller cyber budgets, that 100% of the companies surveyed reported they had experienced a breach in the past year. The confirmation of the almost universal experience of third-and fourth-party supply breaches highlights the importance of implementing third-and fourth-party risk management to help mitigate undue risks and costs associated with this very real cyber risk.”
Cybercriminals are targeting Mac users with a new proxy trojan malware bundled with popular, copyrighted macOS software being offered on pirated software sites.
Proxy trojan malware infects computers, turning them into traffic-forwarding terminals used to anonymize malicious or illegal activities such as hacking, phishing and transactions for illicit goods.
Selling access to proxies is a lucrative business that has given birth to massive botnets, with Mac devices not being spared by this widespread activity. The latest campaign pushing proxy malware was discovered by Kaspersky, which reports the earliest submission of the payload on VirusTotal dates back to April 28.
“Illegally distributed software historically has served as a way to sneak malware onto victims’ devices," said Sergey Puzan, junior malware analyst at Kaspersky. "Oftentimes, users are not willing to pay for software tools they need, so they go searching the web for a ‘free lunch.' They are an excellent target for cybercriminals who realize that an individual looking for a cracked app will be willing to download an installer from a questionable website and disable security on their machine, and so they will be fairly easy to trick into installing malware as well.”
Callie Guenther, senior manager of cyber threat research at Critical Start, said the implications for macOS users and the cybersecurity landscape are multifaceted and warrant serious consideration. This malware, embedded within cracked versions of popular software, highlights an alarming trend in cyber threats targeting macOS systems.
“For macOS users, the primary implication is a significant compromise in security,” she said. “Users unknowingly installing this trojan-proxy are inadvertently turning their devices into nodes for illicit activities.”
From a network perspective, the trojan's impact is also quite concerning, Guenther said.
“By converting infected devices into proxy servers, it effectively anonymizes the cybercriminals' activities,” she said. “This approach enables them to route malicious or illegal traffic through these proxies, making detection and tracing exceedingly challenging. For threat intelligence, this represents a shift in tactics, indicating that cybercriminals are continually seeking new methods to evade traditional cybersecurity defenses.”
Cybercriminals are targeting Mac users with a new proxy trojan malware bundled with popular, copyrighted macOS software being offered on pirated software sites.
Proxy trojan malware infects computers, turning them into traffic-forwarding terminals used to anonymize malicious or illegal activities such as hacking, phishing and transactions for illicit goods.
Selling access to proxies is a lucrative business that has given birth to massive botnets, with Mac devices not being spared by this widespread activity. The latest campaign pushing proxy malware was discovered by Kaspersky, which reports the earliest submission of the payload on VirusTotal dates back to April 28.
“Illegally distributed software historically has served as a way to sneak malware onto victims’ devices," said Sergey Puzan, junior malware analyst at Kaspersky. "Oftentimes, users are not willing to pay for software tools they need, so they go searching the web for a ‘free lunch.' They are an excellent target for cybercriminals who realize that an individual looking for a cracked app will be willing to download an installer from a questionable website and disable security on their machine, and so they will be fairly easy to trick into installing malware as well.”
Callie Guenther, senior manager of cyber threat research at Critical Start, said the implications for macOS users and the cybersecurity landscape are multifaceted and warrant serious consideration. This malware, embedded within cracked versions of popular software, highlights an alarming trend in cyber threats targeting macOS systems.
“For macOS users, the primary implication is a significant compromise in security,” she said. “Users unknowingly installing this trojan-proxy are inadvertently turning their devices into nodes for illicit activities.”
From a network perspective, the trojan's impact is also quite concerning, Guenther said.
“By converting infected devices into proxy servers, it effectively anonymizes the cybercriminals' activities,” she said. “This approach enables them to route malicious or illegal traffic through these proxies, making detection and tracing exceedingly challenging. For threat intelligence, this represents a shift in tactics, indicating that cybercriminals are continually seeking new methods to evade traditional cybersecurity defenses.”
Qualys partners can look forward to the debut of a “modernized” partner program in early 2024 to fuel further growth.
That’s according to Barb Huelskamp, Qualys’ senior vice president of global channels and alliances. She joined Qualys in this role last month.
Huelskamp previously was Alteryx’s senior vice president of global partners and alliances. Before that, she was ISV go to market acceleration leader at Amazon Web Services (AWS).
![Qualys' Barb Huelskamp Qualys' Barb Huelskamp](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltbc9b3f3f8ec1ba84/657721c2913b54040a984cb3/Huelskamp_Barb_Qualys_2023.jpg?width=700&auto=webp&quality=80&disable=upscale)
Qualys' Barb Huelskamp
“My first week was actually attending the Qualys Security Conference (QSC), which was fantastic, getting to meet our entire team, customers and many of our top partners,” she said., “Since then I’ve really been working cross-functionally to look at how we continue to modernize our next generation of the partner program. Qualys has had a partner program and a partner team for quite some time, and we are just looking to modernize that and take the program to the next level, really integrating it with our growth strategy.”
Qualys Partners Contributing to Growth
Last month, Qualys reported its third-quarter 2023 earnings, which included a 13% year-over-year increase in revenue, from $125.6 million to $142 million, and a 68% increase in profit, from $27.7 million to $46.5 million.
“There's an opportunity for us to accelerate growth through our partners,” Heulskamp said. “They have deep and broad customer relationships. So how can we work with them?
"When you think about how we're continuing to innovate on our platform, how do we continue to innovate with our program, with our partners so that they are also providing and returning value to our customers? I'm very proud to be joining an organization that, despite a tough year for many organizations facing economic headwinds, we are still growing, we are profitable, and we want to drive that growth and that innovation through our partners. Our partners have done very well finding and reaching new markets and customers. So how can we fertilize that.”
See our slideshow above for more from Huelskamp and other cybersecurity news.
About the Author(s)
You May Also Like