The Gately Report: SonicWall Partners to Play Big Role in Company's Next Chapter
Meantime, a financially motivated threat actor is increasingly targeting hospitality, hotel and travel organizations.
![New Chapter New Chapter](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltd4f4ab4d36161507/65241b7b108edc9d1b27badc/shutterstock_146340740.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
Channel Futures: What can SonicWall partners expect with you in the top leadership role?
SonicWall’s Bob VanKirk: I am a huge believer in outside-in. It starts with our partners. It starts with understanding their needs. And that’s how I re-engineered our sales organization. It was stop and listen to your partners, listen to what their needs are, and then align the team accordingly. So we moved from overlays to separate swim lanes. One complaint was your team isn’t as technically proficient. So I moved to weekly training for the entire sales team. So listening and taking their lead, their pain points, the partners on direction, I’m convinced will allow us to take our offering to the next level. And no question that it will also lead to continued strong growth.
CF: Are you planning to make any changes in SonicWall’s business and channel strategies?
BVK: No. As I said, we’re 100% channel. If anything, we’re going to be leaning more and more into getting the rest of the SonicWall team better aligned to be responsive, and kind of recognizing and listening to what those channel requirements are. We have an incredible partner program. The growth I was talking about is directly attributed to the force multiplier that our partners represent, no question whatsoever.
CF: SonicWall delivered a record fiscal year 2021 and looks on track for another record in 2022. What role do partners playin all of that growth?
BVK: I’m a big believer in leading indicators. And you don’t wait until after the quarter or towards the end of the quarter to get a good feel for how we’re tracking. The key leading indicators that I reviewed as CRO and now as CEO, I’ll look at those as well as others. [Those key indicators include] partner deal registration creation, partner deal registration closing, partner activity, partner training, and in-quarter create-and-close opportunities. That means in addition to deal registration, those opportunities that partners are bringing us that are net-new on our side and we’re also closing.
We’re hitting records on every one of those and have been for subsequent quarters. And that doesn’t just magically happen. It happens based upon leaning into the partners and listening to their needs, and understanding what their concerns are. It’s an offshoot of providing focused technical support and making sure that we keep an ear to the ground relative to how we can best support and align beside and around them.
CF: Where is SonicWall in the cybersecurity competitive landscape? Are you hoping to make a shift in that?
BVK: So we have been a leader in the SMB space. And no question we intend to maintain and build on that leadership. But about 25% actually comes from the enterprise space, and that is actually growing at a much higher clip — so we want to fuel that, but being smart relative to those use cases, those verticals, those areas where we focus. We brought out a whole new line of firewalls from a high end standpoint, up to 100 gig, and we just are coming off a record quarter. So we’re seeing record adoption there.
But the key I want to stress is being very smart relative to where we focus and intentional around the use cases in the architectures. The other area where we’re seeing rapid growth, and where we will be leaning more and more is cloud. That currently accounts for around 15% of our revenue. And we had virtually zero six years ago. So that is an area that is growing even more rapidly, and an area where we will be both organically and inorganically leaning in the coming months and quarters, no question.
CF: Who are SonicWall’s main competitors? And what gives SonicWall a competitive advantage?
BVK: The others are Sophos, WatchGuard and Fortinet in the SMB space. We run into Palo Alto Networks more in the enterprise space. What is our advantage there? We’ve always been known for our low total cost of ownership and our high security efficacy. So great security on our entry-level model as well as our highest-end model, same security efficacy at a great price point.
Interestingly enough, we’ve really taken that to the next level. We’ve introduced new technology that when you think about the the threats that are continuing. You see them every day and they’re continuing to change. We’ve got a unique capability that allows us to detect and quickly mitigate the latest attacks across every single one of our solutions. It’s called RTDMI. That has been a game changer for us.
But interestingly enough, an additional key differentiator that we’ve seen over the last two-and-a-half years is related to supply chain, the number of other vendors that are having issues just getting product. And certainly that relates to our partners and customers. We actually are able to ship and deliver 95% of all orders within three days. So that has been a big one and truly that has resulted in high net … new customer acquisition, as well as in addition to everything else we’re doing. We’ve also seen a number of partners either net-new to SonicWall or coming back to SonicWall. So it’s an exciting time.
CF: Are there new markets and geographies you’re hoping SonicWall will enter? And if so, what role can partners play in those efforts?
BVK: No question, we’re not entering markets, segments or geographies without our partners. Partners are core. I talked about cloud and enterprise expansion. We will continue to leverage our partners as we go that route. The key there is going to be ensuring that what we’re bringing to market aligns with what our MSPs/MSSPs can deliver, and it’s right in the crosshairs of what they in turn will be taking. So that is a key piece. And when I talked about ensuring that it’s more than sales aligned to our partners, it’s product management, it’s engineering, it’s support. That is really key because that’s the direction from the partners that will then be driving that development, and whether it be development and whether it be inorganic acquisitions.
CF: What are SonicWall partners’ biggest pain points. And how will you with SonicWall help address those?
BVK: Recently supply chain has been one of those. But I talk about our record growth over the last six quarters and even further back, what I like hearing about is that it’s been due to our partners having record years — and that really makes me happy. That’s what we want to be driving. So what we are intending to do is stay close to our partners, not only from the sales organization supporting them every day in the field, but it’s also how we can offer them new and differentiated services. XDR, MDR and EDR are a few. Again, staying current with where the market’s going, how we can better equip them to provide those solutions to their customer base, and how they can build and differentiate their businesses. That’s core.
CF: What can partners expect from SonicWall in the months ahead into 2023 with talk of impending recession in mind? Is that a concern?
BVK: That’s always a concern. Our track record has been that we actually do better in a recession because of our value. And partners can count on us to continue to focus on providing those world-class solutions at a cost-effective price. We’re not changing that. If anything, we continue to expand our offering and we will continue to do that. They should be looking forward to more of that. We’ll better position them in their offerings with their customers. So the recession, we will be watching that, but our core capabilities and differentiators really put our partners in a good spot.
In other cybersecurity news …
Imagine logging onto an airline’s app and seeing other passengers’ personal information, such as phone numbers, home addresses, dates of birth, flight voucher details and the last four digits of their credit cards.
That’s reportedly what’s happened at Canadian airline WestJet. The airline told CBC it’s investigating after a “technical issue” with the app caused the customer data breach. The airline said the issue was resolved in less than an hour.
Erfan Shadabi is head of marketing at Comforte AG. He said the reported data security incident underscores just how much personal data outside of payment information the travel industry collects from their customers.
“Airline apps are hugely popular, and members provide quite a bit of personal data about who they are and what their personal preferences happen to be in order to check in faster, log and store their travel details, and collect valuable loyalty points,” he said. “This incident calls into question just how secure all that personal and potentially sensitive data really is.”
A business in any industry that offers a customer app needs to take data privacy and security very seriously, Shadabi said.
“The first thought is to ensure that any housed data is walled off and secure,” he said. “But what happens if a breach occurs (even one involving a third-party partner) and that data falls into the wrong hands? Only data-centric security methods can protect against that type of situation. Data-centric security protects the data itself instead of the walls around it using technologies such as tokenization or format-preserving encryption. If companies adopt a data-centric strategy, then they won’t have to worry about their customers’ private information no matter where it travels. Unfortunately, this doesn’t seem to be the case in this incident. That doesn’t mean other businesses can’t learn from the situation.”
And speaking of travel, Proofpoint has released new findings showing financially motivated threat actor TA558 targeting hospitality, hotel and travel organizations. TA558 has increased its attacks during the busy travel season.
Proofpoint has tracked TA558 since 2018. It’s targeting hospitality, travel and related industries in Latin America, and sometimes North America and western Europe.
Other Proofpoint findings include:
TA558’s targeting focus is mainly on Portuguese and Spanish speakers, typically located in the Latin America region, with additional targeting observed in Western Europe and North America.
Like other threat actors in 2022, TA558 pivoted away from using macro-enabled documents in campaigns and adopted new tactics, techniques and procedures (TTPs).
Sherrod DeGrippo is vice president of threat research and detection at Proofpoint.
“The lures used related to reservation or hotel booking for guests,” she said. “The aim is to infect a victim within one of these organizations with malware. We tracked at least 15 different malware payloads that enabled reconnaissance, data theft and distribution of more malware.”
Impacts of such threats can harm target organizations and their customers if an actor is able to compromise hotel or transportation entities and the tools they use to interface with customers and financial data, DeGrippo said.
“Organizations in these industries should be aware of the TTPs described in the report and ensure employees are trained to recognize and report phishing attempts when identified,” she said.
NetSPI, a provider of enterprise penetration testing and attack surface management, this week launched its NetSPI Partner Program.
The global program equips channel and technology partners with pentesting tools, services and talent, bolstering security worldwide. Partners can offer end users NetSPI’s vulnerability management technologies and human-delivered offensive security services. That allows both the partner and NetSPI to expand product and service offerings, further develop customer relationships and enter new markets.
Additionally, last month NetSPI joined the AWS Marketplace. That simplifies the procurement process for enterprise organizations with existing AWS relationships by allowing them to purchase NetSPI’s offerings directly via the marketplace.
Lauren Gimmillaro is NetSPI’s vice president of business development and strategic alliances.
“As today’s global attack surface evolves and cybercriminals become more sophisticated in nature, it’s critical to provide end users with the tools, services and skill sets they need to take an offensive approach to security,” she said. “Centered around our customer-first approach, the NetSPI Partner Program will allow our team to extend our world-class pentesting capabilities to a variety of diverse and trusted partners, strengthening organizations’ cyber security efforts across the globe.”
The program includes two partner types:
Channel partners: NetSPI provides its full suite of security services and products through a global channel network of referral and reseller partners. To meet partners’ requirements, the programs include a tier-based model consisting of referral fees, preferred client pricing and reseller discounts.
Technology partners: Security and third-party software companies help build integrations with NetSPI to improve overall customer experiences.
For both, NetSPI offers technical and sales support to help partners achieve their business and GTM goals.
Ransomware variants nearly doubled during the first half of 2022 as cyber adversaries continue to invest significant resources into new attack techniques.
That’s according to Fortinet’s latest semiannual FortiGuard Labs Global Threat Landscape Report.
Highlights of the report include:
The ransomware threat continues to adapt with more variants enabled by ransomware-as-a-service (RaaS).
Work-from-anywhere (WFA) endpoints remain targets for cyber adversaries to gain access to corporate networks. Operational technology (OT) and information technology (IT) environments are both attractive targets as cyber adversaries search for opportunities in the growing attack surface and IT/OT convergence.
Destructive threat trends continue to evolve, as evidenced by the spread of wiper malware as part of adversary toolkits.
Cyber adversaries are embracing more reconnaissance and defense evasion techniques to increase precision and destructive weaponization across the cyber-attack chain.
FortiGuard Labs has seen a total of 10,666 ransomware variants, compared to just 5,400 in the previous six-month period. RaaS, with its popularity on the dark web, continues to fuel an industry of criminals forcing organizations to consider ransomware settlements.
Wiper malware trends reveal a disturbing evolution of more destructive and sophisticated attack techniques continuing with malicious software that destroys data by wiping it clean. The war in Ukraine fueled a substantial increase in disk wiping malware among threat actors primarily targeting critical infrastructure.
FortiGuard Labs identified at least seven major new wiper variants in the first six months of 2022 that were used in various campaigns against government, military and private organizations. This number is significant because it is close to the number of wiper variants that have been publicly detected since 2012. Additionally, the wipers did not stay in one geographical location, but were detected in 24 countries besides Ukraine.
Derek Manky is chief security strategist and vice president of global threat intelligence with Fortinet’s FortiGuard Labs. He said what’s most surprising about the findings is the consistent scale and growing destructive sophistication of cyber adversaries.
“This is important to call out because partners have a considerable opportunity (and urgency) to help customers focus their security strategies to defend against these changing approaches,” he said.
With RaaS and its popularity on the dark web, cyber adversaries continue to invest significant resources into new attack techniques because ransomware is lucrative and still viable, Manky said.
“This means not only is the volume of ransomware staying strong and has been for over a year, this also means that defending against ransomware is constantly evolving,” he said. “Already last year our global ransomware survey showed that for some organizations there is an apparent disconnect between their feelings of preparedness, and the tools and plans they have in place to address an attack. Now, this means there are new variants with new tactics that they need to consider. Constant change is the advantage adversaries are looking to catch organizations off guard.”
Cyber trends are nimble and change, but many of these trends are building in steam, Manky said.
“I fully expect ransomware to continue in this direction, and I also expect the sophistication and disruptive (or destructive) nature of threats like wiper malware or even distortion to continue,” he said. “Also, the rate of exploit has been increasing as we saw in our last report so I fully expect adversaries to continue this rate for new and old vulnerabilities to try to maximize opportunity.”
Ransomware variants nearly doubled during the first half of 2022 as cyber adversaries continue to invest significant resources into new attack techniques.
That’s according to Fortinet’s latest semiannual FortiGuard Labs Global Threat Landscape Report.
Highlights of the report include:
The ransomware threat continues to adapt with more variants enabled by ransomware-as-a-service (RaaS).
Work-from-anywhere (WFA) endpoints remain targets for cyber adversaries to gain access to corporate networks. Operational technology (OT) and information technology (IT) environments are both attractive targets as cyber adversaries search for opportunities in the growing attack surface and IT/OT convergence.
Destructive threat trends continue to evolve, as evidenced by the spread of wiper malware as part of adversary toolkits.
Cyber adversaries are embracing more reconnaissance and defense evasion techniques to increase precision and destructive weaponization across the cyber-attack chain.
FortiGuard Labs has seen a total of 10,666 ransomware variants, compared to just 5,400 in the previous six-month period. RaaS, with its popularity on the dark web, continues to fuel an industry of criminals forcing organizations to consider ransomware settlements.
Wiper malware trends reveal a disturbing evolution of more destructive and sophisticated attack techniques continuing with malicious software that destroys data by wiping it clean. The war in Ukraine fueled a substantial increase in disk wiping malware among threat actors primarily targeting critical infrastructure.
FortiGuard Labs identified at least seven major new wiper variants in the first six months of 2022 that were used in various campaigns against government, military and private organizations. This number is significant because it is close to the number of wiper variants that have been publicly detected since 2012. Additionally, the wipers did not stay in one geographical location, but were detected in 24 countries besides Ukraine.
Derek Manky is chief security strategist and vice president of global threat intelligence with Fortinet’s FortiGuard Labs. He said what’s most surprising about the findings is the consistent scale and growing destructive sophistication of cyber adversaries.
“This is important to call out because partners have a considerable opportunity (and urgency) to help customers focus their security strategies to defend against these changing approaches,” he said.
With RaaS and its popularity on the dark web, cyber adversaries continue to invest significant resources into new attack techniques because ransomware is lucrative and still viable, Manky said.
“This means not only is the volume of ransomware staying strong and has been for over a year, this also means that defending against ransomware is constantly evolving,” he said. “Already last year our global ransomware survey showed that for some organizations there is an apparent disconnect between their feelings of preparedness, and the tools and plans they have in place to address an attack. Now, this means there are new variants with new tactics that they need to consider. Constant change is the advantage adversaries are looking to catch organizations off guard.”
Cyber trends are nimble and change, but many of these trends are building in steam, Manky said.
“I fully expect ransomware to continue in this direction, and I also expect the sophistication and disruptive (or destructive) nature of threats like wiper malware or even distortion to continue,” he said. “Also, the rate of exploit has been increasing as we saw in our last report so I fully expect adversaries to continue this rate for new and old vulnerabilities to try to maximize opportunity.”
New SonicWall CEO Bob VanKirk says partners will play a massive role in the company’s next chapter. This comes nearly six years after it divested from Dell Technologies.
SonicWall promoted VanKirk from chief revenue officer. Former president and CEO Bill Conner took on the role of executive chairman of the SonicWall board.
After SonicWall divested from Dell, it relaunched the SonicWall brand and rebuilt its. partner ecosystem. It also added key virtual and cloud capabilities, released its Real-Time Deep Memory Inspection (RTDMI) technology, and delivered its full suite of Gen 7 product and management solutions.
The SonicWall sales team, aligned with their global channel partners, delivered a record 2021 fiscal year. It has also delivering a strong start to the current fiscal year.
SonicWall Partners a ‘Force Multiplier’
In a Q&A, VanKirk talks about his plans in the top leadership role at SonicWall.
Channel Futures: A lot has taken place since SonicWall divested from Dell. What’s the next chapter looking like for SonicWall?
SonicWall’s Bob VanKirk
Bob VanKirk: I think it starts, no question, with our partners and what we are offering [them]. We’re 100% channel-driven and have been for over 30 years. Channels and partners are in our DNA. And with 17,000 partners, they are a force multiplier. Credit where credit’s due: We’ve seen incredible growth over the last couple of years because of our partners. But it’s more than that. It’s also aligning with them around the core capabilities that they can then take to market and offer to customers.
I spent the last three-and-a-half years really ensuring that the sales team and go-to-market (GTM) were aligned with our partners, and totally overhauled that. Now, my direct focus is how I can get the rest of SonicWall better aligned with our products, our capabilities and how we support our partners. Also, key pieces of this are going to be adding key capabilities that will enable our partners to offer new and differentiated cybersecurity solutions.
Scroll through our slideshow for more from VanKirk and more cybersecurity news.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like