In a special interview with Security Advisor, Gopan Sivasankaran, General Manager, META at Secureworks, tells Anita Joseph about the company’s growth in the past year, its cutting-edge XDR platform and participation at GITEX.
What can we look forward to from Secureworks at GITEX?
This year, we’ll be present along with our partner Redington Value, and the spotlight will be on our XDR capabilities. There’s a lot of ambiguity around XDR-the common perception is that it’s a combination of SIEM & EDR, which is not the case, and GITEX will give us the perfect opportunity to create awareness about what it actually is. We’ll also focus on other key areas such as consulting, penetration testing and Incident Response (IR), among others.
Tell us about your partnership with Redington Value. What’s the synergy like?
There are two facets to this relationship. We benefit from the scale that Redington provides, with its extensive regional presence and massive partner ecosystem, which helps strengthen our narrative. Redington, on its part, leverages the Secureworks Taegis platform to power its recently-launched ‘DigiGlass’ brand, which, in turn, ensures that we deliver on our vision of ensuring that Taegis XDR is at the heart of every SOC.
MSSP partners are important for Secureworks and Redington is our valued MSSP partner, using our platform to deliver their services. Therefore, this synergy is significant for both of us.
What has the last one year been like for Secureworks?
It was a phenomenal year where we saw growth and expansion at every level. I’ve completed a year in my new leadership role with Secureworks in the region, and in that period, we witnessed remarkable progress across all fronts. In the channel space, we signed up with Redington and elevated the relationship to the next level. We also grew in terms of headcount, hiring key resources in South Africa and witnessing business growth in emerging Africa. We hired our first employee in Bahrain, who also looks after Kuwait, and appointed a Saudi national for Saudi Arabia. In fact, in the last 12 months, we hired around 13 people-a growth of around 50-60% in terms of headcount. Our XDR revenues also rose significantly and we signed on some key MSSP partners. We received public references-customer advocacies-where CISOs discussed how they were able to enhance their SOC operations with the Secureworks platform. Looking back, it’s been a productive and extremely rewarding year.
Let’s talk security-MDR in particular. With so many MDR players in the market, how do you think a buyer can evaluate a provider and make sure he’s getting what he really needs?
MDR should be built on sound XDR technology. It’s important to realise that you cannot deliver good MDR service without having a solid XDR platform. Contrary to what many believe, a SIEM solution with an EDR or MDR rolled into it does not make it MDR-that’s just a stunted version of it and nothing more.
This makes it essential to fully comprehend XDR as a concept before getting into MDR-it’s like having a big data lake where you collect raw telemetry instead of just getting alerts. An EDR forwarding an alert to a SIEM is unlike raw telemetry being forwarded to a big data analytics platform, and that’s a massive difference.
That said, the ‘R’ in MDR represents response. So, a buyer would need to really understand how good a provider’s Incident Response team is-what their qualifications are, whether they have the skill sets required to handle a breach, how good they are from a detection and investigation perspective, how much threat intelligence visibility they have, what kind of threat research they’re doing, how good they’re with threat hunting-all of this is extremely vital. Today, everyone claims to be an XDR provider-they’re all being forced into this space because of the huge demand there-so it’s important for a buyer to carefully sift through these aspects.
Why choose Secureworks as an MDR provider?
There are two reasons for this. The first is that we have an open XDR platform, which means we do not rip and replace whatever investments a customer has made. This also implies that we can work with other network security controls, whether it’s Palo Alto, or Crowd Strike or FireEye, and will not force customers to use the Secureworks controls. Customers find this convenient, because other security providers almost always force them to use their agents and security controls. The second reason is that we’ve been doing SOC for 22 years, so we understand this better than anyone else. Also, our service mindset is unique. Most of the MDR providers today are technology companies that got into the service business in the last 2-3 years. But for us, service is our DNA and we’ve been doing this for a really long time, so we have a clear advantage. There are the two key differentiators among many others, that make Secureworks stand out from the rest.
Secureworks has a lot of plans for the region going forward. Can you tell us about some of them?
One of the things we’re doing globally and I’m replicating in my region, is that we’re tapping the mid-market. We used to be an enterprise-class solution and not affordable for the mid-market space till a few years ago. Not anymore. We’re now saying that security is not only for enterprises, but also for everyone else. In fact, it’s becoming increasingly clear that it’s time for the mid-market to invest in security, because this segment is progressively becoming targets of business email compromise and other kinds of fraud. So, Secureworks is stepping in to become affordable for the mid-market. Another aspect is our improved focus on the channel. Since we’re growing beyond the niche space we used to operate in and diversifying into the large, mid-market segment, we need our partners now more than ever, to grow further. I started with two employees in the region 9 years ago, now we’re thirty-one. We’re not just hiring sales and pre-sales personnel but also expanding our channel and our delivery organisation with presence in Incident Response, Penetration Testing, Program Management and Customer Success Management- we continue to hire these team members in the region, locally.