FireEye Outlines India Strategy to Secure APT Landscape

In an exclusive interaction, Stephanie Boo, regional director, South Asia Pacific, FireEye, articulates the huge business opportunity for channel partners across APT market.

CW: FireEye claims to be the world's only cross-enterprise, signature-less protection against Web and email threat vectors. Will signature-based solutions become passé?

Boo: Organizations cannot depend on signature-based solutions alone because APTs are unknown and zero-day, which are not the fundamental characteristics of those solutions. FireEye is focused to halt next-generation threats such as zero-day and APT attacks. These threats seep through traditional defenses, and eventually compromise over 95 percent of networks.

Seven years ago, IPS was expected to replace firewall. Today, organizations need both the security offerings. Many users do get compromised by known viruses. Therefore, signature-based solutions will not be passé. However, a robust security posture will need signature-less solutions too. Hence, FireEye is not replacing a firewall and IPS, but supplement or add another layer to signature-based firewalls, IPS, anti-virus.

CW: What arsenal does FireEye possess to overhaul bigger and well established vendors like Symantec, McAfee in India?

Boo: We are a company focused on advanced persistent threats (APT), which are serious concerns for most enterprises and security vendors. We do not replace conventional security solutions, but in stead complement them. We also have collaboration with security vendors like McAfee, RSA, Arcsight, and Blue Coat. Many analysts including Gartner acknowledge that traditional solutions built on signatures are not well equipped for next generation threats like APT.

For FireEye, the arsenal or what we call the secret sauce is our 'signature-less' technology. The Virtual Execution platform on our products delivers fast performance to emulate customer environment for detecting malicious threats. Another differentiator is Malware Protection Cloud, which offers global threat data sharing to stop emerging, zero-day threats. This is extremely beneficial for our 100 plus customers, mainly large MNCs, which have deployments globally through remote / branch offices.

CW: Then who are your real competitors in the security space?

Boo: Competition comes in different forms. The biggest challenge for us is to empower customers to understand APT and relate our differentiator versus traditional vendors. Many customers view it as a new jargon for malware, but the truth is APT is polymorphic and persistent than ever before. Apart from downtime and productivity loss of organizations, today's sophisticated APTs are untraced at the time of attack.

With McAfee, we also offer a holistic protection offering through joint sales call /marketing in some countries. FireEye complements RSA's NetWitness. Not many security vendors can offer an end-to-end protection suite on their own.

CW: How is FireEye building its India story from the market perspective and its partner roadmap?

Boo: After making a strong footprint in the U.S. and Europe, we are extending operations in APAC market this year. We are leading an Indian team as we hired two employees including N. Sridhar as national sales manager. The employee strength will triple soon as we target Mumbai, Bangalore, and Delhi. We plan to have a direct India entity within the next 6 to 12 months.

FireEye will remain a 100 percent Channels Company in India too as per its globally operated policy. We follow a 2 tier distribution model with Inflow Technologies as our distributor in India. Apart from major tier-1 partners, we work with auditing companies such as Delloitte, and PwC as well. Tier-2 partners including systems integrators are also part of our channel ecosystem.

CW: Do you cater to the enterprise segment only? How many partners are enough to cover the widespread geographic expanse of India?

Boo: The main focus will be enterprise and government spread across BFSI, manufacturing, tech companies, education institutions and others. For SMBs, we work with MSSPs as this segment does not have the luxury of full-fledged teams and resources to manage devices. We even work with service providers as they offer email hosting. For enterprises, it would be predominantly on-premise while cloud is apt for SMBs.

We will not sign hundreds of partners. APT is an extremely sensitive issue and the partner segment needs to educated well to do value-added selling. A closer channel structure will empower them to the highest level of engagement and hence help position FireEye correctly. Partners often presume us to be another Symantec or McAfee. After aligning closely, they realize our distinctive advantage to combat next gen security threats. We also provide demo boxes for partners.

CW: Would 'security appliances' perish as enterprises prefer non-capex solutions like SaaS or Cloud?

Boo: Because of technologies requirement, our appliances in big enterprise ensure minimal latency using virtual engine which runs up to 96 virtual machines simultaneously. All our hardware is proprietary and built from scratch. We are layer 2 security residing behind firewall and IPS. To strike a balance of protection and performance for a robust security posture, security appliances will not die.

FireEye products include Web Malware Protection System, Email Malware Protection System, File Malware Protection System, and Malware Analysis System. Government organizations and enterprises at large will not move to cloud as the adoption is still slow in India. APT is a sensitive issue. Hence, the companies will prefer detection and protection as on-premise. Appliance-based solution is the way ahead for APT.

CW: What are the new age security threats which CIOs should guard against in 2013?

Boo: The cyber world landscape will continue to change dramatically. It is no longer broad-based with virus, Trojan, spyware to name a few. The worldwide spam has dropped significantly as many enterprises already have an anti-spam solution. APT is here to stay as that industry is estimated to be worth a billion dollars.

APT earlier emerged mainly through email or website, but now the entry points have increased through file and extended usage of the BYOD trend. Social network and apps from mobile further pose a threat. Hence, it is imperative for CIOs/CISOs to deploy multi-vector protection across Web, email and file to adopt another level of security, which is non-signature-based.

Join the CSO newsletter!

Error: Please check your email address.

Tags securityFireEye

More about APACAPTBlue Coat SystemsFireEyeGartnerIPSMcAfee AustraliaPricewaterhouseCoopersRSASymantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Yogesh Gupta

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts