Thought Leaders in Cyber Security: Craig Hinkley, CEO of WhiteHat Security (Part 3)

Sramana Mitra: Where do you position your product? What size or scale of websites or apps are you looking to protect?

Craig Hinkley: I think about it from the software development lifecycles perspective. You can think about developing your software to production where it’s now accessible to customers and partners. We have some customers who use us for what they determine as their critical websites. We have some customers who just want us to look at a very small set of websites to customers who have us, literally, looking at thousands of websites and applications. What we do is detect those vulnerabilities using our internal thread research center.

Sramana Mitra: There are millions of millions of websites out there and there are millions of e-commerce websites out there that actually have people’s credit card data. Many of these websites are very small. They’re not Target. They’re not these gigantic websites with major enterprise customers behind them and with major cyber security budgets behind them.

What intrigues me about what you’re saying is that if you were to run your WhiteHat Security Index on these millions of e-commerce websites, the likelihood that most of them are vulnerable is very high. I imagine that given the numbers you’ve given us, this is well beyond your capability to protect that many websites and you probably want people, as customers, who have more budget. Are there companies out there that are working on the small to medium business side protecting these smaller websites?

Craig Hinkley: We have customers who are, in fact, startups. Our solution can be used by startups as well as the Fortune 50 companies. Our technology scales. Every company is a software company nowadays. Therefore, every company needs to understand how to protect their software because that’s their brand and IP. Our solution scales to all sizes of the customer base.

What you’re hitting on is the next aspect because what we do is we help customers detect the bugs, defects, and the vulnerabilities. The next aspect is to correct that. You need to go back to the software and change your software to remove that defect. The software creates that exposure. Whether small, medium, or large, we’re able to feed information back to their development team to modify their software to mitigate and eliminate that issue.

That’s an area that we’re working on because the security industry is in a resource deficit – a skill set deficit. There is a lack of qualified resources in the cyber security market. I don’t see it changing for the next 10 years. Gaining access to the right resources to help build their information security programs is going to be difficult. That’s why someone like WhiteHat who’s offering security as a service are going to see a surge in business.

This segment is part 3 in the series : Thought Leaders in Cyber Security: Craig Hinkley, CEO of WhiteHat Security
1 2 3 4 5