Thought Leaders in Cyber Security: Pat Donnellan, CEO of Lumeta (Part 3)

Pat Donnellan: In the UK, there is a directive issued by the Bank of England which stipulates that on an annual basis, each licensed financial service organization operating in the UK is subject to a cyber analytics audit where a live malware is injected into the network of the financial services organization. The audit was determined on how that organization responds to that particular live threat. We operationalize how the financial services organization deals with that. There are pending legislations that stipulate an extension of what the UK is planning where enormous buying is being proposed for financial services organization who do not have, in essence, control over their network and are unable to effectively respond to malware threats.

Sramana Mitra: Talk to me about the industry in general. You’ve already started talking to some extent about the industry in general. Talk to me about what are the open problems. Where do you encourage entrepreneurs to look for problems to solve in the cyber security space? More specifically, in the areas you monitor more closely than others.

Pat Donnellan: First of all, in terms of the industry and our place in the industry – I’m sure you’ve encountered this – there is a fog of what is the appropriate set an enterprise should have to deal with this crisis that is affecting a myriad of industries. Banking is one. Government is another. Entertainment is another. What products should you have in your stack? As you would be aware, many of these organizations have spent a lot of money acquiring products over a number of years, and a lot of them have ended up as shelfware. The reluctance to adopt new technology in that environment is obviously a challenge. In our case, there are claims of what we do. If you look at the websites of the claims of a number of vulnerability scanners, you will get that claim.

If you look at a number of the network monitors, you will get that claim. There are marketers who say, “We do everything in continuous mode.” There’s a fundamental difference between continuous and real-time, which the marketers will respect in the next year. We are challenged. We have a challenge of distinguishing ourselves from that fog and to convince enterprise by enterprise, government by government that we address this 15% to 20% delta, and if you don’t have us, your cyber stack and posture is for naught. There’s a missing 15% to 20% to start with.

Sramana Mitra: But I would imagine that if you’re partnered with a player like Qualis, for instance, that has a good channel into the enterprises, and if they buy into your thesis that they are missing 20% of that coverage, they’d bring you in.

Pat Donnellan: That’s all easier said than done. A particular vendor or partner putting their hands up and saying, “We’re missing this piece,” is easier said than done, quite frankly. We have to be subtle about it that we don’t undermine our partners. We have to position into their clients as they position into our clients.

Sramana Mitra: There’s a very easy way to tackle that from a marketing or strategy angle. It’s just to orient your product into Qualis.

Pat Donnellan: I’m not a fan at all. We’re privately held. I’m certainly focused on the partnership side. We are two years on the go. We’ve released our new continuous platform. We’re putting it into our first large, large client next week. I’m not ready for OEM-ing at this point. I’m ready for partnering and being able to reference to clients and prospects that we can provide this more comprehensive solution.

Sramana Mitra: Fair enough. Thanks for your time.

This segment is part 3 in the series : Thought Leaders in Cyber Security: Pat Donnellan, CEO of Lumeta
1 2 3