Thought Leaders in Cyber Security: Elisity CEO James Winebrenner (Part 4)

Sramana Mitra: Healthcare and manufacturing are two big segments where you are doing a lot of work.

James Winebrenner: Yes, we are starting to see acknowledgment of this need in traditional enterprise space. I met with a large investment bank in New York last week that has done micro-segmentation initiatives in their data centers, but they’re now moving back out into their campuses and looking at user segmentation and device segmentation in those environments. These are networks where we think about iPads and laptops, but we see everything from Peloton to process controllers. It’s becoming more of a challenge.

Sramana Mitra: Given what’s going on in the world right now, we are living in a very unstable world and we are going into more instability with cyber warfare a clear possibility. To what extent is this micro-segmentation of traffic able to protect us?

James Winebrenner: I’m very careful to make sure that people understand. This doesn’t necessarily mitigate all threats. It minimizes the blast radius when there is something that is compromised. I think we have moved past the idea that we can prevent all compromise, especially looking at these state-sponsored attacks.

What we can do is make sure that the model of carte blanche access goes away. Least privilege access minimizes the attack surface when a device is compromised. It’s certainly slowing down the proliferation of things like ransomware and mitigating the risk of that impacting multiple systems. In the case of targeted attacks, it’s limiting the ability for a malicious actor to move laterally once they have infected a device.

Sramana Mitra: One of the concerns that we are hearing a lot from security startups and investors is there’re so many cyber security companies out there. In the 30 years that I’ve been in the technology space, cyber security has always been one of the most prolific areas of startups. It also has become difficult for CIOs and CISOs to evaluate the technology. They have the large trusted players like Palo Alto and Qualys.

How does a startup get evaluated in this framework? It sounds like you are doing direct deals with enterprises.

James Winebrenner: Anybody who’s thinking about starting a cyber security company needs to go to an RSA and look at how many companies there are. It’s hard to differentiate. There are a couple of things that are important. A startup’s superpower is the ability to say no. If you compare it to Palo Alto or Cisco, you have everybody as the customer.

One of the things that we do is we are ruthless in the way we qualify who we work with. It requires being narrowly focused on the use case, and value proposition, and looking at early customers that have a demonstrated track record of being able to adopt emerging technology. There are a lot of people who like to take meetings and understand where the technology landscape is going. It’s a more limited scope of people that can demonstrate the adoption of emerging technologies and be able to talk about it with their peer group.

We care about what customers say about us. Getting those early voices in those different industry segments is important. We’ve got a group of CISOs that we have worked with. Our earliest customers are our best advocates.

This segment is part 4 in the series : Thought Leaders in Cyber Security: Elisity CEO James Winebrenner
1 2 3 4 5