What is the real playground for Sophos as many of CISOs opt for 'best of breed' vendors like Palo Alto Networks for network security or Symantec for their endpoint security, as few examples?
We do a bit of both - network and endpoint. It's better to have some part of customer business than have no chunk of it. We are happy to compete in individual product areas which we do in many customer accounts. Some customers use our products in end point or network that works well for them and also it competes at par with particular competitors in that domain.
At the same time, we make CISOs understand the advantage of collaboration between individual products from the same vendor. We have customers that buy across our portfolio to gain that benefit. We deliver the most value to the customers with Sophos Synchronized security which stretches across the IT infra for the products to speak to each other. There will be automatic changes if end point discovers something and updates the firewall, take the encryption keys and all that happens without human intervention.
It's a big myth that different products of varied security vendors talk to each other in a single IT infra?
Yes, but maybe over time we will have better API structure to have the conversation better and clearer. In a typical multi-vendor environment, one can have other products integrated on the top or the humans ensuring that products do talk to each other. It is possible from the management platform perspective but it is a rather complex process and importantly you don't get the benefit of integration.
Sophos CEO Kris Hagerman told me in last interaction on company focus on pragmatic enterprises. Does that route continue in APJ or Sophos is trickling up the pyramid in terms of segment size?
Our sweet spot is SME (or called as mid-market) globally including APJ. That segment (pragmatic enterprises) continue to be a great fit for Sophos. We have a number of very large customers like big banks. However our design center does suit the enterprise customers but it is difficult to be equally good for every segment. There could be different features, customized software needed in the enterprise space which becomes a different game for security vendor.
As per IDC, the cybersecurity market globally is around 90 billion dollars with roughly half of that being the SME market. Interestingly enough, many of our competitors like Palo Alto and Symantec that you mentioned, are targeting the enterprise segment. It is less crowded where we play (the SME segment) and that's the reason our well integrated value prop is built around product design, GTM focus and security made simple for SME segment. We have main sweet spot on mid-market though we have customers above and below that segment size.
Sign up for CIO Asia eNewsletters.