SECURITY IS A ‘SOFTWARE FIGHT’
For the Palo Alto Networks CEO, making safeguards easier for companies to implement and use has led to big sales for the software and platform leader
SANTA CLARA >> Yahoo. Target. Equifax. Even Intel’s chips. It seems like no company, and no technology is immune to security breaches and hacks.
In Mark McLaughlin’s view, all the digitalization that has made parts of life more efficient, and fun, also comes with a price that must continually be addressed.
“These (hacks) are all big reminders to us that if we don’t do something substantially different around securing the digital age, it’s going to continue to be a big problem for us,” said McLaughlin, chief executive of security technology company Palo Alto Networks.
It’s also been big business for Palo Alto Networks. In February, the company reported fiscal second-quarter sales of $542.4 million, a 28-percent increase of the $422.6 million it recorded in the same period a year ago. Over the past year, Palo Alto Networks’ shares have risen more than 56 percent, to trade recently at $179.50.
McLaughlin recently sat down at Palo Alto’s headquarters to talk about security issues and how Palo Alto is working to make it easier, and less expensive, for companies to improve their security technologies. His comments have been edited for length and clarity.
Q The recent Spectre and Meltdown bugs involving Intel chips were just the latest big technology hacks to get into the public eye. Have these attacks caused your phone to start ringing more because customers are worried about the security of their products?
A We’ve been studying it to see what the general impact could be. I would say that everyone has been in the mode of getting at what occurred and looking
at all the conclusions of what has happened.
Q
What’s your take on the lay of the land for the security market and how it deals with such hacking matters?
A
The way we have treated security for the last 20 years has mostly been to make it incrementally better and better. That’s fine. But as the cost of a computer goes down, the bad guys are taking advantage of that faster than the good guys. This is a software fight, so bring software to the battle. We’re doing two things around that by bringing increasingly high degrees of automation to the security battle, and software to fight software. When you do that, and those things actually work together, you can move very, very quickly.
Q
You call your approach to security the “application framework.” How does this work, and how is it different from other security approaches?
A
We’ve figured out how to open this platform to third-party developers, so that their innovations can be delivered through this platform, and that lets the customer use whatever is the best thing in the market without having to figure out how to install the next piece of hardware. It’s like an app store for security. It’s part of the evolution of security. We need to ensure consistency in security outcomes wherever data is. Sometimes, that in the network, sometimes, it’s at the endpoints. Sometimes, it’s going to be in the cloud.
Q
From a competitive standpoint, how would you say Palo Alto Networks differentiates itself from others in the security space?
A
We are all about software and opening it up for the customer. No matter where your data is, we’re going to deliver these highly automated rates of prevention with an understanding of where your data is. And we came up with this app store-like idea and said to third parties, “Whatever you’re going to do, just write it as software” and make it simple. When we look at our world, there’s a handful companies we compete with who have any claim to do what we do. And we are the only ones who said we are going to move everything dramatically forward by creating this application framework. It’s going to change everything in security.
Q
And you have a relatively new cloud platform for that?
A
We’re constantly innovating because nothing stands still in security. One of our newest offerings is the Logging Service. Traditionally, customers would log a detection, then go back and ask specific queries against the logs in order to figure things out. But, they usually only log the bad stuff, because it’s really expensive to log anything. What you would actually like to do is use machine learning to log all the bad stuff, all the good stuff, and all the stuff that you’re not sure about, because that’s where it’s going to show its value. We figured out a way to let you log all the information at a very cost-effective way. Because if you can do that at a way that isn’t breaking the bank, the value of everything else is going up dramatically.