Netskope CEO Sanjay Beri on Pushing Into SD-WAN, IoT DefenseHow Endpoint DLP and IoT Security Tools Strengthen Netskope's SASE Platform
Netskope has built out a full SASE stack and helped large enterprises secure their physical devices through the recent acquisitions of Infiot and WootCloud.
Founder and CEO Sanjay Beri says the purchase of SD-WAN provider Infiot in August will boost the convergence of networking and security and enable customers to quickly on-ramp users to the firm's security cloud. WootCloud, meanwhile, helped Netskope give customers visibility into IoT and OT devices and effectively enforce policies by setting guardrails around what users can and can't do, Beri says (see: Netskope Expands Into Cloud Networking With Infiot Purchase).
"The reality is people don't really know what cloud apps they're using until they bring us in," Beri says. "Similarly, many times they don't know what their devices are communicating with. And so what we've done with our WootCloud solution is similar to what we did for cloud."
In this video interview with Information Security Media Group, Beri also discusses:
- How Netskope's new endpoint data loss prevention tool fits into the company's vision;
- How Netskope's approach to SSE differs from those of its rivals;
- The potential for job cuts in the face of an economic downturn.
Beri has more than two decades of innovation and success in the cloud, networking and security industries. His unique business sense, technical acumen, vision for the future of the industry and unwavering focus on culture have helped him build a world-class team and iconic company. Prior to starting Netskope in 2012, Beri was vice president and general manager of Juniper Networks' secure access business unit, driving it to market leadership throughout his tenure. He is also the co-founder of one of the world's first data center encryption companies, Ingrian Networks, and has held leadership positions across numerous other security and networking companies.
Michael Novinson: Hello, this is Michael Novinson with Information Security Media Group. I'm joined today by Sanjay Beri. He is the founder and CEO at Netskope. Good afternoon, Sanjay. How are you?
Sanjay Beri: I'm doing well. Great to talk to you, Michael.
Novinson: Thank you for making the time. It's been a very busy summer at Netskope. Wanted to start off by talking a little bit about the two acquisitions that you've made since June. Want to get a sense of what piqued your interest in those companies, and how things have played out since those deals were announced?
Beri: Yeah, it's a great question. 10 years ago, I scribbled on a napkin the goal of redefining the biggest market in security - data network security - and digital transformation, I thought would equal this transformation of how people think about their perimeter. Part of that vision was how do I on-ramp and protect all internet traffic and on-prem traffic, and how to accelerate it. That second part is where the acquisition of Infiot comes in - the release of our borderless WAN piece. We already were known in a leadership quadrant, on the Gartner SSE Magic Quadrant, which speaks to the security services, that as you redefine how your edge looks, but the acceleration part, the optimization part that was where us releasing the Borderless SD-WAN, and next-gen SD-WAN comes in. I looked at the entire market. I got to know Infiot well over a year ago. They were the founders of SD-WAN. Great team, designed the product exactly the way we would have designed it in a modern cloud manner. It became such a great fit culturally, platform wise and modern. That helps us go from SSE - securing the new way people work to SASE - securing and accelerating, optimizing and redefining their on-prem edge. It was a beautiful fit across the board. We have a lot of customers, who wanted us to do this. We're very excited about it. The second is WootCloud - IoT security. The reality is we're the on-ramp for close to a third of the Fortune 100, protecting all internet and on-prem traffic. One of the fastest growing cyber companies in the world, one of Forbes Cloud 100. We just got named Best SASE by SC Awards. One of the reasons is we try to anticipate what our customers want. The reality is that there'll be over 60 billion IoT devices shortly. It isn't just about users, originating traffic. It's also devices - barcode readers, badge readers, medical systems, and making sure that we're the best at governing, uncovering and policing those systems, which are big potential sources of malware. That was a big piece. The exact piece we needed was what WootCloud brought to us. Now both teams and platforms are fully integrated as part of our SASE platform. We're very excited about what we've been able to do there.
Novinson: Let's go into each of those in a little bit more detail, starting with Infiot. Why is it so important for you and Netskope to be able to offer the full SASE stack in one place, as opposed to just offering the SSE organically and then partnering for that SD-WAN piece?
Beri: The reality is that we've always been a company that has open APIs, and we're big believers in the ecosystem. We're not believers that people have one security platform. We integrate with the EDRs, identity providers, SIEM, SOAR and the network. We'll continue to support that. If somebody else has another system, who are we to say that that's not what they should use. First, our belief is open. But in this specific area, the reality is we had a swelling of customers who said, "You're one of the most critical platforms in our infrastructure. You protect our data, our threats, you handle all internet traffic. Half our users are remote; you are a remote solution as well. You're our remote connectivity with new edge - the largest cloud network in the world. You are a network now. It makes sense that you have a thin edge device that can quickly on-ramp people to your security cloud, and optimize things like voice and video which are already helping." I think it was just great input from our base. We also realized that we're uniquely able to tie the next-generation of SD-WAN to SSE. We have that ability to do that and bring together a very clean, smooth, consolidated solution. I've always felt strongly that it's about converging networking and security. This piece brings us the ability to do that to the next level.
Novinson: In terms of the WootCloud piece, given your historic focus on CASB, now expanding into SASE SSE, why do you feel it's so important to have IoT as a part of that?
Beri I always have viewed the world as what is originating traffic, and where's it going? The reality is, where it's going was our thesis. It's going to cloud. We were the first to govern all SaaS, public cloud, the internet, on-prem and beyond. But where's it coming from? Isn't just users. It's devices. And, you know, the reality is, just like people don't know what cloud apps they're using, until they bring us in. Many times they don't know what devices are communicating. What we've done with our solution is similar to what we did for cloud is tell people what's going on, what devices they have, what IoT and OT they have. Now that they know, let them set guardrails, let them police it, let them make sure that "wow, why there is a PlayStation in my building, why is it going out to this rogue site, or why is this barcode reader, badge reader, medical system going out and communicating to a C&C." It's very important as part of our notion of cover all users, all devices, no matter where you are, and no matter where they're going, we got it covered the device part. It was very important for us.
Novinson: Interesting; why don't you talk as well about endpoint DLP? I know you announced an offering there in May and wanted to get a sense of how that fits into the existing security stack you have in Netskope, as well as your vision around SSE and SaaS. Why is it important to have endpoint DLP as part of that?
Beri: Yeah, the reality is, for many of our customers, we are their data protection provider. If you look at some of the recent results from analysts, you'll see they rate us number one on data protection. And some of the largest health care, financial, retail, manufacturing, we are the system that is uncovering and finding PCI and PHI, and IP information. We did that first for SaaS, then we did it for public cloud, the generic web and for email. We're now doing it for on-prem apps, zero trust network access product. And the last piece was, "Well, do all that. Can you just do it on the endpoint too?" When somebody tries to transfer something to a USB or print it, you already know what that content is? Can you help us say, "No, you can't stick that over on a USB that came from a confidential folder?" Endpoint data protection for us, where we define how people do that, it allows you to not have the negatives of endpoint DLP - all the performance, CPU hogging and instead, we did it in a way which I call next generation endpoint DLP, where you leverage the smarts that we have around this data, because we know what it is when it comes from the internet or cloud. You bring those policies to the endpoint. You can efficiently govern how people take that data out of their laptop or computer or beyond. And so just a natural extension, and rounds out being the sole data protection provider for many of the organizations across the world.
Novinson: Let's get into security service edge, SSE. Gartner put out the first Magic Quadrant earlier this year. You were named as one of three leaders in SSE alongside Zscaler and Skyhigh, what's now Skyhigh Security. What's different about how you approach SSE at Netskope versus Zscalar and Skyhigh Security?
Beri: It's a couple big reasons. Our vision since the beginning was SSE and SASE. We feel like now that it has a name. We don't have to explain it. One, we are we feel the pioneers of SSE and SASE. And then the second, when you look at differentiation is many folks take it from the network side or the security side. They're good at one but not the other. The reality is our focus has always been to converge both. If you look at us, one of our big differentiators is, ultimately, what CISOs on the security side care about is their data. I remember this CISO telling me like I get fired if I lose our data, and it's the one thing that matters. My data and my users and that what we're best at - it's finding, uncovering and protecting sensitive data regardless of where it is, and bringing context how people use it. You can have real business policies to protect it. One, the data protection - you look at some of the reviews. Gartner's done some of the ratings, you'll see that our rating is double than what some of the others you just mentioned are. We are known as the best data protection in the SSE market and SASE market. Two is the convergence of networking and security. There isn't another leadership company in the SSE leadership quadrant. There isn't, that has the ability to say, I got the world's largest cloud network with new edge. 15 milliseconds away from anybody in the world. That can bring to bear this next generation of SD-WAN. Their portfolio doesn't stretch to that degree. For us, the data protection piece, and the ability to bring context to what people are doing. We're the modern proxies, what I used to say the Layer 8 proxy, whereas the others are more on the Layer 7 side. They can't see the granularity. Then you bring the data protection on top of that. Then the other big piece is we truly are converging networking and security. We're the only ones who truly are in leadership quadrant for SSE, yet also have the next-gen SD-WAN component and the large world's largest cloud network.
Novinson: We've seen folks get into this SSE in the SASE market from a lot of different places. Netskope's heritage is in CASB. We have Zscaler coming in from SWGs firewall vendors like Palo Alto Networks and Fortinet as well as some from the SD-WAN side. What do you feel is beneficial about entering into this SASE or SSE space with such a deep background and such a deep knowledge around CASB and cloud security?
Beri: If you think about a SaaS app, and think about us as tens of billions of transactions every day going through us and we're governing the SaaS apps. The reality is that the SaaS app is the superset of all destinations you could go to. A website is just the dumb SaaS app. If you think about it, like with a SaaS app, you can do so many things. With a website you can do a very limited set of things. Maybe you can post and chat and blog, but you can't do the hundreds of things you can do in a SaaS app. For us, building the ability to effectively govern SaaS was the superset problem. Then part of our vision was to bring that Layer 8 intelligence, the data protection and the granularities to the web and to on-prem apps. The reason that starting with an inline governance of SaaS was the most advantageous is you're covering the hardest problem, and you can govern the web. You don't need a lot of granularity. That's what traditional proxies, the other ones you mentioned are. They're more like Layer 7 proxies, and so they're not going to help you with SaaS. In fact, the number one rule on those other systems is bypass office or bypass SaaS. That's in practice with their number one rule for cloud is. For us, starting with the hardest problem, and then built the platform to basically cover the rest. That's why our Next Gen Secure Web Gateway is the fastest growing web gateway in the history of secure web gateways. It's because people wait, they covered the artist problem. I see what they've done with web, it works great. Now I can converge web, SaaS, public cloud and on-prem.
Novinson: Very interesting. Let's talk a little bit about the economy. Last summer, you raised $300 million on a $7.5 billion valuation. It's interesting to a lot of industry observers that the next step was going to be an initial public offering. Realize the economy today is very different than the economy of summer 2001. Wanted to get a sense from you of how are you thinking about the next steps at Netskope. You still see an IPO is something that's imminent? Are you thinking about debt financing? How do you weather through this economic storm?
Beri: For Netskope, one of the interesting things about the macroeconomic situation is that, and I remember sitting in front of a bunch of public market investors who came up to me and said, "Sanjay, you must be so happy with what you're built." I said, "Yeah, but why are you saying this to me now?" He goes, "Think about it. Nobody, if you think about the breadth of product you have, the depth, the capital investment to build your infrastructure, there's not going to be another Netskope. There's public market investors. We're not going to fund one. We're not going to invest in one because the bar is too high. The wall is just got bigger in this macro-economic situation. Because the bar and to get to where you are, it's so high now. It's going to take so much capital and so much depth and team like yours is a rare asset. You're a rare platform." One of the things that this macroeconomic situation has done, it has made people want a platform, and it has made people realize that wait, it's very hard to build, what Netskope has done. It's made the investment community realize that too, to say, "Well, it's just not going to be another one of them." What that means is our value has accelerated. It also means they now have customers/prospects calling us has accelerated in this timeframe. It's also meant them now with people who are trying to transform digitally because they want to consolidate, reduce risk and save costs. That's what our platform does, that's also accelerated. We're seeing an acceleration. We have some of the biggest, most marquee, both private and public market investors as part of Netskope. We don't need to go public for capital reasons. The reality is, we would one day. Yes, one day, we will. But, we don't have any need or rush to do it. In today's world, you can build your company faster, better and invest in the R&D you want, I would argue better privately. Stay private until the time's right. When the markets are ready for more IPOs and beyond, then we'll go from there. But for us, we're in a unique situation. We don't need to go public capital reasons, we have some of the best private and public market investors in the world, one of the fastest growing cyber companies in the world. Our growth is accelerating. We're in a unique situation amongst private companies and I'll take advantage of that every way we can in terms of just continuing to pour investment into the platform.
Novinson: Very interesting. One more thing for you. Over the past four months or so we've seen quite a few layoffs in the security industry, particularly among late stage startups, companies like Cybereason, Lacework and OneTrust. They've all made job cuts in recent months. Have you done or are you considering doing any job reductions at Netskope? And why or why not?
Beri: That's a good question. The reality is, we will always have hundreds of openings. What I often tell people is when you scale and as you build your company, you always look and go like, how should I reorganize this to tackle the problem that exists today. For example, we used to be in a digital world, all our marketing had to move to online marketing, because nobody wanted it in person. Now, you're in this hybrid world. So how do we get to a customer is a little different, in this hybrid world. You're not going to maybe do as many of that/rely on that only in person, you're going to have a good blend. You adjust how you go to market. But what I always tell people is separate out what are you doing because of a macroeconomic situation. What are you doing just naturally to adjust to how you want to reach your customer? I always make adjustments in our business. That could involve pouring more into a certain region, going less known events, more digital. Those adjustments we'll always be making. I think it's only right as you grow your company to do that. But on the other side, we're not a company that has seen from the macro situation like, "Our business is slowing." We're the opposite. It's been accelerating, it's growing, we're hiring. I pour investment into product and R&D, we're releasing a new module, probably every quarter. I've given example in R&D. I've hundreds openings, and probably hiring every day, and I would continue that. We're not going to have what you said, because of the macro situation. But I am always very pragmatic around like, "how do we get to our customer in this new world? How do we adjust that? What new roles do we need and beyond?" That's how more I think about it.
Novinson: Very interesting. Sanjay, thank you so much for the time.
Beri: Absolutely. Great to chat with you, Michael.
Novinson: We've been speaking with Sanjay Beri. He is the founder and CEO at Netskope. For Information Security Media Group, this is Michael Novinson.