Palo Alto Networks needs no introduction in the world of cybersecurity. In Spain, the multinational has spent years helping companies to face the security challenges that arise and face their digital transformation processes with confidence.
At MCPRO we have had the opportunity to talk with Marc Sarrias, the company’s country manager for our country, who has given us his vision of the current state of the cybersecurity market, the new opportunities that are presented to partners and the challenges that there are in the market.
In this interview, we will find out more about Palo Alto Networks’ strategy in Spain, its plans for the future, its focus on innovation and its commitment to protecting its customers.
[MCPRO] What vision do you have of the cybersecurity market today? I don’t know if we are going from a market that was traditionally very fragmented to a more consolidated one. How do you see it?
[Marc Sarrias] Well, I think what you describe has been a market reality for some time now. The cybersecurity market has historically been a fragmented market and also a market in which new cybersecurity solutions have generally emerged to address new threats.
It has been a market that has always had a dynamic of “hey, new problem, new solution” and that obviously leads you to a fragmented environment. The reality is that right now with the digital transformation, the hybrid workplace or the adoption of the cloud, the level of exposure for organizations is increasing in a very significant way. In this context, it becomes more and more difficult to continue thinking about specific solutions for specific functionalities.
Palo Alto Networks has been embracing the idea of a transversal security platform for more than four years. We have a global platform that is made up of three large platforms, firstly the network security platform and its transformation towards the SASE world to give accommodate the needs of the hybrid workplace and all that is cloud adoption.
Secondly, the cloud security platform itself, which is where I think there is an opportunity, being a much younger market, to really address the cloud problem globally. Here Palo Alto has a complete offering to secure all access to the cloud and everything that runs within the cloud. This implies many technologies and at the same time, a paradigm shift that is based on starting to work with microservices, the DevOps culture, etc. Security has to be embedded in the code creation process itself and it is something in which we are increasingly present.
The third great pillar in which Palo Alto has been betting heavily for some time is the transformation of cybersecurity operations, that is, when you have a very fragmented environment, no matter how much you want to run and transform and evolve towards a platform, that will it takes some time.
In this context, what you have to be able to do is alleviate this very complex situation of having to manage many technologies with a shortage of talent in the market. When the attack surface grows, it expands, the level of risk grows and everything that is detection and response technologies and consolidation of a single platform that we baptized XDR long ago becomes more and more important.
[MCPRO] If we go a little to see how your last year has been, what balance do you make in Spain in 2022?
[Marc Sarrias] Well, I would say that it has been a year of consolidation of trends. What we are seeing in the market is that having a manufacturer that is capable of putting a platform concept on the table, that is capable of simplifying the parts ecosystem, is being appreciated more and more and is being valued more and more.
There’s a general trend in the market and there’s a lot of reports that are pointing in that direction, that customers are really understanding that they need to simplify, that they need to have fewer vendors and more going towards that platform concept.
[MCPRO] If we talk about investment, you recently highlighted that 90% of Spanish companies have increased their cybersecurity budget by 2023. We imagine that much of this investment arises in response to new needs derived from teleworking and hybrid work. What else worries you right now?
[Marc Sarrias] Around 40% or 50% of Spanish companies are increasing the cybersecurity budget and from the point of view of relevance, companies are really being aware that digital transformation entails more risk and that therefore efforts must be redoubled in the cybersecurity part.
Of course, SASE arrives to provide a solution to this new scenario in which we increasingly have more users outside the organization and more applications outside the company’s perimeter. We see that there will be very significant growth in the field of SASE in the coming years.
[MCPRO] What does SASE mean for you right now in terms of business volume, what projection do you have?
[Marc Sarrias] SASE is a growing business environment. Gartner’s forecasts for the next three years point to a market that will grow very broadly, much more than the traditional network security market.
Palo Alto Networks is certainly going to be there to capture that opportunity.
[MCPRO] What other security-related technologies do you think will grow to a similar extent in the coming years?
[Marc Sarrias] I think the area of detection and response is the area that is going to grow the most at the moment, especially in what we know as XDR (Extended Detection and Response).
All organizations have been investing in security solutions to increase their prevention capacity and try to be as close as possible to an absolute guarantee of security, which we actually know is unattainable. Between 0% of total insecurity and 100% there is a gap that is difficult to quantify in which these detection and response technologies move well, such as network detection and analysis, NTA, cloud observability, etc.
It is going to be increasingly important for this detection and response strategy to be consistent, that we be able to bring information from all those environments in which the company operates, to a single repository where we can apply machine learning, artificial intelligence, etc. to be able to discover behavior anomalies, to be able to trace those anomalies and relate them to what happens at the endpoint, what happens on the network and what happens in the cloud and especially in the edge and on IoT devices.
[MCPRO] At what level would you say that the development of AI is in that detection and response in terms of reliability?
[Marc Sarrias] Right now I think it’s possible to delegate certain tasks with precision without adding more complexity, which is what it’s all about.
There are a type of events and alerts that are easily investigated or dismissable and there are other types of alerts or events that can come from artificial intelligence systems where, well, maybe additional research is required to really understand if this anomaly that we are detecting is significant or not in our context.
The more context we have, if we have the possibility of combining the endpoint with the network and with what is happening in the cloud, we will have greater traceability, we will be able to observe the chain of causality much better, relate it better and be able to deliver much more reliable information to the human who has to make additional decisions.
Machine learning and artificial intelligence will continue to evolve, they will become more and more reliable, but of course, the more context and the more related sources we have, the better the diagnosis that it will end up offering us will be.
[MCPRO] Is this complexity what leads to more and more companies that are relying on managed cybersecurity services?
[Marc Sarrias] Yes, the truth is that there is a general trend that the lack of talent, or the lack of the possibility of continuing to obtain the necessary resources to address certain problems is going to cause more and more high-value managed services to be demanded and of course , detection and response is a very clear example where that demand is going to grow.
I think we are in a great technological moment because we can also offer those solutions directly to customers or we can offer those solutions to MDR partners who then offer the service to their customers.
[MCPRO] In your case, how is that equation changing?
[Marc Sarrias] We are seeing more demand from the partner side. We are detecting that there is more and more interest from partners to offer this type of services and we are also seeing more and more interest in being able to do it with a platform approach to simplify what the effort of delivery of that service.
If you do it from a platform perspective with a lot of this stuff embedded within the platform itself, you really simplify the process. delivery of the service and there we are seeing an increase in the demand for this type of service, both from the end customer and from partners who are seeing the opportunity to offer a quality service to their customers.
[MCPRO] What goals do you set for this year?
[Marc Sarrias] I think it will be the year of consolidation of this platform trend that we have talked about before. We are surely going to see how we become a more relevant supplier for many of our clients.
We have clients that are with one technological platform, there are clients that are with two and there are clients that are already going towards the three technological platforms under that umbrella, let’s say, of a global and unified platform.
And of course I see that this trend is going to continue and we are going to redouble our efforts so that the market really perceives us as that cybersecurity provider that can offer everything that clients need.
Palo Alto Networks’ vision is to truly be able to contribute to a world that is safer every day than the day before. This defines very well what we try to do. We want to anticipate things to come and accompany our clients in their evolution and digital transformation.
[MCPRO] To finish, if we look at the threats that Spanish companies receive, the reports that we have seen from 2021, 2022, 2020 were that ransomware would be the main concern for many companies, is this still the case or will it continue? being the case? Or are there other threats that are going to take its place?
[Marc Sarrias] We predict that ransomware will continue and in fact in the last year it has evolved quite a bit. If we remember, in the first instance the attack consisted of encrypting data and asking for a ransom. And for this reason we have seen many organizations placing great emphasis on establishing backup and recovery strategies, in order to continue operating.
Now we are seeing a lot of additional extortion issues that have more to do with harassment of individuals, which have to do more with stolen data and the threat to make it public and charge money precisely to prevent that from happening. I think the ransomware market will continue to evolve and it will certainly be one of the main threats that we will see in 2023.
