ESG's Jon Oltsik talks with Paul Nguyen of FireEye about SOAPA and Cybersecurity. This is part 2 of a 2-part series.
Read the related ESG Blog: SOAPA Video with FireEye (Part 2)
Announcer: The following is an ESG 360 video.
Jon: I'm back with Paul Nguyen, Vice President of Product Strategy at FireEye. Welcome back, Paul.
Paul: Thanks, Jon.
Jon: So when I think of FireEye, I think of incident response, I think of security operations, experience of the people, the experience and the knowledge that they have. How do you take that knowledge, that institutional knowledge and put it into your products and services so that your customers can benefit from it?
Paul: I think mainly, it is always thought of as just incident response but we actually have a pretty wide breadth of services, strategic consulting services, where we help customers build out SOCS, optimize their SOCS. And so if you look at that proactive side plus the response side, I think that gives us unique insights on top of what we have with managed defense. Managed defense is our managed detection and response capability as a managed service for our customers.
So we draw from all those inspirations and built Helix really for the users by the users and some of the best of the best in the world. And so all of those elements have come together in Helix as a unified experience for, again, some of the greatest tech that we have around email, network, and endpoint and with our intel. And the hard part is how do you start to correlate and display that data in a way that's efficient for an analyst to quickly make a decision and take action. And so that's really core to what we've done by drawing from Mandiant from managed defense and from our products and bringing all those together. So I think it's pretty nice to work with the people that I get to work with every day.
Jon: We're talking about people. You know I've written a lot about the cybersecurity skill shortage. You live it, I live it. How has that impacted your strategy? And I know services are a big part of your go-to-market and even skills or staff augmentation type services. So tell me how the skill shortage impacts what you're doing.
Paul: I think that was one of the key premises that you certainly wrote about for a long time and I certainly use as a key driver for my own company with Invotas. And I think just like anything, machines are gonna replace humans for things that are repeatable, that need to scale. And so that's the way we need to meet that, and it can't necessarily be through just services. I think this is where product and software can come in to help drive some of that. I think the first couple of innings of automation were a little tepid. Customers were reticent to adopt automation but that's becoming a lot more mainstream. So we look to evolve with our customers and stay ahead of them as well as we look at driving more automation and concepts of autonomy even where we start to get to automate decision making. So I think that's one of the areas to start to bridge that gap.
Jon: Yeah. So it's professional services, so a person to lean on but it's also autonomous systems, systems that continuously learn and improve over time. That's sort of the design goal?
Paul: Absolutely. And we have with our managed defense. We are focused more on managed detection response. So we'll call it more managed hunting and we reserve that more because we pretty much invented hunting with Mandiant and that's one of the core areas that we know we're strong in so we wanna focus on that. We're not necessarily gonna be a managed security service provider providing more of the tier 1, tier 2 functions, but we hope to build and evolve Helix with all of the telemetry and the data that we have to get to that autonomous model to start to bridge that gap.
Jon: And that's for all types of customers. I mean, you think of services, you think of autonomous systems for the mid-market, but you see that in the enterprise as well.
Paul: I do. Yes. I think the issue is a matter of scale when you're talking about large customers or small customers. And either way, the skill set shortage is tough. You know, it's an employee market now. Employees can leave and make more money somewhere else.
Jon: Seller's market.
Paul: It is a seller's market. So it's a challenge for folks. I mean, even for us as employers, it's a challenge to keep the top talent. So we can only imagine what that's gonna be like. And I think I read a statistic, we're not gonna fill that gap in the next 10 to 15 years.
Jon: Oh, no. I think it's getting worse.
Paul: Yeah, it's getting worse.
Jon: This is real interesting. I think FireEye is on top of the SOAPA concept and building upon that. But you can't help but think of FireEye as the anti-malware sandbox company that sits on the network. That was five, six, seven years ago. But how does FireEye change that perception? How does FireEye communicate to the market that it is a leader in the SOAPA vision?
Paul: I think Helix really is the embodiment of that. It's our first opportunity where we took the chance to take all the pieces and said, "These are puzzle pieces. How do you put them together to make a platform?" And Helix is really the embodiment of bringing all those pieces together, rationalizing, consolidating even in some cases where we had acquisitions that overlap with maybe some of the core capabilities we already had. So we're rationalizing it. But it's really about making things easier for our customers. How do you create a platform that allows them to get faster time of value, less friction for them to derive value from the product? And we want to get customers up and running in minutes, not in hours or what we see with some customers who try to stitch it all together, could take days, weeks, months.
Jon: Easily. Yeah.
Paul: So trying to eliminate some of that and giving them a best of breed capability for the individual point products but brought together in a platform is a key for us. We all have dimensions of the security operations problem so we're just trying to fast forward and say, "Look, we have the best portfolio. Let's bring it all together and serve her as a security operations platform for our customers.
Jon: So what's the future for SOAPA, not just in the industry but for FireEye as well?
Paul: Yeah. SOAPA is near and dear to my heart, obviously.
Jon: Oh, that's good. We love to hear that.
Paul: It's been years. I think we've been fighting the good fight. I think SOAPA is the future and the reference architecture that we should all model ourselves after. I'm just gonna try and stay ahead of everyone else. And using some of the...you know, we're a security company. So at the end of the day, we have a lot of security data that we can leverage to really power the platform. It's not just a framework. I think that's where you'll continue to see us invest is getting more and more telemetry in the ecosystem and being able to drive the platform from more of an intelligence standpoint.
Jon: And if I can just...judging by what you said, it's smarter analytics, it's more autonomy and it's some added services to help people where they're struggling.
Paul: Absolutely. Absolutely.
Jon: All right, Paul. That's great stuff. We appreciate you coming.
Paul: Thanks a lot, Jon. I appreciate it.