B2B Tech Talk with Ingram Micro
B2B Tech Talk with Ingram Micro

Episode · 5 months ago

The “As a Service” Revolution: How CISCO Can Help Your Organization Pivot

ABOUT THIS EPISODE

In this world that we live in, it’s more important than ever before to ensure that you’re protected from cyber threats.

And as the world’s workforce pivoted to a work-from-home model, and are now attempting to begin to migrate back to the office, cyber criminals are looking at a plethora of chances to steal data.

From home routers to out of date machines, the supply chain issues caused by COVID have hit us all.

But on this episode of B2B Tech Talk, we sit down with Eric Kohl, Frank Lento, & Dan DeSantis for a chat about the state of the Cyber Security industry. Some things we talked about:

- The state of the cyber security industry as a whole

- What CISCO is doing to help partners in their ecosystem

- New and emerging trends in cyber security that you may not be paying enough attention to

- How CISCO and Ingram Micro are helping companies pivoting to the “as a service” model

To join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalk

Listen to this episode and more like it by subscribing to B2B Tech Talk on Spotify, Apple Podcasts, or Stitcher. Or, tune in on our website.

...you're listening to B to B tech talk with ingram Micro, the place to learn about new technology and technological advances before they become mainstream. This is the Cisco edition. Taking your business A level up. Let's get into it. Welcome back to be to be Tech talk with ingram Micro. I'm your host for today's episode Logan Lyles and I've got three amazing guests today. We've got eric cole vice president of cybersecurity and data center at ingram Micro. We've got frank lento, Managing director of global security channels, partnerships and ecosystems at Cisco and dan de Santis director of C. So advisors at Cisco Gentlemen welcome to the show. So great to have you today. Nice to be here. Thank you very much, awesome. Well frank, I want to kick things off with you. I'd love to hear from you about the state of cybersecurity within the channel really. And some of the new things that Cisco is doing to help partners right now, given the state of things Well, thanks Logan and I have to tell you a security channel. And our partners have been extremely busy working with Cisco, you know, not only prior to Covid, but especially during Covid and now as we enter some of these different and changing areas um as Covid continues, but we focused with our partners in our channel on growing the Cisco security business without joint customers. And we've grown the number of partners. And this has been pretty interesting that Cisco has about 12 solutions within our security portfolio and we've been able to grow the number of partners who sell eight or more of those solutions really significantly over the past two years and that's key for our partners um and our channel because it provides the partners capability to position a big and robust security architecture with with our customers and their customers.

And it also increases the size of the security opportunities and provides customers with a really strong security posture. So this has contributed to our partners growing the Cisco security business in their own businesses by double digits over the past year. So we've been pretty excited about that. And from a perspective of adding value to our hopeful value to our partners, we've also delivered simpler partner incentives with a real true focus on growth across the security portfolio. And we've also added in the capability to achieve additional incentives and success with cross architecture incentives because we see cross architecture becoming much more of a customer demand over the past 18 months. And then lastly we've tried to provide partners with some simple and better tools and playbooks for solutions such as sassy. Cisco secure X zero trust than detection and response. And these are all available for partners sales and engineering teams. And then on the largest scale basis we provide our partners with a secure ex partner academy from Cisco and also as Cisco Advanced threat Solutions University and those are loaded with on demand trainings and capabilities for partners to really keep up to speed on the latest investments we make at Cisco with our security solutions so they could be at their best with their customers. Yeah, absolutely. I we like our training just like we like our netflix series right now on demand right? And I think that that carries over for everybody, you know erIC I've heard that you know frank was talking about some double digit growth in different areas and speaking of growth I've heard some about some incredible partner growth in the last several years. Can you talk about a little bit about the strategy that that's led to...

...some of that success and what you've accomplished with with that strategy here in recent years? Sure. I mean starting at the highest level everything we do rolls up to our cybersecurity strategy and it's it's pretty simple. It's been in place for a number of years and it says we will help our business partners to be more profitable, more proactive, highly trusted security advisers and we do that in a number of ways from you know, and and services and support throughout that sale cycle, whether it's pre sale services or assessments to drive demand to building comprehensive multi vendor solutions to implementation services and even post sale support. I think our success is driven from a combination of many things, engagement with our partner communities like Trust X alliance and SMB Alliance and Cisco does a great job engaging with those communities. We've got a strong tenure field sales organization, strong technical enablement teams and a couple years ago we created our very own cybersecurity Delta Force which is really focused on partner enablement for key and trending technologies. They even take a vendor agnostic look to focus on key technology areas like identity and access management or Sozzi and Zero Trust, which are, I'll say the talk of the security town these days and the result is look, we built a multibillion dollar security practice in the U. S. I'm super proud of the team and the performance and ultimately at the end of day frank was alluding to a lot of the great things that Cisco does and a lot of the assets and folks that they have to help the partner community ingram micro just wraps around that were an extension of their channel team ultimately to help the apartment community to sell more in demand cybersecurity technologies. You talk about the Delta Force team, we've had members of that team here on the podcast recently and I just I love that name every time I hear it. Um and that team is doing some really cool stuff with a really cool name to back them up as we look forward from here dan, I want to turn it over to you. Are there any new or emerging trends in cybersecurity that people really aren't...

...talking enough about right now. We heard a little bit from frank earlier about some of the things that are on the table and things are People are thinking about, what are some of those things that you think and you're starting to hear a little bit about. But in the next 6, 12 months we're going to be hearing more about soon. Yeah, I think I would, I would characterize what's going on right now is really just an awakening even all the way up to the board level of something many of us who have been insecurity for a while I've been talking about And this includes things like 3rd Party risk. We learned a very painful lesson across the planet with solar winds, no disrespect to solar winds, but that was a wake up call that the supply chain can be profoundly disrupted and have a big impact on the business and if you think about serve amplifying that to other players in the industry. Solar winds is relatively small, but the implications are rather large. So I think a lot of what we're looking at now is is sort of this awareness at other stakeholder levels and other board level levels about things that the organization needs to be thinking about relative to security. I think for the first time ever, a lot of folks are seeing security as court of business and mitigating risk as court of the business and essential for business resiliency. This is why we're seeing a lot of ransomware tabletops that aren't necessarily technical tabletops, for example, here at Cisco, our intelligence team caliphs is not just helping organizations with the sort of the technical aspects of incident response for ransomware event. They're actually coaching executives on. Okay, what are the communications policies and plans and procedures? How do you orchestrate this maneuver across all the other business stakeholders? So that that kind of building of muscle memory's supporting reaction to those events is sort of new, more mature...

...organizations, more mature verticals, for example, finance, it's kind of tried and true, but in other, less mature organizations are less funded organizations. They want to help health care is a good example of that just in the conversations that my team is having with many chief information security officers. The other hot topics right now are and again, this is I think just an awakening around def sec ops and shifting left with co development, really kind of baking security in at the forefront of application design. The more that we can move security towards data and application of the better. And I think now finally, in the hybrid world that we're all revolving and especially post covid trying to move more security controls towards end user compute I don't control that home router that you have and it's certainly not an enterprise caliber router and all my security controls and run books aren't applicable anymore. So to make sure I have the visibility at the end user compute level as well as up in the cloud wherever the data and applications set. So this is something we're hearing a lot from customers and I know Cisco is designing to support these use cases along with much of the rest of the industry and certainly working with great partners like ingram to make sure that our customers are secure is absolutely the norm there with new things to think about with the hybrid work environment and more, more companies, you know, going back to the office but not going back to the office in the same way and not going 100% back to the office with 100% in the office work dan, you mentioned especially some less mature vertical markets or industries when it comes to cybersecurity versus finance, it's more mature health care. Do you have a sense from, from your teams, in the conversations that you're in? What are some of those industries that are seeming to mature faster right now on...

...the pendulum when it comes to cybersecurity, are there are a few of those that are kind of hurrying to move to maturity more quickly than others right now? Well, I mean, I think finance, they have at least in their eyes the most at risk, right? I mean their crown jewels are ultimately the assets, they have, a really good framework of understanding what are critical assets, we talk about crown jewels and other organizations I think are struggling to keep up in that area, but a lot of it's also sort of the dynamics of the vertical, if you look at manufacturing for example, and I'm based in Ohio and over the years have known many manufacturers and a lot of it's the model, the organizational model where you have plants that have their separate PLS and their separate budgets. And there's this sort of decentralized model of securing the organization and in those instances, securing the OT environments and the tea is becoming a big threat factor. Right? So part of, I think what we're starting to see, at least in organizations that are maturing, when I say maturing, that means that they're sea levels there, Sissoko's typically have found a way to curry favor at the board level. In other words, they're gaining influence and the reason that awareness that this is this is the colonial pipeline example in the energy sector where, hey, here's what can happen if we don't take this seriously. It's not just a matter of reputation in the case of colonial and not to single them out. It's taking half the country down in terms of our ability to provide natural gas and oil and that's a massive disruption that has nation state implications. Right? So other manufacturers, they're trying to think they get their arms around. Okay, well wait a minute. That's a, that's a really important case study. So what we're starting to see is this influence of, of CSOs in various verticals, finding a way to resonate with the border and take security to a business level conversation. And so while we can say in general, certain verticals are less mature even within some of those...

...verticals or some of them are rising to the top even in health care and I won't name names here, but I mean I know of healthcare energies there really taking it seriously by the way some of them have been breached and a lot of them have learned from a breach that okay, never let a good crisis go to waste and they are available in their games as a result of that. So, but you know in general finance has traditionally always set the bar because they have they believe the most at risk. Yeah, absolutely. That ties to things that we see out there in the news right now in comparison with manufacturing, makes a lot of sense there, dan frank, I want to turn it over to you. Speaking of things we've talked about on this podcast before, we've discussed a good bit the shift to the as a service model in almost every area of technology. I'd love to hear from you and maybe eric as well on how Cisco and ingram are accommodating partners in this area since it is an area of continued growth for partners as we look forward a little good thanks. Well, you know, one of the big values of ingram as a company is they're just so big globally and we have such a great partnership with them throughout the world where we have our products and solutions that are offered to our partners for capability to sell in a managed service as they like or put into a security operation center three that come off the top of the head here are our umbrella product and our do a product and an amP product. And what we do with ingram is we work to position those products for the partners so that they understand the value in the product itself and the different ways that it could be leveraged for offerings for their customers. And one of those offerings would be as a service. And what ingram does so well for us is they promote that capability with their partners for us as well as we promoted...

...to a larger base and as I said before, what we get the lift out of that for our value is the scale that can be provided by ingram. So we have these offerings out to each of these partners for and as a service offering to each of their customers as they like. Eric do you have anything to add to that? I'll jump on that to frank you know, and I'll tell you it's probably one of the top initiatives that we see across the vendor landscape is helping them to accelerate different business models ultimately, so that however, that client wants to consume the technology, we have a means to be able to transact that way. So whether that's a piece of hardware appliance, whether it's an annual subscription, how can we chunk that up into monthly recurring payments and how can we do it automated like umbrella, you know, in cloud marketplace solutions. And I'll just add lastly, it's big platform vendors like Cisco are on the acquisition trail. Right? And so you know, that's the role that we play as you bring new technologies to bear and to market, we want to help you to protect and maximize that investment. Will use our data to look through the partner community and say, where's the opportunity for cross sell up sell. But just as important, hey, we've got to get this model up and running so that people can consume it monthly or pay annually or as a service as we've been talking about. Yeah, frank, I'd love to hear more from you two is kind of bouncing back between you and eric on on both sides would have been some of the benefits you and your team have seen by partnering with ingram specifically for your security portfolio awareness, kind of touching on something you mentioned a little bit in the open. Well, that's an easy question to answer. So Logan, thank you because of the value that that ingram brings to us as as partners. But ingram, one of a couple of points I'd like to make here because they have a very robust model that we leverage and that they then leverage with their partners...

...but ingram hasn't always on enablement offerings which include the Cisco virtual learning portal that's an online resource containing thousands of hours of on demand trainings and webinars, videos, blogs and so much more. And partners can use and utilize the Cisco virtual learning portal to not only educate themselves on the latest Cisco secure portfolio but also on the solutions that we wrap them around, such as sassy and hybrid work solutions and then how they can leverage those to be utilized for their end customer security opportunities. In addition, ingram's Voyage partner tool provides customised guidance for partners on how they can expand and enhance their Cisco business. So this is a great value for Cisco that ingram puts on the table like no other and it includes their security practice utilizing our security portfolio. So that's a really great way for both of us to be successful together. And then ingram also has what are called the business transformation centers and these are both physical and virtual sandboxes that are supported by Cisco dedicated engineers and available to all the partners for assistance with security demos, trainings and hand on exposure to Cisco products like our Cisco secure firewalls. Well frank, I love to hear all the great things you share their, about the partnership dan, I want to turn it over to you on a common term that's being talked about a lot lately. The zero trust security model, frankly some Csos hate this term or at least I've heard. But Cisco has placed a lot of emphasis on this lately vulnerability management is growing, which is why Cisco has acquired kenna and integrated the secure X platform. Can you tell us a little bit more about this and why it's important? Yeah. So zero Trust is uh, you know, obviously...

...this is something that is getting a lot of traction. Things like the executive order at the federal level level are, are really drawing our eyes to the need to not trust and so getting to your point, there are a lot of systems that and I can think of a few that I've met recently where they don't want to walk into the room with a bunch of other executives this, I don't trust you. So in some instances I no one says so they've actually branded their Zero Trust program as the name of the company will call it Acme, inc trust, acne in trust. But there are many other I think I just hosted a panel this morning Logan with a number of systems here in the Fortune 500 and a lot of them were of the mind that at least privilege access or d perimeter ization is a more applicable term. We're never really going to get to zero trust. It's in the words of one of the systems I've met, it's sort of this ascent topic curve where we're trying to get there and there's lots of different things we can do their coarse grained and fine grain to ultimately get there for sure. But it is clear that every organization that were talking to at Cisco and of course that we're partnering with with you on is understanding the value and I think Covid really shined a light on this because clearly with a hybrid workforce model and less security and the inability to really track identity and assets or not have the same controls any ways to do that. A lot of folks are saying, hey listen, we have to adopt this model and push it out not only to our workforce, but as I mentioned, I think earlier in terms of some of the things on top of mine, supply chain risk, third party risk is big. And so just the notion of trying to apply a zero Trust model to your value chain or to your supply chain is getting a lot of attention with a lot of the executives that we're talking to on the, so zero trust is here to stay.

Others will call it what they may. But we're all trying to get to a point where we have a much better grasp of who and what are accessing critical resources and that they're supposed to be in allowed to. And so really, I think that's part of the spirit of what Zero Trust is all about on the vulnerability management topic. I think kenna is a very important acquisition for Cisco because it really changes the conversation to risk? Listen, we're not going to be able to patch our entire environments. We can't patch everything. It's just not realistic and there's compliance is important but there's much too much importance on that placed on checkbox and compliance versus really risk mitigation and then optimization and prioritization really Canada is all about that. Hey, let's figure out which vulnerabilities are most likely to be exploited. Where am I going to get the most bang for my buck? Because one of the other things that's kind of moving in this stream is there's not a lot of talent out there. Even the large organizations are stretched to get good talent so I have to optimize the resources that I have. So can it helps really solve a problem here around let's focus on the important vulnerabilities in our organization. Let's focus our team on patching those because that's the highest likelihood of my organization being breached and it has the most impact on my organization but allows me to get the most out of my team then if I marry that with intelligence, if I marry that with security orchestration and automation, a lot of the things that we're doing with secure X for example, then all of a sudden I've got this powerful combination of orchestration Autumn. Ization prioritization and visibility that we believe is going to help system does really get more out of their teams and be more effective at their jobs. Yeah, frank. Do you have anything that you want to touch on there, whether it's related to the Zero Trust security model or um can a secure X. Yeah. Well thanks and thanks dan. I have to say, you know, I'm, you know, I'm the global...

...head of our partner security sales organization at Cisco as we discussed and one of my responsibilities is to help make our offerings consumable for our customers and sellable for our partners. And sometimes what we do is we package that in so whether it's called Zero Trust or something different and yes, we call it Zero Trust. What we do with partners is we we really work with them to ensure that they understand how they can position the solutions that Cisco offers as an architecture to their customers. So I mentioned before we want our customers have a very strong security posture because our customers are asking for that now, they don't want a strong security point in their environment. They want the entire architecture to be very strongly protected. And when you look at Zero Trust, it's actually comprised of different elements of Cisco solutions and offerings that when built together for a customer, you can have duo for M. F. A an umbrella for DNS and other different solutions in there and the value that they bring as they actually are the integrated. So they actually know what each one is doing if if one season issue would make sure the other one knows that there's an issue that's been seen so we can re mediate and have faster detection and response. So it may be called zero Trust, but we do it for a reason. It's very similar to what we call another initiative. XDR accelerated detection and response. Right. Very similar. It's built up of components of our security solutions that build that architecture of security for our customer that gives them that strong posture that they're moving to in the environment today, Logan if if you don't mind, can I add just something frank starts there? Because I think there are some great great points that he made. You know, the great thing about working here at Cisco is that I get to interact with a lot of our internal team. In fact, this morning I helped host a panel with our...

...internal information security team. So these are the folks that secure Cisco And Cisco has really, really leaned heavily forward on zero trust adoption. So it's important for a partner like you to hear. And I think this is important for our customers to here is that we're drinking a lot of our champagne. So much of what frank just described. Hey, listen, we're practicing what we preach and you know, there was a time here at Cisco and I go back to 2000 and seven where we weren't adopting a lot of the the technologies that we acquired and sold to our customers, that's changed dramatically and we're protecting Cisco source code, we're protecting customer data, partner data with our zero Trust methodology. So this isn't just Cisco trying to assert itself as a thought leader in the public. This is hey, we're protecting our crown jewels with this approach and using a lot of the same technologies that we're selling and partnering with. So hopefully that helps and dan makes it does make a good point. And by the way, dan I like the way you up to our viewpoint, we drink our own champagne. We used to say we eat our own dog food. But as individual employees in the company, we do an awful lot of pre work before we get these things out to our partners into our customers. And one of the other key factors is with a partner like ingram they position this type of architecture, play with their partners to along with us. Right? So again we call it zero trust. If that evolves to a different name, so be it. But the context of what it is I believe is still the same. Yeah, I think the delineation that you guys are both echoing is an important one and I think that I appreciate the clarity that both of you have brought to that dana and frank. Well, we've got to round it up to ask each of the three of you the question that we ask every guest here on this show and that is where do you see technology going in the next year? If we're on this podcast...

...again, 365 days from now, what do you think has been the single biggest change evolution in the technology landscape between now and then dan, Let's kick it off with you. Where do you see technology going in the next year? Yeah, So so I think a lot, I mean there's gonna be things like machine learning that are out there certainly there will be more adoption of machine learning and I like that term versus AI I think we'll see more of that. We're going to see more cloud adoption obviously as a service models are going to be consumed more because folks have figured out, hey listen, this makes a lot of sense for organization and it's it's what sort of the key words to this, our agility and elasticity when that we've learned post covid is agility and elasticity resulting resiliency for the organization and the ability for that organization ultimately to adapt. You know, it's funny we used to sell a pandemic license at Cisco for any connect and that we mothballed that license because folks are saying, oh, there's never going to be a pandemic, right? Let's call it something else. Well, we're living in a new normal now. And so I think a lot of, a lot of what we're going to see over the next year really has just increased adoption of that agility. A lot of organizations have realized that agile is good and that's going to be a common thread, not only in terms of what we see in terms of security architecture and security operation models, but also going into other things like def sec ops and building applications and securing data is building this sort of agile model, which some organizations we're talking about, the ones that were serious about that we're the ones that were most equipped to deal with extreme events like covid and other interesting things that happened along the way like the half name event and solar winds among others. So I don't know that we're going to see any major shift in technology necessarily over the next year. But I think it's just more of the same post Covid and the realization that that's a good thing and it makes us more adaptable. Absolutely anything...

...that makes us more adaptable in these times I think is is a good thing. Very much needed frank. Same question to you. Where do you really see things going over the next 12 months or so? I think from uh, and and thanks dan, I think that was a good descriptor there. I think that one of the areas we're starting to see change in isn't so much into technology to dance point, but it's in the offering and the presence of the technology, right? It has to be simpler for partners to be able to transact the security business, it has to be easier for customers to be able to adopt it and with that we have a lot of different areas that we're focused on with new routes to market, where security wasn't truly positioned before for partners to sell from and from customers to buy off of where it is now. And a great example of that is ingram's robust marketplace that they have for their partners where I don't know eric, I think maybe a year ago it was probably a third or a quarter of what it is today. Maybe I'm a little off on that, but it's so robust now. But the whole point is the platform is so structured that the capability to add to it now is not one that is a whole new herculean event. It's just a process where you just add more to these different marketplaces. And then lastly, I think we'll continue to see some of the things I mentioned before because we're getting a lot of pressure from customers on really positioning what we call the security architecture or a blueprint for their entire environment and really focus on how we tune our security products into that posture right, to make sure that firewalls are configured appropriately for compliance and policy and taking advantage of all that functionality. Whereas yesterday a lot of people didn't bother to go too deep on some of those areas now it's a focus and it needs to be addressed and it needs to be continually monitored. So I think to dance point from a technology...

...perspective, we'll see some change, but the keys around it are how they use the technology now and then how they adopt the additional functionalities and capabilities of the technologies to ensure they really layer that security and safety value for them as a company for our customers. Really, really well laid out there frank. I appreciate that. Alright. ErIC, no pressure but you're bringing us home today sir, I'll do it in one word faster. So on top of what, you know, dan frank's just faster, right, faster adoption, faster implementation, faster in terms of helping to monetize the acquisitions that they're making and bringing those technologies into the platform and getting into it as a service world, ultimately faster to detect and respond the bad guys are going to get in. We got to find them fast and get them out. I love that fast on on all fronts. We won't go fast and furious, but Logan, I just want to chime in on what ERIC just said there because you know, prior to Covid, I met with a lot of CEOs and a lot of CSOs and I would hear them say, you know, listen, we're a cloud first company and again, I think a lot of organizations got to come up and win. Covid hit and if you really were cloud first, you're leaning forward in not only cloud adoption and being more agile as a result of that and other things like zero Trust positioned you to adapt quickly and fast to eric's point. And so the good news is that we've got great partnerships like you folks, folks that are on board with helping support our customers there. But I guess my message to other clients out there, put your money where your mouth is and if you're going to say your cloud first and be serious about it because we all know that it pays dividends, especially when big events come along like a pandemic. Absolutely. All right. Eric just one more question as we round things out to make sure that every, you know, action will nugget that you frank and dan share today that people can take action if they want to learn more or get engaged with the right team. Where would you point them to, to take action based on...

...the things we talked about today? Yeah, sure. I guess I'll ask you to put these in the show notes for us but we've got Colin rowan at ingram micro dot com. We've got our Cisco c V L page out on ingram micro. Imagine next and for anything and everything you want to learn about our cybersecurity practice and services that can be found at security line card dot com. Perfect. Make it nice and easy. We got three options for folks right there. Thank you for that. Eric really appreciate your time as well as yours frank and dan. Thank you so much for what you guys added to the conversation today for everyone listening. If you liked this episode or if you have a question, you can join the discussion on twitter. Look us up at ingram tech soul. That's ingram T E C H S O L. You can also find us with the hashtag B two B tech talk as always, thank you so much for tuning in and subscribing to be to be tech talk with ingram Micro. You've been listening to B B tech talk with ingram Micro, Cisco edition, taking your business A level up hosted by Kerry roberts. BtB tech Talk is a joint production by Swedish media and ingram Micro to not miss an episode. Subscribe today in your favorite podcast platform.

In-Stream Audio Search

NEW

Search across all episodes within this podcast

Episodes (395)