Like to risk big? Then start saving on security. Businesses become more and more digital: companies go online, adopt remote work, etc. But becoming data-driven also makes them more susceptible to risks. You need nerves of steel to deal with it. However, there is also good news. Vladimir Lavrov, Head of Softline Cybersecurity Department, is sure that any IT asset protection task can be solved without running out of budget— and even making savings in the long-term prospect.
Security unseen to the world
— Vladimir, how was the end of 2019 for Softline? How did the market and the structure of our sales change?
— The previous year was very successful for the Softline Cybersecurity Directorate: the services turnover grew by 30+% (and in regions, the growth was even faster). As you may know, Softline Cybersecurity Directorate includes the Cybersecurity Department from Softline and the Infosecurity company. Together they form an integrated cybersecurity service provider. Cybersecurity software distribution is managed by Axoft.
Today, services comprise 25 to 30% of the total turnover of the company, and Softline holds about 5% of the cybersecurity market, which is the highest share compared to competitors. In 2020, we plan to reach 6%.
Services, including those related to cybersecurity, cannot be developed without increasing the sales of comprehensive high-tech solutions. Due to this reason, we implemented 9 SOC-as-a-Service and 10 DLP-as-a-Service projects in 2019.
— Some people say that despite these achievements, Softline is still not perceived as a cybersecurity system integrator. The company is still considered a software reseller.
— This refers not only to cybersecurity but also to other areas, but the situation is changing quickly. Our company really has strong mass-market sales systems and dozens of thousands of customers, which is an important competitive edge.
However, our main priority is the development of industrial expertise, strengthening the work of account managers in all regions, the growth in service projects, including those related to cybersecurity. Every year, we implement many complex integration projects. Softline has solutions for both remote work and on-premise work; we work in all environments and with all tasks related to infrastructure, compliance, applications, and big data.
The remote work format often makes access to corporate resources a vulnerable point in the security system. This is a major challenge for many companies that realize the importance of protecting their network connections, applications, big data, internal and external perimeters and want to prevent phishing, attacks on corporate resources, and employees' workstations.
We solve all these tasks for customers and we are less often perceived as a reseller. However, security is a sensitive area, and customers rarely permit us to tell us about their projects, so we seldom publish success stories. We maintain an internal portfolio of projects implemented by our department, but only 5% of them are permitted for publication.
Services at your fingertips
— Managed services save the time of employees and customer budgets. What are the other pros of such solutions?
— Another advantage is controlling customer personnel. Valuable in-house employees may suddenly leave the company. This is a risk to be taken into consideration, so it is much more reliable to purchase a contract for managed services like data leak prevention. The provider may also add supplementary services (e.g., a lie detector for employees) that are rarely implemented within the customer company. This considerably increases the system reliability. Moreover, the service under the contract will be always available, so you do not need to worry about employee dismissal or unforeseen staff, infrastructure, and operational expenses.
Softline offers subscription-based services for all cybersecurity areas. This is especially important because the amount of cybercrime, including personal data theft, has increased by 35% compared to the previous year. Companies need to strictly comply with applicable legal and regulatory requirements, which demands investment in cybersecurity. Managed services make these tasks considerably simpler.
Pushing the boundaries... of cybersecurity
— What is the core of Softline's cybersecurity business beyond Russia?
— We maintain global cooperation with two strategic partners: Microsoft and Kaspersky Lab. We develop our business in Argentina, India, Vietnam, and Malaysia. We also strengthen the Positive Technologies business abroad. There are some solutions that are always popular: Palo Alto, Check Point, and others.
Our plan is detailed by countries: every branch is responsible for its local business and its costs. We have ambitious long-term cybersecurity plans in APAC and Latin America. The countries of the CIS—Belarus, Kazakhstan, and Azerbaijan—are also implementing complex cybersecurity projects.
Softline engineers have already implemented impressive service projects beyond Russia, but, unfortunately, they are prohibited for disclosure.
— If we compare Russian companies from strictly regulated industries (e.g., banks and industrial enterprises) with Western counterparts, where is the situation with cybersecurity better?
— Many Russian companies meet global standards or even exceed them, but on average, the Russian market is three years behind the Western one. The IT industry maturity level in the West is much higher. However, some poorly protected companies can also be found there.
When speaking about compliance, Russian requirements are similar to global ones. Today businesses are more motivated than before: they want to actually protect their environments instead of formally collecting the required documents. To meet this trend, our specialists are preparing a package of industry-specific solutions.
— Let us ask a standard question about cybersecurity trends. How are they changing nowadays?
— The latest trend is that large businesses, like banks or retailers, transform themselves into multi-profile technology giants. They work mostly online, which entails new risks. To keep their business running, they implement infrastructure perimeter protection systems at all levels.
This is a pervasive trend: the more digital is the world, the more vulnerable it is. Attacks become more dangerous, cheaper to execute, and more sophisticated. It is not surprising that cybersecurity costs keep growing: in most companies, they comprise 6 to 10 percent, or even up to one-third of the IT budget. However, our advice to you is that if you work with experienced partners, you will be able to reduce costs and stay confident in the result.