Redefining Cyber Security with Arctic Wolf’s Dan Larson and Charlie Smith

00;00;00;00 – 00;00;21;04
Speaker 1
Yeah.

00;00;21;06 – 00;00;30;01
Speaker 2
Welcome to Redd’s Business and Technology podcast. I’m your host, Nigel Heyn. And today I’ve got a really special guest all the way from the USA, Dan Larson. Welcome, Dan. Really great to have you here.

00;00;30;03 – 00;00;31;28
Speaker 1
Thank you so much for having me. Glad to be here.

00;00;32;02 – 00;00;50;01
Speaker 2
Dan, I know you’ve had a massive week doing the, you know, the the world tour, so to speak, and one weekend in Australia, one day in Brisbane. We’re really privileged, you know, and the last session before you jump on the plane. For those who don’t know, Dan Lawson in Arctic Wolf, can you give us a background about, you know, what you’ve been doing, Dan, and what you’re doing today?

00;00;50;04 – 00;01;12;20
Speaker 1
Yeah. Sure thing. So, I’ve been in cybersecurity for almost 20 years now. I’ve been an article for five as their chief marketing officer. Before that, I was at, CrowdStrike for five years. As a VP of product marketing. And before that, I worked at McAfee for a long time, basically, doing all of their new technologies and being more on the, implementation solution architecture side.

00;01;12;20 – 00;01;16;15
Speaker 1
So long time cyber guy. Happy to be at, Arctic Wolf now.

00;01;16;15 – 00;01;22;09
Speaker 2
Fantastic. And for the listeners and viewers that don’t know, Arctic Wolf, can you give the the elevator pitch on what Arctic Wolf is? Dan.

00;01;22;12 – 00;01;45;19
Speaker 1
Yeah. Sure thing. So, Arctic Wolf, is a solution provider that does, security operations. So we really built the company on this idea that, you know, cyber cybersecurity has always had a number of technologies, and it seems like we keep adding new technologies, and the problem doesn’t go away. So our founders had a really bright idea that said, maybe what we need to focus on is operationalising the technologies.

00;01;45;22 – 00;02;02;15
Speaker 1
So we built a cloud based, open XDR platform. And we deliver our solutions on top of that. And we’re probably most known for, managed detection and response. And actually, we just did a big, exciting acquisition. We purchased, silence the endpoint security company, from BlackBerry.

00;02;02;17 – 00;02;09;22
Speaker 2
Fantastic. Well, that’s one of the questions I had. Dan. So can you elaborate a bit on why you did decide to do the acquisition of silence?

00;02;09;27 – 00;02;30;19
Speaker 1
Yeah. So, you know, we’ve been a company now for over 12 years. We’ve done a really good job, building out this kind of vendor neutral, platform where we can ingest data from, you know, your infrastructure, your other cybersecurity tools. And then we deliver that with our concierge, team. Following what we call the the security journey model.

00;02;30;21 – 00;02;51;05
Speaker 1
And we’ve been really focusing on detection and response, and we wanted to take the platform to the next level by adding native, prevention technology on the endpoint. So silence was kind of, you know, a legendary, technology brand, that had that had really strong technology. They kind of struggled a little bit on the go to market side under BlackBerry.

00;02;51;07 – 00;02;57;21
Speaker 1
But now that we’ve, we’ve kind of brought them home, you know, to a proper cybersecurity company, I think, I think we can have a lot of success together.

00;02;57;23 – 00;03;02;28
Speaker 2
And until for the viewers, more about how does that fit into the Arctic wolf’s overarching roadmap.

00;03;03;05 – 00;03;27;28
Speaker 1
You know, we’re constantly thinking about, you know, our mission for our customers is to end cyber risk. And if you want to talk, if you want to have the risk conversation, you have to talk about both, reducing the likelihood of an incident, and then also reducing, the impact of an incident when it would occur. And so coming from, roots in detection and response, you know, we’re really good at reducing the impact after the incident occurs.

00;03;28;01 – 00;03;46;02
Speaker 1
But where the silence technology comes into play is that it really ups our ability to prevent the incident from occurring in the first place. So they come with a really strong, prevention technology. They’ve also really up their game, on the detection and response side of the house. So it’s going to be, core to our platform.

00;03;46;05 – 00;04;06;29
Speaker 1
And I think if you for the existing Arctic Wolf customers out there, we have about, 10,000 of them. One of the main questions we get is, okay, now that you have a native endpoint security solution, do I have to adopt it? Right. Because we’ve prided ourselves for a long time on being flexible while not doing vendor lock in, having this sort of vendor neutral approach.

00;04;07;02 – 00;04;25;26
Speaker 1
And the answer is we’re going to continue to do exactly that. If somebody wants to use our endpoint, that’s fine. It’s a great solution. It’s very performant. I think they’ll be very happy with it. But we are not going to, do the vendor lock in play. We’re not going to force our customers to adopt our new endpoint security solution.

00;04;25;28 – 00;04;48;15
Speaker 1
So that’s kind of the number one question I’ve been getting since the acquisition. And that is, you know, it’s there. We would be we would be happy to compete for the business. And, you know, have have a really strong, Arctic wolf. We are, sunsetting the silence brand and it’s now Aurora endpoint defence. But really, when it comes to the to the roadmap, we we intend or on the product strategy side, we we intend to remain, open.

00;04;48;18 – 00;04;59;25
Speaker 2
Fantastic. You know that that’s one of the endearing qualities of Arctic Wolf. And you know why? We’ve been a massive proponent of that in Australia. Endpoint in itself is ripe for disruption. So talk a bit about that.

00;04;59;28 – 00;05;20;05
Speaker 1
Yeah, this one is near and dear to my heart because I’ve been doing, I’ve been on the the endpoint protection side of the house really since 2007. In my own personal journey, I started, at McAfee, and that was that was a heck of a run from 2007 to, you know, to to 2014. If you go back and look at the Gartner Magic Quadrant.

00;05;20;07 – 00;05;40;05
Speaker 1
McAfee had this, you know, a really strong run. They were the leader in the Garden Magic Quadrant. You know, we thought we were so cool. Now, fast forward ten years and that company doesn’t even exist anymore. Right. So the endpoint market changes all the time. And if you just go back and kind of look at the analyst research, the, you know, I’ll just keep citing, Gartner because it was top of mind for me.

00;05;40;05 – 00;05;59;21
Speaker 1
But, you know, it looked one way in 2014. You look you fast forward to 2018 and you have this whole swath of new players, right? There’s a carbon black, there’s end game, there’s silence, there’s CrowdStrike. And then if you look just a few years, after that, you know, there are 20, 24 magic Quadrant looks completely different.

00;05;59;22 – 00;06;25;08
Speaker 1
So it seems like every five years, you know, this this gets flipped upside down or some new, some new, vendors emerge. And I think there is opportunity right now for disruption because what we’re hearing, more and more from people is that, the, the new tools tend to be, very expensive. And it is no longer the case where, like an outsized investment in endpoint security gets you outsized, outsized cybersecurity outcomes.

00;06;25;10 – 00;06;43;27
Speaker 1
Customers are frustrated by sort of the closed nature of the ecosystem. You know, that that vendor lock in problem, depending on who you’re working with. You know, that can be a real problem. And then they’re still they’re just they’re just too hard to use, you know, especially here, in Australia where more of the businesses are in the mid-market or the SMB sector.

00;06;44;00 – 00;06;54;28
Speaker 1
You know, these tools, they’re just not usable. Right? And people really struggle to get the outcome. And that’s where we see opportunity. And that’s, you know, our plan of attack for disrupting the market is to solve those problems.

00;06;55;01 – 00;07;03;05
Speaker 2
Another question that intrigues me, Dan, is, you know, where of vendors fall short on, you know, their real ability to protect their customers. Can you talk a bit about that?

00;07;03;06 – 00;07;23;05
Speaker 1
Yeah, I can I mean, I think, you know, having been in the industry a long time, working for a bunch of different vendors, I know everyone is, you know, they mean they mean, well, they’re trying hard. They’re working really hard. They’re doing the best they can. But one thing that that I think is, is kind of disappointing for the cybersecurity industry, is the reluctance, for the vendors to be held accountable.

00;07;23;08 – 00;07;44;01
Speaker 1
There’s still very few vendors who are standing behind their solution, with a warranty. And in every other industry. Right. If you get a car, you get a warranty, right? You know, you the new cell phone that comes with the warranty too. And it just it continues to be shocking to me that people would, would make these big investments in cybersecurity purchases and not have any financial recourse.

00;07;44;02 – 00;08;02;27
Speaker 1
You know, back to the vendor that’s, providing the service for them. And that’s something, we’re trying to change. You know, article four already offers the biggest warranty in the industry. And there are other warranties out there, but the vendors make them, you know, increasingly difficult to actually have the warranty pay out, or they have big minimums.

00;08;02;27 – 00;08;22;16
Speaker 1
You know, you’ve got to have thousands of endpoints to get the warranty. I think if I was a cybersecurity buyer, you know, I would be incredibly disappointed by that. Yeah. And it’s like you’re making all these promises. Why aren’t you willing to stand behind them? That’s one thing I’m really proud of. You know, at at Arctic Wolf and I encourage other vendors to, to kind of step up their game in that regard.

00;08;22;21 – 00;08;35;21
Speaker 2
Oh, fantastic. You know, look, it’s it’s it’s something to your point. I love the fact that when you say, you know, you go and buy a cow, you’re going by a phone, you get a warranty. And then like there are questions about now, look, it’s a piece of software or it’s piece of service, you know, how do you make it?

00;08;35;21 – 00;08;52;04
Speaker 2
So, you know, you stand behind your product, which is, you know, a true testament to, you know, the engineering, the passion, you know, the design and software. Absolutely. Love it. Talk me through Arctic security journey. And I guess how is it valuable? What? Why is it important to customers?

00;08;52;05 – 00;09;13;15
Speaker 1
Yeah. So we’ve traditionally been, you know, delivered as a service and our kind of commitment to the customers to help them build a more, resilient infrastructure and to harden their security posture over time. And we we kind of struggled. It took us a while to figure out exactly like, how do you do that? Like, what are the steps on the journey and what are the milestones.

00;09;13;15 – 00;09;40;07
Speaker 1
So I think something that’s pretty innovative that we’ve done is we built out this basically massive library of security projects that we think people should do. You know, either because, you know, like a compliance framework says so or because a security practitioner knows they’re a good idea. There’s things that we know we need to do and what we when we meet with our customers on a regular basis, we’ll go through that catalogue of security projects and say, you know, which one of these is most relevant to you?

00;09;40;08 – 00;10;03;09
Speaker 1
Or maybe, you know, we took the first step in one of these projects last quarter. Let’s verify that you actually did that work. Let’s make sure you know, your infrastructure. Did become a little bit more secure. Let’s, you know, let’s attest to the fact that the work got done. And then let’s take the next step. And what you find is after, you know, a year or 2 or 3 of doing this, the customer is provably more secure.

00;10;03;10 – 00;10;25;20
Speaker 1
So they can go to their boss and say, look at all this work we did. Right? Like we’ve come a long way on the journey with Arctic Wolf and what’s on the cutting edge of this now is we’re finding that, as we make the customers more secure, we can use their progress on the journey, as a form or as a way of attesting to their improved security posture, which then unlocks benefits for them.

00;10;25;26 – 00;10;48;03
Speaker 1
You know, things like reductions in cyber insurance or, you know, other kind of business resilience options. So the security journey for us is fundamental, right? We, we always say like security is not a destination. It’s a journey. And if you’re working with Arctic Wolf, we try to make it really predictable. And, you know, when you have the success, when you complete the project, you should be able to bank the win and you should get something for it, you know?

00;10;48;03 – 00;10;58;16
Speaker 2
Fantastic. I love to hear that, Dan. So talk about journey. Tell us about the M&A journey for the remainder of the year. You know, where do you see the industry A2 or what’s what’s happening in that M&A space.

00;10;58;19 – 00;11;23;27
Speaker 1
Yeah yeah. So you know I think you can look at our our recent acquisition of silence. And it basically speaks to our strategy, which is we we want to start having more native controls on our platform for attack services. Right. So obvious next candidates are things like cloud and identity. And, you know, we’re always looking.

00;11;23;27 – 00;11;46;15
Speaker 1
We’re always looking for other opportunities as well. But the, the, the core concept there is to keep, adding the solutions that we know will really move the needle for customers. Right? Like, as, as threat actors move on, you know, from kind of endpoint centric attacks and they start using identity a lot more now. That’s a much more, you know, impactful security control.

00;11;46;15 – 00;11;49;23
Speaker 1
That would be, you know, good to have natively on the platform.

00;11;49;25 – 00;12;08;24
Speaker 2
Fantastic. The Wolfpack is hunting, looking for the next acquisition, how we can bolster and be better. So Dan, look. Absolute pleasure to have you here in Australia. And thank you for making the effort in time to come and visit us. And, you know, we’re proud as Red to be one of your partners here. And you guys have been, you know, really admirable in protecting businesses and helping Aussies.

00;12;08;24 – 00;12;16;17
Speaker 2
You know, that’s that’s what we’re all about, you know, and then cyber risk is a big hairy audacious goal that we’re passionately want to support you guys on achieving, you know, in our lifetime.

00;12;16;23 – 00;12;23;02
Speaker 1
Well thank you so much. And I’m grateful for you guys for being our first partner in Australia and being a great partner along the way.

00;12;23;04 – 00;12;41;01
Speaker 2
Thank you Dan. Really appreciate it man. Thank you. Welcome to Reds Business and Technology podcast. I’m your host Nigel Heyn. And today I’ve got a really special guest all the way from the USA, Charlie from Arctic Wolf. Fantastic. Thank you so much for coming on board, Charlie. You. Can you introduce yourself to everyone about you know, we’ve come from what you’re doing.

00;12;41;01 – 00;12;43;21
Speaker 2
You know, what your role is at Arctic Wolf please. Yeah.

00;12;43;21 – 00;13;05;14
Speaker 3
First of all, great to be here with you. Boy, it’s a it’s a it’s a long story, but I’ll try to make it short. I started probably 25, almost 30 years ago, dating myself, with a systems integrator. That’s a that’s a really long story, but typical systems integration work. Did kind of a jack of all trades, master of none.

00;13;05;14 – 00;13;18;04
Speaker 3
So I did everything from do inventory there to systems integration to software implementations to sales to pre-sales to post-sales accounts receivable.

00;13;18;11 – 00;13;18;29
Speaker 2
Well, it.

00;13;18;29 – 00;13;38;24
Speaker 3
Was a really small systems integrator, but, it was it was a lot of fun. So that’s where I got my start and then moved to a medical software Start-Up after that. Okay. Was a lot of fun. And then I went to EMC. So typical data storage. But as as you as you know or don’t know, EMC really had a huge storage portfolio.

00;13;39;00 – 00;14;02;17
Speaker 3
Obviously VMware was in that portfolio, document, RSA from a security perspective. So that’s really where I started to broadened out, broaden out my kind of, my IT systems and security, knowledge. I was there for 12 years, eight years as an individual contributor and then four years as a leader. And that took me to ServiceNow.

00;14;02;19 – 00;14;12;04
Speaker 3
So that ServiceNow for four and a half years as a, as a sales consulting, leader and, and then over to Arctic Wolf, where I’ve been for the last four years.

00;14;12;06 – 00;14;14;16
Speaker 2
Oh, fantastic. And today, what your role in Arctic Wolf.

00;14;14;18 – 00;14;23;16
Speaker 3
Yeah. So today is senior vice president of our global sales engineering team on our acquisition side of the business. So I have all of our acquisition and sales engineers for the globe.

00;14;23;18 – 00;14;33;21
Speaker 2
Oh, fantastic. Yeah. A question that lots of people are asked in the cyber space, but I’m keen to hear your thoughts on it. You know, what does making security work actually mean to you?

00;14;33;24 – 00;15;01;06
Speaker 3
It’s a tall order. There’s a lot of people that have been trying to make security work for a long time, and, there’s certainly no shortage of tools out there, but there is a shortage of talent. And I think there’s a and I know there’s a shortage of true security operations. So when you combine all those things, we think making security work is having a good security operations, program in place, to make your security effectively work for you.

00;15;01;08 – 00;15;19;02
Speaker 2
Fantastic. Oh, the thing we’re truly proud of the partnership with Arctic Wolf. You know, you guys have helped protect, you know, so many businesses. And this is the the challenge that we’re all trying to resolve. So I love that, you know, the big hairy audacious goal of Indian cyber risk. It’s something that we’re passionate about. And you know you guys are actually able to turn, you know, the dreams into reality.

00;15;19;02 – 00;15;39;01
Speaker 2
Yeah. In terms of that, like how do you describe what Arctic does in protecting, you know, the PAC effectively with security. Like, you know, if you’re dumb it down to it because we’ve got people that listen to it and watch our podcast, you know, either business owners or technical people or non-technical people like it’s simplified as much as you can.

00;15;39;01 – 00;15;39;25
Speaker 2
Yeah, yeah.

00;15;39;25 – 00;16;03;14
Speaker 3
And this comes down to having the proper steps of security operations. And when you think about what security operations encompasses, first and foremost, we believe you got to have a culture of security within your workplace. And that means having a good managed security awareness program or a security awareness program to help educate your employees. Yeah, your employee base to make sure that they know what they can do.

00;16;03;15 – 00;16;26;13
Speaker 3
That’s a first line of defence to preventing an attack from happening. So don’t click on that link. Right. Make sure that if something somebody calls you up and asks for your credentials, you don’t give them. So that’s that’s first and foremost is educate. You also have to have good proactive, processes in place to make sure that you’re identifying vulnerabilities within your infrastructure and in your environment.

00;16;26;16 – 00;16;52;05
Speaker 3
And if you identify those vulnerabilities, take immediate action to remediate, remediate them as soon as possible. Thirdly, you got to be able to detect, detect, issues if they happen and respond and shut them down quickly. And if something does happen, you know, that you’ve got proper incident response, capabilities to be able to shut something down quickly, make sure it doesn’t spread, and, and take care of the issue.

00;16;52;07 – 00;16;52;25
Speaker 2
Fantastic.

00;16;52;26 – 00;16;53;15
Speaker 3
Yeah.

00;16;53;17 – 00;17;13;12
Speaker 2
You’re quite unique. I’ve got to say, Charlie, that, you know, you’ve had that experience from when I saw, you know, working from, you know, sort of like small i.t internal, I tell you. Right up to now being, you know, part of the one of the most powerful cyber companies in the world, you know, what are the three common challenges you see leaders make when it comes to cyber security?

00;17;13;12 – 00;17;13;25
Speaker 2
Yeah.

00;17;13;25 – 00;17;43;08
Speaker 3
So the first challenge is good and bad. The good there’s a lot of tools out there to help you try and protect an organisation. The bad is there’s a lot of tools out there. So to help you protect an organisation, but that presents a challenge because all those tools, give a person alerting. And that’s, that’s a challenge because you get flooded with so many alerts as a security person or an infrastructure person to have to go in, decipher, try to prioritise what’s important, what’s not important.

00;17;43;10 – 00;18;04;26
Speaker 3
And through all that, prioritise ization, things get missed. And that’s, that’s a problem. And when things get missed, it’s not because people aren’t trying to protect themselves, it’s because they’re overwhelmed with all the alerts that are coming in that they can’t get to them in time, or they just simply over overlook something because there’s been such a volume of alerts coming in.

00;18;04;29 – 00;18;35;28
Speaker 3
And then thirdly, talent, there’s a shortage of cybersecurity talent within the industry. You can’t fill the roles that, that are open fast enough. If you do fill them, there’s a lot of security talent that turns over, from organisation to organisation. So it’s very hard to retain talent. And those are really the top three things that people are challenged with at every organisation, whether you’re a fortune 100 or your, small, medium sized business with 50 employees, they’re all dealing with the same thing.

00;18;35;28 – 00;18;53;21
Speaker 2
Great advice, fantastic challenge. Where do you see the future go, like in your industry? You know, those are saying the shadows of the past predict the future. You’ve had, quite a long. And, you know, great, you know, career path. Yeah. Charlie, in conclusion, I’ve got my one final question to ask you. Where where do you see cyber going?

00;18;53;21 – 00;18;54;19
Speaker 2
You know, it just in general.

00;18;54;22 – 00;19;23;15
Speaker 3
Well, I think one of the things that you’ve seen over the last probably 5 or 10 years, if I age myself a little bit, if you go back to the late 90s, early 2000, you saw the value of data finally have kind of a cost attached to it. And that was because disaster recovery Solutions came into came into being, and people realised that if they didn’t have access to their data, that that was going to be a very troublesome thing for them in terms of how they run a business if they don’t have access to data.

00;19;23;15 – 00;19;45;08
Speaker 3
So you saw a big boom in disaster recovery businesses and, and a lot of people putting money into that infrastructure to make sure that if there was some sort of disaster, they could fail over and have access to their data. Now, I think in the last 5 to 7 years with that ransomware attacks being on the rise, those those people aren’t getting access to their data.

00;19;45;08 – 00;20;12;01
Speaker 3
So again, it’s it’s another issue where I don’t have access to my data. How do how do I prevent that from happening? And I and I think cyber, cyber risk solutions, I think people are starting to take it seriously again. It’s not that they weren’t before, but I think it’s taking on new meaning, and it’s driving people to think about how do they do security operations in a different way than what they did maybe 5 or 7 years ago?

00;20;12;04 – 00;20;30;15
Speaker 3
And I, I would say I always used to say with disaster recovery, people kind of thought about it as life insurance. You know, you had to have something impactful happen to you in your life, or with your data, to make sure that you protect it properly. I think you’re starting to see that type of mentality again in the cybersecurity industry.

00;20;30;15 – 00;20;42;26
Speaker 3
And I think people, are starting to pay attention, to it more and having more of a programmatic, approach to dealing with cyber risk in their, in their organisations.

00;20;42;29 – 00;20;53;15
Speaker 2
Wonderful. Charlie, look, I really appreciate your time. You know, Charlie Smith romantic. Well, if you’ve been, you know, really big supporter and we love being, you know, your partner down under. So, you know thank you. And yeah I wish you safe travels back home.

00;20;53;15 – 00;20;54;19
Speaker 3
All right. Thank you.

00;20;54;21 – 00;21;06;20
Speaker 2
Thanks so much. Yeah.