Trace3 Launches Security Practice, Aims to Make It Biggest Business Unit by End of 2017

Trace3 intends to make its newly-launched security practice the company's largest practice area by the end of next year through a focus on consultative, high-level strategic conversations.

The $500 million company's, No. 54 on the CRN Solution Provider 500, newest business unit will focus on identity and access management, data security, security operations and security strategy, with industry leaders recently hired to run each practice area, said Tony Olzak, Trace3's vice president of security. All four practice area leaders will report into Olzak, who started at Trace3 in August.

"Security needs to be baked in as a foundational aspect for everything you consider from the beginning," Olzak told CRN. "If the business isn't aligned from a strategic perspective from day one, you're just buying tools that sit on a shelf."

[RELATED: CRN Exclusive: Trace3 Hires SIGMAnet Vet For Newly-Created VP Role As It Doubles Down on Security]

Sponsored post

Trace3 already has several people in place with the ability to execute on each of these pillars, Olzak said, and will be aggressively hiring thought leaders and customer-facing sales reps over the next several months. For instance, Olzak said Trace3 is looking to hire 20 to 30 people focused solely on managed security services (Trace3 employed roughly 300 people at the beginning of 2016).

Too many companies today are focused on selling security point products such as firewalls or endpoint software, Olzak said, without any type of broader strategic vision. As a result, many end users own 50 to 70 different tools, but they often aren't fully operationalized or aren't being routinely checked or monitored.

"People aren't realizing the value of the tools they're buying because they haven't developed a strategy," Olzak said. "There's a whole lot of shelfware sitting out there."

Trace3 rarely runs into other VARs with strong security acumen, Olzak said, and more typically finds itself competing against pure-play security solution providers such as Denver-based Optiv, No. 25 on the CRN SP 500.

"Customers are giving a lot of security business to someone by default today, not because someone is necessarily helping them so much that they're winning the business," Olzak said. "We're having a totally different conversation than a security-focused company that's typically brought in after the fact."

Trace3 wants its more prominent security hires to come from a great consulting background and have demonstrated thought leadership in the industry through published writing or being out on the speaking circuit. Olzak said he's found the best security professionals are the ones highly experienced in architecture or engineering around some other area of IT.

"The customers basically demanded that Trace3 build this kind of capability," Olzak said. "We want to come in and really innovate this space in IT."

The new identity and access management program will provide cloud identity services and governance, single sign-on for SaaS solutions and user behavior analytics, while the data security practice will cover data leakage prevention, data rights management, encryption services, database security and application security.

Trace3's security strategy practice will continually review the latest security products and services on the market to design long-term threat prevention strategies for customers. Specifically, Olzak said the practice is focused on helping new Chief Information Security Officers (CISOs) curate the right strategy for their company in their first 12 to 18 months on the job.

The security operations practice, meanwhile, will take a longer view on the industry, focusing on helping end users navigate the skilled worker shortage by automating many parts of the investigation process. Olzak said this mean clients won't need as many high-level security personnel since more junior-level personnel can handle integrating the security data that's automatically being generated.

As Trace3 hires more customer-facing security personnel, Olzak said the company will begin targeting new customers with messaging around the four practice areas, as well as light security-focused workshops that are relevant to their business.

"Security is one of the premier ways to open the door to other business," Olzak said. "There's so much need, and so much mystery, about how people can move forward."