Accenture has landed the founder and CEO of next-gen anti-virus player Invincea and tasked him with growing the company's portfolio of security solutions delivered as a service.
The Ireland-based company, No. 2 on the 2018 CRN Solution Provider 500, has tapped Anup Ghosh to fuse together siloed third-party security products and Accenture's organic threat intelligence capabilities into a single platform supported by the company's own analytics engine.
"I was pretty blown away by Accenture's capabilities and talent," Ghosh told CRN exclusively. "What I bring to the table is the ability to innovate without being product-specific or vendor-specific."
Ghosh started June 6 as a managing director at Accenture's 5,800-person security organization. He started Invincea in 2009, and grew the company to 25,000 customers and more than three million active users before selling the company to Sophos in February 2017 for $100 million in cash plus $20 million of earn-outs.
Product vendors are constantly selling to large enterprise and then walking away, Ghosh said. As a result, Ghosh said a typical Fortune 500 business is buying 40 or 50 different products but only getting value out of 10 of them on a good day. All told, Ghosh said too many security offerings end up as shelfware or require far more staffing that the enterprise ever imagined.
Accenture today runs a first-line security operations center (SOC) for many clients with end-to-end capabilities as part of its MSSP business, Ghosh said. But like most folks in the MSSP industry today, Ghosh said Accenture has a very people-heavy approach to managing the problem, making it difficult to scale in line with market demand given the industry-wide talent shortage.
The company therefore needs to better enable its security teams around technology to make them more efficient in the market, with Ghosh saying his background in innovation and software should help with developing solutions. Although Ghosh won't necessarily create a new offering, he said clients will enjoy better scale and more effective service delivery as Accenture pulls different assets together.
Ghosh also wants to better address the gap between when an adversary gets on a client's network and when the team spots them. The problem can be more effectively addressed through expertise in Accenture Labs as well as third-party products in everything from endpoint and firewall sensors to orchestration to SIEMs, he said.
During Ghosh's first 90 days, he would like to get in front of Accenture employees responsible for client delivery and account success to get a better sense of the market needs, requirements, and challenges that customers face.
And from a technology standpoint, Ghosh said he'd like to gain a better understanding of how Accenture's incident response and red team works with clients, as well as the kind of data that's being produced by Accenture's threat intelligence group.
As far as offerings are concerned, Ghosh plans to get a handle on Accenture's baseline of capabilities, where the company is delivering in the market today and where the opportunities and gaps might be in order to build the team that could most effectively fill those gaps.
The initial target for Accenture's new capabilities will be the MSSP segment as well as clients that are serving by MSSP offerings, who Ghosh said will benefit from a solution set that's far more effective in finding adversaries on the network. The offering is expected to reduce time to detection while focusing on the threats that are most material to businesses, according to Ghosh.
From a vertical standpoint, Ghosh said his work at Accenture Security should be accessible in sectors ranging from oil and gas to industrial control systems to everywhere in between.