Cynet’s Royi Barnea: Our XDR Platform ‘Connects All The Dots’
Joseph F. Kovar
‘We’re focused on XDR to provide a much more simple solution for your clients, a much easier way to approach them. We reduce your buying costs and your investment costs and enable you to get a much higher win ratio,’ says Cynet’s Royi Barnea at XChange 2022.
Providing multilayered security can be expensive unless solution providers use a platform that offers a wide range of advanced capabilities.
That’s the message from Royi Barnea, head of North American channel sales at Boston-based Cynet, which develops an extended detection and response (XDR) platform.
Barnea Sunday told a group of solution providers at CRN parent The Channel Company’s XChange 2022 event that it is important to find an approach that can help them make more money by improving their win ratios, providing higher margins, reducing their operational and buying costs, and providing superior security coverage.
[Related: The 2022 Security 100]
Most solution providers are challenged to do so with their current security vendors, Barnea said.
First, he said, a complete security offering typically requires working with four or more security vendors or solutions, each of which is great individually.
“One of the biggest challenges is they won’t work together,” said. “They won’t sync, correlate, talk to each other. And security-wise, this can provide a huge lack of visibility in real time. And if we don’t have in real time the security threats, the visibility of what’s going on, it’s challenging to really understand what’s going on, to correlate it, and of course, to respond to it. One of the biggest challenges [with] different vendors is to create any type of automation between them.”
The second is the difficulty of finding a good solution for small to midsize businesses, which make up about 86 percent of the target for ransomware attackers, Barnea said.
“Why? It’s an easier job for the hackers,” he said. “They don’t have the budgets of a lot of enterprises, and sometimes not the security awareness.”
The third is the need for solution providers to reduce operational and purchasing costs and investment, Barnea said.
“If you want to make a decent margin, your end selling price for your clients becomes higher, and in some cases, becomes unaffordable,” he said. “We’re here to reduce that and improve your pricing.”
It is also difficult to stay relevant, Barnea said. “The really leading vendors are the ones that are staying relevant, meaning updating on a monthly, quarterly basis, because the industry is a cat-and-mouse chase,” he said. “The bad guys will always try to bypass security vendors like us.”
Cynet, as an XDR platform provider, offers multiple types of advanced security capabilities that improve solution provider margins, add automation and improve win ratios, Barnea said.
“How do we do that? Simple math,” he said. “If you want to try and sell five, six different sales cycles, your win percentage ratio will be much lower than one automated consolidated platform. And that’s exactly what true XDR is.”
Cynet’s XDR platform includes next-generation user behavior analytics, endpoint detection and response, network detection, network traffic analysis, honeypot deception, SaaS security posture management to protect SaaS applications, network detection and response, and security orchestration and automation response, he said.
Creating security orchestration automation and response can significantly reduce the impact from a ransomware attack by letting partners do things like closing an IP port, delete a routing table, shut out a host from the Active Directory for 30 minutes and isolate user endpoints, Barnea said.
“It’s a very different approach to security that we need to do against ransomware and many more attacks,” he said. “It connects all the dots together. In order to create that manually, it’s going to be a challenge. Automatically, it‘s going to be much easier. That’s exactly what Cynet is here for.”
Cynet is 100 percent focused on solution providers looking to provide a simple security solution to customers, Barnea said.
“We’re focused on XDR to provide a much more simple solution for your clients, a much easier way to approach them,” he said. “We reduce your buying costs and your investment costs and enable you to get a much higher win ratio.”
Barnea, in response to a question of whether Cynet provides XDR for mobile devices, said it does not despite the fact that mobile devices were an early focus of the company’s development.
“The main reason is that most mobile devices come via ‘bring your own device’ and, especially in the U.S. market, that is a challenge,” he said. “First of all, not a lot of CIOs will really invest in a solution when the end user can delete the app, and so there’s basically no enforcement. Second is the most fearful thing for corporations: We can see everything, so there are privacy issues.”
Barnea, responding to other questions, said Cynet has no vertical focus, but it does have a sweet spot in small businesses. Also, he said, Cynet does not work with two-tier distribution yet, but that it is something it is planning to do.
Cynet brought up some very good points on a very topical subject, said Ron Lovern, executive vice president of Triton Networks, a Dallas-based MSP managing customers‘ stacks from the LAN to the cloud.
“If you’re not doing security as part of your business model, you need to get out of this business,” Lovern told CRN. “That is one of the biggest issues that we see. We take over a lot of IT groups. If they have a third-party doing IT and all they’re doing is desktop support, we end up taking over just because of the security perspective. They’re not managing to the network. They’re managing to the desktop.”
Once an attack gets to the desktop, it’s too late to stop it, Lovern said.
“Like Barnea said, with SOAR [security orchestration and response], you have to get there before the ransomware gets into the network because it will sit in your network for five, six, seven, eight months learning everything that’s going on, and then the attack starts,” he said. “People think the attack just started. No, it’s been in your network for maybe even a year.”
Triton for now has three vendors managing three different layers of its security stack, but it would be key to have a single technology to do it all, Lovern said.
“When I look at the LAN environment, there’s usually endpoint protection or ransomware protection or web filtering at that level,” he said. “Those are really below the server level. Then you have that next layer, that wide-area network, where firewalls come into play. That controls your network security. And then there’s the next layer, which is the cloud security part, maybe AWS or even Salesforce. And you have to manage them three different ways. Most IT groups only manage the lower level.”
Cynet‘s ability to manage it all with one view is significant, Lovern said.
“There are companies that come close, but this is the first one I’ve seen that does a 360-degree view,” he said.