Websense CEO: Bush-League Partners Were Hurting Our Channel Strategy

Websense CEO McCormack Tells CRN Why Its Channel Engagement Is Fading

Websense needs to take on increasing competition, but its CEO is not relying on a broad channel base to drive sales. CEO John R. McCormack said in a recent interview with CRN that his company's 2007 acquisition of Surf Control brought in a lot of reseller partners lacking sufficient skills to deploy the company's mid-market and enterprise-grade appliances for its Triton security platform. Customers are demanding hybrid deployments that require data architects and network infrastructure expertise, he said, adding that the company is turning to a smaller number of capable partners to deploy the technology to enterprises. Websense was acquired by Vista Equity Partners in 2013 and completed a move from San Diego to new, 90,000 square-foot headquarters in Austin, Texas. It's in the process of hiring inside sales associates, sales engineers and renewal specialists. The company is in a battle against SaaS-based security vendor Zscaler, Intel Security (formerly McAfee) and Blue Coat, which have built out their security gateways. About 25 percent of the company's customer base still uses Websense's legacy gear, McCormack said. Websense is primarily three solutions today: data loss prevention, advanced email protection and Web gateway security. McCormack explained the company's new direct marketplace strategy in the U.S., which relies on less partner engagement and instead directs customers through a remote deployment as part of a quick-start implementation.

Edited excerpts of the conversation with McCormack follow.

Why is Websense relying on fewer channel partners?

We are still working to make sure the channel works for us. I need to change the dynamics to take out those who do not have the sophistication required and product knowledge to be successful. Triton has a lot of legs in terms of how to build on it. To make ourselves successful and deal with the skills shortage that we have in the industry, we put together this marketplace. We're improving the customer experience by starting with only a couple of partners. Many partners don't have enough volume and a close enough relationship with vendors so they can learn the skills required with advanced security. The channel has worked very effective on stuff that is steady-state and mature, but even vendors that are 110 percent channel-centric like a Check Point -- just look at their results on new initiatives and things they have tried to push out there and you can see they have found trouble with the channel.

How does the marketplace work?

We've created a marketplace and gave my internal sales team an incentive to make sure the customers get the right skills they need to be successful. Instead of that being a service that we offer, we are trying to drive volume into guys that are investing in the training and are skilling themselves up and delivering a quality experience to the customers. We have a lot of visibility into that because I have a lot of skin in the game, especially when we're in the subscription business, whether the customer has a good experience or not. It's directly related to my top line going forward.

Why not invest in training and certifications for the partner base?

We are doing this as well, but in advanced security you end up with too many partners that do one or two deals a year. Unless you are living and breathing this stuff every day, you are not going to be successful at that rate. And furthermore, I want to bring all the best practices and all the learnings from the customer environments to the next customer. You need to be able to drive a business level of engagement. Many partners don't have the ability to invest in the people and the training -- all the seat time just doing the work -- to be competent enough. Broadly speaking, I'm convinced that the root of our issues in the security industry are related to the competency level that we don't have.

Are more deals going direct through the marketplace strategy?

Business is still almost all fulfilled through the channel, but typically opportunity is identified by my marketing and sales teams. I want to make those really viable partners profitable so they can invest more instead of diluting their expertise. Either you are completely out of the channel business or you are not. And if you are not, you have to pay close attention to it. We launched this marketplace concept two months ago in the U.S. It's like Amazon to bring buyers and sellers together. Customers are satisfied, systems are doing well and they are seeing the value. We are going to help the skilled partners find more business to help them scale up their volume.

Can a partner still be successful partnering with Websense?

I can tell you with certainty that if you are bringing a deal, doing the heavy lifting on a Triton implementation, not only you are getting the services, but you are getting better margin. If you are just renewing the product and the customer doesn't have very good satisfaction and not upgrading and you haven't cared and fed for them, how much should I pay you for that? We started a low-end renewals team because the channel wasn't even collecting the money that the customers were trying to give us. What we do in the very low end -- 250 and below -- small deals. We proactively send the channel the lists and if they haven't renewed it by a certain date, we renew it ourselves and give them a cut. The changes we are making in the channel are about better alignment between my sales force and the channel and trying to get the right volume and dynamics so I can get skilled service people engaged with my customers so I can get satisfied and successful customers.

What led to the new strategy?

If you accept the principles that [organizations] don't have the full IT team -- I've talked to hundreds of CISOs and just in India and talked to 25 large customers. Not one of them have a large staff. They can't find the number of competent people to replace the ones that they are losing. That is bad chemistry. As an industry we continue to throw more point products and complex products at them. If you have smart enough people, that is fine. And if you have people that have done it for a while, that's fine. But we generally don’t out there. When we integrate the Triton system together, that took about half my engineering capacity for five years. That was a lot of work. Our vision was how to reduce the cost to maintain one of these systems and get a better security system by using shared intelligence and shared context.

What do you make of Symantec and its DLP offering?

It is tough to run a company without a leader. They need to get one. They executed well with their Vontu acquisition with service delivery in the U.S. We beat them internationally where we had good partners that stepped up and put the amount of work in and we directed business to them. India we are by far the number one DLP vendor. Macau, Hong Kong, Russia, Asian markets, Middle East we outdo Symantec in all those markets. In the U.S. our channel wasn't equipped to sell DLP and we didn't get that right in my opinion and Symantec said it is too sophisticated for the channel we are going to do it ourselves and that proved to be an early winning strategy. They backed off of that, years later, after all the momentum, a lot of installs and a lot of trained people. Advanced security, the shared learning, the volume of it and level of sophistication is tough for the channel.

Are SaaS security vendors putting pressure on Websense?

Our cloud service today services over a billion clicks a day. We have 18 data centers and can provide a 20 millisecond response on pretty much any continent on the globe right now, Antarctica excluded. It is clear that the defense strategy that folks have used for years was basic firewalling and antivirus to prevent infection. You need the perimeter to follow your employees and the data around. That is what we are doing with our cloud services. We are delivering a virtual perimeter-based control system. That virtual perimeter is wherever your laptop exists and we think we are doing it better than anyone else.

How are deployments changing with cloud adoption?

Most folks go with a hybrid approach. It's not just our security solution; it is just the way the world works. VMware and SAP are all talking about a hybrid approach. Sometimes you want to pull the protection close to your infrastructure. Other times you want it to be at the far reaches of where you don't have any infrastructure but you have data and corporate assets that need to be protected. We were early and we are still unique in offering a really seamless, hybrid environment. About half of our business is now consisting of hybrid deployments.

Is Websense landing larger enterprise deals?

We are winning large deals. Look at the scale of the outsourcers we have in India. Right now we protect 200,000 users in the account. Their business is going to 500,000 people. They are building three new campuses that are holding 80,000 people. We run our software so we can get the most juice possible out of the Intel innovation curve and put all the logic to take advantage of that inside our software and optimize it to that, but it takes a lot more than just a box to scale something. Try dealing with Active Directory, federations that are at 200,000 users. It's pretty incredible in distributed environments that are global. There's a lot of elements to scale.

Is the sheer number of advanced threat detection products available squeezing websense Out?

We have invested eight years into this platform. We figured out machine learning for content classification and also for security or else we knew we would be out of business. We have been doing sandboxing for a long time. Any indication of interaction is essentially what we collect. All the telemeter data coming out of our customer environments is run through our analytics system and a honey client that is essentially a sandbox. We push updates 2.6 times a second now. It's not just signature updates. We're also changing reputation scores and weightings on behavioral algorithms.