Q&A: Proofpoint CEO On How To Keep Up With Rapidly Evolving Security Landscape

Steele On Security

Proofpoint is fresh off of a second quarter in which the security vendor posted double-digit sales and billings growth. The Sunnyvale, Calf.-based company has been named a "leader" by Gartner in its 2015 Gartner Magic Quadrant for Secure Email Gateways and saw revenue rise 37 percent to $63.5 million in the second quarter. Earnings for the quarter posted a net loss of $25 million, compared to $15.1 million in the same quarter last year. Behind those numbers is a rapidly changing and competitive security landscape for both the vendor and its partners, CEO Gary Steele said in an interview with CRN after the earnings call.

Take a look at where Steele said he sees the market moving, and who Proofpoint is displacing along the way.

What stood out to you the most this quarter?

The key thing that was the highlight for us was our success in the advanced threat area ... What we're seeing today is that the targeted attacks as well as broader campaigns just simply aren't being stopped by the existing infrastructure installed in enterprises. Whether that's the combination of some legacy firewall plus antivirus, it doesn't catch any of this stuff. We see organizations looking to companies like Proofpoint to help stop these new forms of malware and these new forms of advanced threats. That's the big high note in the quarter. We had a phenomenal quarter. Our product mix, Targeted Attack Prevention, grew over 100 percent in the quarter as we referenced in the call. That was the really interesting, cool thing.

What about the competitive landscape? How do you look at the market today and stay ahead of that?

I think one of the interesting things about Proofpoint is, because we have adopted a cloud model, our rate of innovation is incredibly high. For example, our release cycles are every six weeks. We have the ability to move at a very rapid pace and evolve as the threat landscape evolves. The reality is, the bad guys are getting that much more sophisticated and are moving incredibly fast -- we have to be able to do the same thing. Our model of deployment enables us to do that. We're doing things, today, frankly, in the cloud that couldn't be achieved if we were trying to deploy on premise.

Do you see yourself as displacing your competition in the field? Who do you normally go head-to-head with, and who are you winning the most against in the market?

There's two components. We play in the advanced threat space, and that is a green-field market where people are buying for the first time. There we would compete with the likes of FireEye. Then, organizations that have an email security solution, they might have bought it from one of the larger, incumbent vendors like a Symantec or a McAfee. We might be displacing the Symantec or the McAfee in that regard.

Are you displacing them?

Definitely. We do see ourselves displacing them.

What differentiates Proofpoint from the others that you could go head-to-head against?

At the end of the day, our key differentiator is our effectiveness in catching malware. The way customers make this decision is they try us relative to either their incumbent, or if they're looking at something new, they test us against the alternatives. It's that that drives their decision. Our level of effectiveness ultimately drives their decision. As you can see in our financial results, we grew 37 percent last quarter at a revenue level and our billings grew 51 percent. We've had phenomenal success. If you look at Symantec or one of those other vendors, their security business isn't growing at all.

What areas do you see the most growth in your business right now?

It's about the advanced threats. We also had some very innovative solutions that we talked about on the call, for example, helping to protect organizations against attacks that come through social media.That's something that we're an early innovator in, and we've had great success and we continue to win phenomenal customers there. We've also done a lot of work in the threat-remediation category -- if something bad happens, helping organizations respond quickly. We have a very interesting product there called Proofpoint Threat Response. It really encapsulates data, takes data from all different vendors, and helps organizations identify which incident to work on and drive an automated process to remediate that particular event. That's another area that we had good success in the quarter.

Talk a little bit about how you see the security market changing?

What we see today is that there's broader awareness amongst enterprise buyers today than there is significant risk posed by the change in the threat landscape ... I think organizations today feel very exposed given the lack of effectiveness of that legacy security infrastructure. It's really forcing organizations to rethink their broader security posture and what capabilities they need to put in place to ensure that they are well protected. I think the opportunity for Proofpoint has been one where, because of our focus around stopping these targeted attacks, we distinguish ourselves, and we fit in nicely relative to all of the other vendors that companies might be talking to.

When you say 'rethink their security posture,' what does that look like?

It's rethinking the security mindset of the company -- how do you get people to understand that they're vulnerable and there is risk coming in ... There's traditionally been this broad focus on the perimeter as the way to defend. In reality, you've got the mobile user, you have people who are off network frequently, you have a broader use of cloud apps that the perimeter doesn’t help with. The broader rethink is really going back to basics and saying, 'How do you best defend the enterprise of today, given the characteristics of the workforce, and then how do you build security infrastructure to support the way the infrastructure works?' It's definitely overdue. I think there hasn't been enough hard, strategic thinking about how to best defend the enterprise.

Who is the driving force behind rethinking that? Vendors? Partners? The CISO?

It's all of the above. At the highest level, every executive in every board is concerned about the vulnerability that is posed by the bad guys today. Because of this broader awareness, organizations and leadership within the organization are working hard to figure out what we need to do. At the same time, it's vendors and innovators like Proofpoint, as well as the channel, who are trusted advisers to those companies that are helping drive that rearchitecture, rethink the broader security posture.

What kind of effect does that shift have on how Proofpoint goes to market?

We've been very focused on driving innovation in this advanced threat area. We've been moving as fast as we can to ensure that we're well ahead of where the bad guys are. Our architecture is one where, because we deliver through a cloud-based deployment, we're ideally oriented in this world where the perimeter is much less relevant than ever before, as you have workers not always on the corporate network and all that data needs to be protected. That's been an integral part of how we've been thinking about the problem for quite some time.

What about for your partners -- how do you see them evolving?

I think there's a couple things. One is we rely on our partners and their advisory services to deliver critical services to our customers ... 95 percent of our revenue came through our subscription services, and 5 percent of our revenue comes from one-time items like professional services. We're not in the business of advising our customers in the sense of delivering [direct] big professional services engagements. I absolutely believe that more and more organizations need outside security knowledge and expertise. That is where the partner community comes in, and where we rely on these [partners] that have built deep security knowledge and expertise where they can be of true assistance to enterprises as they work through this rearchitecture of their security infrastructure.

Talent is definitely a challenge I hear a lot about. Talk about what you see there a little more.

I think given the challenge today in hiring talented security professionals, the channel continues to be a key go-to partner for customers because everyone needs additional security knowledge and expertise. I think it's our partners who will ultimately provide that capability and they are providing those capabilities today. It's hard to hire talented security people. Our partners have done a phenomenal job building out those capabilities and delivering value there.

When you look at your customers, how are they changing?

I think there's a number of things. One is the role of the CISO, the chief information security officer, has definitely gotten elevated because [security] has visibility all the way to the board level. There's been additional investment in staff and knowledge. What we see today in enterprises of all sizes is a bigger investment is being made from a people point of view to make sure they are staffed appropriately. Then we see increased budgets ... on behalf of security organizations today, because they know they need to spend money to "catch up" in terms of security infrastructure.

What can we expect from you going forward?

We're continuing to grow our presence globally. We think that there's such a great opportunity in the security segment today helping organizations defend themselves against new forms of attack, and we are very focused on engaging with our partners to go out and drive demand and fulfill demand in a broader customer set. We're excited about opportunity. We think we're an ideal partner for the channel because we're not going to try and capture the services side of the business. We want our partners to develop those capabilities. There's a lot of other vendors that are in that and are trying to compete with the channel. We don't want to compete with the channel on the services side.

Who are you seeing do that the most?

Obviously FireEye has a big services group through Mandiant.