Q&A: FireEye CEO On Layoffs, Realignment And What It All Means For Partners

New Era At FireEye

Since assuming the top role at FireEye two months ago, CEO Kevin Mandia (pictured) is already ushering in change in a big way at the security vendor. Last week, the Milpitas, Calif.-based company unveiled a major realignment initiative that will include layoffs, a move Mandia said will help FireEye focus on FireEye-as-a-service, MVX and its upcoming HX endpoint security technology. In an interview with CRN, Mandia and CFO Michael Berry outlined what those changes will look like as they start to take effect, the vision behind them and what it all means for partners. Take a look at what they had to say.

How is it being CEO? Is it any different?

Mandia: It is different. It's absolutely different. The reason why is everyone becomes CEO through different tracks and different experiences: you have your sales and marketing CEOs, you have financial CEOs. I'm a cybersecurity person with a forensics background. … I bring the art form of what we're trying to accomplish here from a vision perspective to the table, but I have to rely on others such as Mike Berry as COO. ... I have to rely on those [executives to have the] broad-based experience you need to be CEO of a public company. I think we have a great executive team and they're willing to take me and lead me in the areas where I have less experience. I'll be learning a lot. I will just have to stay open-minded and keep learning. The one thing I do know is our marketplace, what we need to build and how to be successful. I will play to that strength.

Walk us through FireEye's restructuring and the thought process behind that.

Mandia: One of the big things, if I want to define what I want to do here, you always have to have a business goal and a vision goal. On the business goal, I do want to achieve balanced growth and profitability. We have always said for the evolution of the company: you always start with building the platform. … 2016 and beyond, we are going to focus on balanced growth and profitability. I look at that as my business goal – let's focus on balanced growth and profitability and what that means to us. What it means is we're serious about a path to profitability. We told everybody out there that we wanted to have non-GAAP profitability and it was coming next year. We are going to work hard on that path. The balance part is making sure we get a return on investment, and that's where my vision and my market expertise will help us. I think I'm very in tune with what CISOs need and what the market needs and we're building the right things to address those needs. That's how we get balanced growth: We stay focused on the right things.

What will those cuts look like?

Mandia: I can just tell you this. You look around and you want to make cuts that feel … natural things that just don't fit – things that on a natural progression just don't fit in with the vision. You look at a lot of different factors.

Berry: Over the last couple of years, as we grew very, very nicely, we invested in just about everything for all the right reasons in terms of expanding geographically, going wide and very deep, adding multiple new products, and making sure we had all of that sales and marketing infrastructure to be a public company. The investment was pretty significant. As we look at the growth profile now, we look at it and say how much of that investment really makes sense and do we need to get a lot better focus to not only help our salespeople and the channel to know what they should sell and focus on those big movers. As we looked at it, we will look hard at our infrastructure. We will look hard at discretionary spending. We will also look at staffing across all of the different groups and based on where we are re-align that level of employees as well.

Will the channel organization be affected by the realignment and cuts?

Berry: We will look at all the different lines of business. What we will tell you is that we are especially attuned to making sure we have the right go-to-market and the right capacity. We don't have the details yet, but we will enumerate those when we go through our Q3 earnings. We will look at everything, but we do understand our success is based on us having great products and having people be able to sell them and get them to our customers.

How many job cuts will there be?

Berry: We haven't finalized it yet, but we expect it to be somewhere between 300 and 400. We have about 3,400 employees right now. It's about $80 million annually, about 9 percent of our trailing 12-month controllable costs.

Emerging out of the realignment, what does the FireEye of the future look like?

Mandia: We are going to focus on a few key things and keep a few other things going. I can tell you first and foremost, we are going to expand FireEye-as-a-Service. … We will fire threat intelligence and analytics to all alerts so our customers will be better protected. That is first and foremost. FaaS is a very unique offering because it blends our platform with the intelligence folks we have that are global, with our security experts that we have to respond to breaches and learn what works and what doesn't work, and we have hundreds of researchers as well. To be able to bring that knowledge to bear through FaaS is important and makes FaaS' strength significant.

We are also going to be separating our core MVX detection so the sensors are a separate appliance or separate VM even, and with that new form factor, we can open up new markets. We will have greater price flexibility and deployment options that our customers and prospects actually want. That is coming out this year. The HX endpoint tech that we've been working on … that will be coming in the first half of 2017. Those are the three main things we are investing in to get that focus.

What do those focus areas provide for FireEye?

Berry: The theme there, across all three of those, is adding additional TAM to what we do today. More alerts with FaaS brings a whole new market, MVX separation allows us to get to that in the midmarket piece with the cloud but also all those egress points that customers can't get to because of the cost of our solution. … We feel really good about addressing a much bigger TAM going into 2017, and balancing that with profitability.

What are you doing to clarify this vision and direction for partners so they aren't confused about FireEye's future direction and identity as a company?

Mandia: We're going to try and simplify our go-to-market. Clearly, we will get better sales execution if we simplify our go-to-market. We have our marketing department working on a lot of this right now. We do our best to be consistent, but we do have to simplify. We have a lot of different products and each one of them to some extent was marketing on their own thing – now we have to do that with more platform marketing and let the world know in a manner where the mission doesn't change, in a manner where the message stays the same for many years. We're working our best to do that and we have efforts under way to do that.

What will your approach as CEO be to the channel? What's your philosophy there as CEO?

Mandia: I think that we need products that accelerate our channel, quite frankly, where they can make money selling. Right now, we're looking at ways of taking our products, which are generally accepted as the best threat detection, and putting them at a price point that is more channel-friendly and more friendly to folks that are price-sensitive. We're working on those endeavors now. We have the release of cloud MVX scheduled for later this year – that's a channel-friendly product. I meet with our channel team and I ask them: What do you wish you had? When I get the answers to what they wish they had, we will begin working on those things. We just have to bring them to market and I think then we will have a pretty hefty channel.

How will you balance between direct and indirect sales? Will that change from where it's been in years past?

Mandia: Ultimately, I think we fulfill virtually everything through a partner at some point. There is more heavy lifting in the funnel in the enterprise and the on-prem stuff. We do get a little more involved in some of those efforts. But, when you have a simple price point, a simple message, an easily deployed product – and those are the things we're working toward building – we think that's just more channel-friendly.

What sort of shift are you seeing around Security-as-a-Service? Are customers actually buying that?

Berry: A couple of things. Security-as-a-Service, which is FireEye-as-a-Service, and that managed detection and response piece is growing quite quickly. That is a shift from buying on-prem, which you manage, to someone managing that for you. Our email solution, which we still have the appliance email and that's a great product, but now that's shifted to email in the cloud. … Then you see other things like TAP, which is essentially SIEM in the cloud. There is a movement for a certain piece of the market. We continue to do well in our core enterprise market, where they'll get into the cloud and it may not be as fast or it may be a hybrid cloud, so I think it depends on what sector of the market you're talking about. A good bit of it there is a pretty rapid shift. In our core market we think it's coming, but perhaps a little bit slower, just because our customers are government, financial institutions, health care where not everything is going to go to the cloud.

How do partners fit into the Security-as-a-Service shift?

Mandia: There is no question as we do MVX separation that it really opens up more partners to us. We can have more channel resale there as we get a different price point. FireEye-as-a-Service, there will be partners especially internationally that we will go to market through, and that is how I approach that. In endpoint, when we get real-time threat detection to the endpoint that will be a channel product. That's why we made those bets, because it is channel-friendly and it extends the products that are channel-friendly for FireEye.

What is the next priority in the next 30, 60 days and then down the road?

Mandia: I think it comes down to the theme of we're a business on a mission to protect our customers. We want to create the most effective protection at the lowest total cost of ownership. We will have product releases focused on those, one is the broadening of FireEye-as-a-Service to handle third-party alerts at the customers, one is on the MVX separation to get a much broader addressable market, and then our endpoint technology that addresses a large TAM and we're doing all the right things there we just need to get that out the door --we have that scheduled for the first half of 2017. In regards to real-time threat detection, I think that's a core feature there, and we already have the ability to rapidly search your enterprise and get an alert to containment process with our HX technology today and it's already integrated with the threat intelligence from our NX products. Those are the three visions from the product side, but then you have to do that with balanced growth and profitability, which we'll be managing with the recalibration we're doing. Those are our three priorities in the near term: get these products out the door, expand our total addressable market, while managing through a recalibration to make sure we're operating efficiently.