Even though the technology world has grown by leaps and bounds in the past decade, it can at times be a surprisingly small community of people. This is why a top executive at VMware Inc. and the chairman of Microsoft Corp. have much in common as both grapple with the issues surrounding tech security.
Before he became the chief operating officer at VMware, Sanjay Poonen (pictured) was in charge of strategic operations for Symantec Inc. at the same time that John Thompson, current chairman of Microsoft, was chief executive officer of the security firm. Their paths have diverged, but both remained deeply involved in key security issues that have affected a broad swath of the tech industry.
In separate and exclusive interviews with SiliconANGLE at the RSA Conference in San Francisco on Wednesday, Poonen and Thompson discussed their vision of security and business strategies for unified solutions within a splintered and highly divided cybersecurity ecosystem.
“I’ve not seen an industry in my 27 years in technology that’s so fragmented,” Poonen told SiliconANGLE. “Increasingly, security has to be intrinsically part of platforms as opposed to being point tools.”
Tools for IoT and cloud
A platform-centric approach to security was reflected in many of the announcements from large industry players leading up to this week’s RSA gathering. Microsoft announced general availability of Azure Sphere for internet of things devices, a key move designed to protect vulnerable products with little built-in security. Microsoft also announced enhancements to Azure Sentinel, the cloud-based security management service.
“I think the company has become much more cognizant of the need to have a stronger security footprint, particularly as they built out a rapidly growing cloud business,” Thompson said. “It’s one thing to think about endpoint protection and the role of Microsoft from the days that Symantec partnered and competed with them. It’s something else now to think about access control, privacy, data confidentiality.”
Need for holistic view
Mushrooming security issues have forced companies such as Microsoft and others to retool security solutions away from fragmentation and more toward a horizontally scaled approach that can cover the broader enterprise expanse. Microsoft’s “Threat Protection” solution now includes not only protection for Windows, macOS and Linux, but user data, cloud applications and infrastructure as well.
“What has happened is the security industry has taken a product or segment view, not a holistic view, which is what consumers or enterprises want,” Thompson said. “What you’re starting to see emerge are some companies that truly do have a point of view about integrating security more horizontally.”
VMware’s growing security business has followed a similar path. The company acquired Carbon Black Inc., a provider of security for cloud-native workloads, in 2019 and has wasted no time in deploying the firm’s technology for broad-based infrastructure solutions.
On Tuesday, the company announced that VMware Cloud Foundation would include a number of Carbon Black’s workload protection features. NSX and Carbon Black’s technology will now be tightly integrated with VMware vSphere.
“We have this control point called vSphere, and we’re now going to take Carbon Black and make it agentless on the server side workloads, which has never been done before,” said Poonen in conversation with John Furrier, host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the RSA conference event. “That’s operationalizing it at the infrastructure level.”
Here’s the complete video interview with Poonen:
Reaching out to startups
VMware and Microsoft have also grasped an important element when it comes to deploying viable solutions in a rapidly moving threat landscape: Partnerships matter. In addition to the major acquisition of Carbon Black, VMware has partnered with security startups, such as Kenna Security and Zimperium, which provides mobile threat data directly into VMware’s Workspace ONE.
“What we’ve been trying to assess is what we can do on the VMware side that makes things more part of the platform and then how we can find creative, next-generation companies,” Poonen said. “I get to surround myself with people who are the next-generation security leaders, and that’s how we learn.”
Microsoft’s Thompson has followed a similar approach through investment. In addition to serving as chairman of the software giant, Thompson has been actively investing in a number of startup security companies since he left Symantec in 2011.
One of Thompson’s recent investments was Confluera Inc., a startup focused on intercepting and defending cyberattacks in real time.
“The thing that I thought was fascinating about what Confluera wanted to create was something that would not only do real-time detection, but real-time blocking,” Thompson explained. “I have invested in quite a few young security companies over the last 10 years.”
In their respective positions at the top of the enterprise food chain, Thompson and Poonen have the ability to see the tech landscape from a perspective of not only where the broader industry has been, but where it needs to go next. In assessing the security field, both executives have arrived at the same conclusion: Customers want an effective, comprehensive solution from one rather than from a cast of thousands.
“You cannot go to a doctor and expect the doctor to say you should eat 5,000 tablets to stay healthy,” Poonen said. “It has to be baked into your diet.”
There’s much more of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference here.