Says that European customers face a tougher challenge because security teams are smaller
Kenna Security is looking to add around a dozen new partners in Europe, having just signed SecureLink (end Jan) as its first major VAR in the region. Kenna's VP Europe Trevor Crompton says that “Kenna is 100% channel and currently has about half its partners as MSPs, half traditional resellers, and we see a huge opportunity here.”
“The partners we are recruiting are selling into enterprises. Everything we find goes to the channel and we are encouraging partners to reach in to their customer and tell them there is a better way to do it,“ he says.
The market is predictive cyber risk – meaning that enterprises with a list of vulnerabilities do not have to try to manage these manually. “Every customer I have spoken to is using a manual, difficult, people-intensive process to manage multiple millions of vulnerabilities and work out which will kill them. They are trying to look at all the security and manage it all manually, sending it to an IT team. The team is told fix these 600,000 things, they can’t.”
“We have worked out a mathematical approach using guided machine learning to discover which vulnerabilities are likely to be exploited next. When exploit kits become available on the dark web or wherever, we know there is likely to be a rise in such attacks. This gives us a 94% accuracy, which is huge; so there can be a massive benefit to customers.”
“We see a market opportunity for the channel to speak to these organisations across the board – it is a universal problem. Showing them that there is a better way using a ‘risk-based’ approach rather than ‘list-based’, and there is a reduction in the number of things they need to do. “
It gives a startling improvement, he says. “Measure risk, prioritise and manage. A typical end user customer will have more than 500 employees have a sufficient number of devices which create vulnerabilities and this is too many to manage manually. The customers we have with tens of thousands of assets are generating large numbers of vulnerabilities.”
The regional targets in the rest of Europe are the Nordics and Benelux, in addition to the UK. “People are finding us in other countries, particular some very large organisations trying to manage millions of vulnerabilities.”
"We are conscious that in Europe, we have a highly-regulated market, so we have an office in Frankfurt which means customer data stays in Europe and while the problems are universal, the customers are suffering more because the security teams are smaller and so the pressure on IT teams is higher. Our capability to show a time to value is significant. We can show a return on value in a matter of days.”
