Cloud
7/7/2014
06:22 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Q&A: Panda Security Staging A Comeback

New Panda CEO and former IBM security executive Diego Navarrete shares his strategy and insight into turning around the security company that has fallen off the radar screen over the last couple of years.

Diego Navarrete, the former director of IBM's Security Systems Division in Europe, was named CEO of the struggling Panda Security in January. The Spanish antivirus firm in 2011 had cut its workforce by about 35% in the wake of a flattening antivirus market hit hard by free consumer antivirus offerings followed by the brutal financial crisis and recession in Spain. In an interview with Dark Reading Executive Editor Kelly Jackson Higgins, Navarette shared his aggressive plans for turning around Panda and its new laser focus on the US market, from where he says Panda will earn 10% of its revenue this year.

There are some promising signs of new life for Panda emerging: Navarrete estimates an increase of 7% in revenue for Panda in 2014, to $100 million for the privately held firm. Panda has 700 employees in 85 countries today, and 80% of its revenue comes from outside its native Spain, he says.

Diego Navarrete, CEO of Panda Security
Diego Navarrete, CEO of Panda Security

Dark Reading: What went wrong for Panda Security business-wise aside from the economic crisis in Spain?

Diego Navarrete: The new market of free antivirus [arrived], and Panda was fighting the big guys. Symantec and McAfee took most of the OEM agreements with PCs.

In 2007, Panda became a cloud security company, but in my opinion, the market was not as ready as it is today. In fact, the company then suffered … many of its own client-based customers wanted to remain on the customer [premise], so they were not opting for the cloud as much as [companies] are today.

The good news in 2014 is that everyone is talking about big data and cloud. And that's been in the company's strategy for seven years. We saw a turning point in the result in 2012, with the company back to double-digit growth, and last year, the same.

The market is endorsing our move to the cloud. Now it is a competitive advantage... My goal is to get Panda again in the [leading] industry position in innovation and business strength.

Dark Reading: What actions are you taking in turning around Panda?

Navarrete: I recently met with most of our key competitors in the US, and [some] will be our key partners in our new [cloud] service -- companies on the network security side, and the appliance network security space. The advantage we presented to them is that by running now for many years [in the cloud], we can automatically detect and classify malware.

We are also talking to a direct competitor that is highly interested in understanding how to work in the cloud.

Dark Reading: Panda has been noticeably quiet in the security research space, after a few years of being well-known for botnet and other research. Will we see a return to research?

Navarrete: Absolutely. The main strategies and technical [expertise] the company had back then remains in Panda. In the years when the market changed, the [European economic] crisis had an impact. Spain's [economic crisis] had a big impact on the company's results, and there had to be some layoffs early on in the lab.

[Some] people who remained with [Panda] after the bad years had in common they were either in the lab or [didn't leave]. Yes, we are going back to enhancing our presence in [security research] and being a thought leader again.

Dark Reading: You want to expand Panda's US market. How do you envision doing so?

Navarrete: Fifty percent of our US revenue is corporate enterprise, and 50% is consumer. Our sweet spot today remains that most of our client base [there] is SMB. We focus on the endpoint and develop protection, and our go-to-market strategy remains SMB [on the enterprise side].

We have a strong commitment to the channel, and get 80% of our revenue from partners.

Dark Reading: So is AV dead?

Navarrete: We are focused on the endpoint... [Traditional] AV is dead. But the evolution of AV is real-time service and tends to be data continuous monitoring for the cloud. You can in real-time close the opportunity for malware to run. I'm not going to say 100% of the time, but 99.99% is our claim.

In order to make our company grow and to develop the plan I have … we are leaders in malware protection and in cloud-based security technologies. We are coming off a really hard economic crisis in Europe. If we want the world to be with us, we need every employee behind this plan. This is the foundation for the company, and it starts from the inside. I'm being brutally honest.

In the end, it's always the same: Protect the endpoints. That is the center of our strategy that has not changed.

Dark Reading: Looking into your crystal ball, how do you see the security industry of the future?

Navarrete: I think it will be a mixed set of capabilities and solutions that go against APTs and targeted attacks against specific clients and organizations' assets. Real-time monitoring and big data analytics, but you cannot real-time monitor everything and you can't big-data everything.

You need to be an advisor and provide key indicators for alarms.

The industry today remains highly fragmented. The complexity of IT security to some extent is [people] not understanding the importance, or having a lack of knowledge. At one time, the industry was saying antivirus is all you need, a firewall is all you need, and the IPS and network guys were saying securing the perimeter is all you need. In the end, you need an end-to-end plan -- identity and access, who is access that information, what they are accessing in applications and data, and it depends on the importance you provide that data.

I see this fragmented industry consolidating. I see many players and companies that took advantage of the lack of knowledge situation ... not having stakes in the future.

 

Kelly Jackson Higgins is Senior Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
7/8/2014 | 12:17:38 PM
Panda's research
I will be interested in seeing new research from Panda in the near future. The team there historically had been at the forefront of some of the most interesting cybercrime findings, including the infamous Mariposa botnet.
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0607
Published: 2014-07-24
Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD) before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file.

CVE-2014-1419
Published: 2014-07-24
Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

CVE-2014-2360
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets that report a high battery voltage.

CVE-2014-2361
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.

CVE-2014-2362
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by predicting the time of project creation.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.