One Year Later: Attivo CEO Tushar Kothari Discusses Navigating the Pandemic and Emerging Strong
This week, we sat down with Attivo Networks CEO Tushar Kothari for a wide-ranging discussion on navigating the COVID-19 crisis, identifying emerging trends, and how companies can better prepare themselves for the future. As CEO, Kothari’s leadership has helped Attivo emerge from the pandemic stronger than ever. In this Q&A, he shares some insights into his decision-making process and vision for the company’s future.
Q: Last year was obviously a tumultuous one for not just the security industry but the global economy as a whole. As a CEO, what lessons did you learn in 2020 that you hope to apply in 2021?
A: Like many companies, circumstances forced Attivo to work in a distributed fashion. We learned very quickly to collaborate and work remotely with one another using the modern tools available to us today. We also learned that, actually, we didn’t suffer any productivity loss or effectiveness. Just the opposite, in fact: we became more effective. That was enough to convince us—and me—that we don’t necessarily need to have people coming into our office all the time, and we have decided that our employees can work from home indefinitely.
That means we have the luxury of flexibility, making our employees all across the world more productive. It also benefits many of our employees in their personal lives, simply by reducing commute time. We have engineers in areas of the world where traffic is notorious, and eliminating the hardship of that commute has meant a lot. On a different note, this flexibility also increases the range of potential employee candidates because we can now recruit people from all over the country rather than focus on those geographically closest to our office locations. That has been a profound change for us.
Q: What changes have you made from a more business-focused standpoint?
A: Enhanced branding and positioning have always been essential, especially now more than ever in this new world we are working and living in. Businesses have had to find new ways to educate the market about what they have to offer without the benefit of events like trade shows, so we have had to shift the way we approach our outreach. Fortunately, the marketing team is doing great work reimagining our marketing efforts to fit the current situation with activities such as more webinars, virtual conferences, and online marketing awareness and engagement programs.
We have made other changes in direction as a result of the pandemic, as well. We deal with protecting customers’ information and their critical assets. Before the pandemic, customers often didn’t want to have any data leaving their network, so they mostly deployed our technology on-premises. With remote work, endpoints no longer log into the customer’s real network, so if an attacker compromises an employee’s laptop, the company won’t know until they log in remotely. Now, customers want to deploy our technology in the cloud so that if an endpoint is infected, it will communicate to the cloud console, and the IT department will know that there is an issue.
Q: Is that indicative of a broader shift toward cloud-based solutions?
A: We are moving more aggressively to cloud-based solutions because customers want that. They want us to deploy in the cloud to get signals from their endpoints that are not logged into their network. But we also need to operate from the cloud because many companies no longer have employees on-site to rack and stack. They must do it remotely. The cloud lends itself to that, and it’s another trend that has helped us refine our roadmap toward the cloud. Technology like ADSecure and ADAssessor really lend themselves to people working remotely and the idea that identity has become the new perimeter. Digital transformation is accelerating, and companies that have been able to adapt have been very successful.
Q: You mentioned changes in the way you interact with customers. Can you expand on that? What new ways have you found to generate those interactions?
A: One of the interesting initiatives we’ve begun is “Lunch and Learn” training with customers to give them “under the hood” sessions with our technology. It’s another way of approaching demos if you can’t conduct them live—if you can’t show people at an event, you have to find other ways to get them close to the technology. We’ve had a lot of success with those demos because they are more technical and detailed than you can be with regular webinars.
Q: Before we shift gears, can you talk about some of the critical decisions you were forced to make in the midst of the pandemic? It must have been a difficult period to navigate—can you give us a look behind the curtain?
A: In terms of its impact, the COVID-19 situation was actually similar to the previous financial crisis, so I felt that mentally, I was well-prepared to deal with this. In these situations, one of the first things you do as a CEO is to manage your cash because you just don’t know what will happen. Investors are always happy to give you money when you don’t need it, but during times of hardship, those purse-strings tighten. We took a look at our expenses and identified some things that we no longer needed. There were some natural cost savings because events, travel, and other expenses were no longer a concern.
We manage our financials and operations very well, even during good times, which has allowed us to emerge from the pandemic downturn strong. We invest in innovation during times like this because you don’t sell your way out of trouble—you buy your way out of trouble. If you sell at a low point, all you do is lock in your losses. This situation is similar: you have to double down carefully without losing the cash you have. The investments you make can put you in a strong position on the other side of things. On the other hand, if you let all of your engineers go to save costs, you ultimately won’t survive.
Q: Let’s talk about the future. Attivo has begun to talk more about the heightened importance of Active Directory protection lately. Can you talk about what brought that shift on?
A: Identity has become the new perimeter, and the work we do is centered on protecting identities, credentials, and access privileges. Our cyber deception technology has centered on protecting high value assets and data accurately and efficiently. We launched the Attivo ADSecure product a year ago to protect against credential attacks and attackers seeking privileged access, and we are continuing to develop new products such as AD Assessor, which assesses the health of Active Directory and addresses potential vulnerabilities. Ultimately, we’re providing greater ability to prevent attacks, detect live attacks, and reduce the attack surface. With identity as the new perimeter, identities, credentials and privileges all need to be secured. With consideration that, this goes beyond simply looking at authentication and authorization.
Q: Securing AD hasn’t traditionally been a focus for CISOs. Are they ready for this? What will it take to make it more of a hot-button issue for them?
A: There have been several recent incidents as well as AD technology acquisitions, which have served as great validation for the need to do this and for Attivo’s direction. CISOs are slowly starting to mature their focus on identity protection. Just look at the SolarWinds breach and everything that happened there—it is more important than ever to protect identities, detect and prevent privilege escalation, and detect and stop lateral movement. In addition to Attivo, Microsoft and other major players in the industry have put out blogs showing that the attackers went after AD as an instrumental part of their attack. It is great to see the increased education of this risk and the interest it has garnered.
Q: Thank you so much for your time. Do you have any final piece of advice or conclusions about what might happen next?
A: In my opinion, the investments we’ve made over the past year will result in considerable growth as we come out of the pandemic and the market opens up. We already see strong early indicators of that, and even last year, during the pandemic, many of our customers have already adopted this new technology.
Despite the pandemic, we were able to grow our revenue and expand globally through 2020. I believe 2021 will be even more of a breakaway year for us. The market has a difficult problem to solve with identity protection and lateral movement detection, and Attivo has the right technology for customers to address it.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise