Story image

Exclusive interview - How the channel can help protect NZ’s cyber space.

18 Jan 18

Exclusive Networks NZ general manager Alex Teh has a mission - to get New Zealand enterprise up to speed with cybersecurity, and he says that the channel is the answer.

After selling his UK based cybersecurity company a year ago, he moved back to New Zealand and has spied a gap in the market that needs to be filled.

ChannelLife sat down with Alex to hear the numbers and get his perspective.

Tell me the numbers, what are we talking about here in terms of cyber threat in New Zealand?

Well, we have the second highest rate of ransomware attacks in the southern hemisphere.

The international average for the number of days that it takes to detect a breach is 250; in New Zealand, it’s 520.

One-fifth of our population has experienced some sort of attack, that’s about 800,000 people.

The CEO of every publicly listed company has experienced phishing, or as we call it ‘whale-hunting’, and because their email address and everything is out there, people are posing as CEOs in order to target others.

Those are some confronting numbers. What are Exclusive Networks doing to help combat this?

It's Exclusive Networks' job, and the channel's job, to ensure that our partners are trained, have the right information, and have the ability to provide intelligent advice to their customers.

The world of distribution providing warehousing and credit facilities as value-added is simply not good enough anymore.

Distributors have to do a better job at education and training.

They should be a true extension of the vendor, technically, commercially, strategically, all of those important things that help partners grow their cybersecurity business. 

Why has NZ fallen behind other countries with this?

I don't know, I haven't been around for 16 years, but I see a market gap and there is a massive opportunity for organisations that can breach the gap.

I also think distribution has been cannon fodder for staff poaching, which means the good ones are always leaving for vendor jobs or reseller jobs because those organisations tend to pay more.

However, I think that gives distributors an opportunity to bring up, coach, train young, new blood into the industry.

I would prefer to hire a young, enthusiastic, intelligent person that I can mould than a dinosaur any day (we laugh). You can quote me on that.

I will! As someone who has been on the outside for some time, how do you see the NZ channel?

We're quite mature as a channel-led business environment.

A lot of our resellers and managed service providers (MSPs) are quite advanced in the provision of managed services, cloud services, and outsource services.

As a market, we have developed that way due to the fact everyone is fighting over the same resources, which is why partners that have been able to build technical capabilities that can be provided to a wider group of organisations have been extremely important to the growth of the channel in NZ.

From a cybersecurity perspective, I think that the channel is learning to do more but when you look at what international organisations and international government bodies are doing around cybercrime, I don't think that we are doing enough.

Europe and Australia have introduced compliance drivers, the GDPR  (General Data Protection Regulation) and the breach and notification law, which allow central government bodies to fine organisations for data breaches.

I think organisations that lose that data need to be held accountable and it is the channel's responsibility to provide the capabilities to provide defence against these types of leakage and attacks.

There has also been a lot of progress in the technology of cybersecurity with the integration of AI.

Great that you brought that up, I grew up in the generation of The Terminator and The Matrix and my generation have a fear that AI could be the cause of global destruction just because they watched too many Hollywood movies but In my opinion, AI is instrumental in the provision of cyber defence.

Read more about Alex’s opinion on AI in cybersecurity.

It's more acceptable than ever to just put everything on the cloud both as a business and personally, especially the next generation of digital natives, which means that a lot of data can be found in one place.

You've hit the nail on the head. Although I'm fully in agreement that the adoption of cloud is fantastic for NZ companies, I also would challenge the fact that the security around cloud services such as Azure and AWS have not adequately been addressed.

When I’ve asked companies that are using AWS or Azure, "What are you doing about securing your data in the cloud?" many individuals that I've spoken to have said, “We haven't thought about that yet.”

If I was a hacker or writing malicious code, that is gold. If I took out an MSP or a cloud provider I'd not only get that one company, I would get a whole variety of information from all their customers that I could take advantage of – just imagine if salesforce.com was compromised.’

What can channel players do right now?

Build up their cybersecurity portfolio, rather than just focusing on having a good anti-malware product at the endpoint and having a good next-gen firewall product at your gateway.

I think that's the opportunity for the channel; you will see partners that specialise in security really thrive in the future because rather than selling them a firewall and an antivirus you're selling an entire solution set.

For example, when an organisation is looking at putting in a DLP product, they should look at the business outcome they are trying to achieve.

I would recommend they look at classifying and structuring their data before buying a DLP product and then making sure that when the DLP product is installed, we give their users the ability to transfer that information and data securely by providing a good managed file transfer product to use.

Putting in a solution set of products like that requires specialist value-add from a partner that has been trained to look at the workflow rather than just shipping a product to a customer.

How long until NZ catches up with its data breach regulation?

Less than 5 years.

I think that journalists will catch onto the fact that many people are interested to find out what data breaches have occurred in NZ and which boards and IT departments have swept it under the carpet hoping they will never be found out.

Do you think there have been any high-profile data breaches in the last few years that have gone unreported?

I know many and I've only been back in the industry a year.

I can't tell you about them as it's not my position and I have confidentiality agreements in place but the day will come where it’s mandated for those companies to let the market know that they've been breached.

And that day will be very soon.

Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
How blockchain will impact NZ’s economy
Distributed ledgers and blockchain are anticipated to provide a positive uplift to New Zealand’s economy.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Review: Blue Mic’s Satellite headphones are good but...
Blue Mic’s newest wireless headphones deliver on sound, aesthetic, and comfort - but there is a more insidious issue at hand.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Forcepoint and Chillisoft - “a powerful combination”
Following Chillisoft’s portfolio expansion by signing on Forcepoint, the companies’ execs explain how this is a match made in cybersecurity heaven.
David Hickling in memoriam: “Celebrate the life and the music it made”
Dave was a well-respected presence in the IT channel and his recent death was felt by all the many people who knew him as a colleague and a friend.