Pentura launches consulting arm

CRN conducts an exclusive Q&A with Steve Smith, managing director of Pentura, to find out more about the VAR's move into consultancy

Steve Smith: We don't want to be known as a reseller

Security VAR Pentura is swimming upstream and taking on the Big Four auditors with the launch of a 14-strong Consultancy Services Division. CRN caught up with Steve Smith, managing director of Pentura, to find out how the company plans to mix technology supply with high-end consultancy.

CRN: Firstly Steve, can you tell us more about the new division?

Steve Smith (SS): We launched it on 1 April as a separate division. It will focus on three areas: penetration testing, policy and compliance, and data services.

We have taken a couple of guys from our existing business and the rest we have brought in. It has seven consultants, four sales guys and one internal telemarketer, as well as two directors [including former Deloitte senior consultant Giri Sivanesen]. Giri will be helping us drive the policy and compliance side of the business.

CRN: Your roots are in reselling emerging security technology. Why have you moved in this direction?

SS: We have always been consultative led. Our primary objective is to benefit the customer. We want to be known for our own value we bring – we don’t want to be known as a reseller.

CRN: What impact will this have on the product-services balance of your business?

SS: Last year [the 12 months to 31 March 2010] we did just under £9m in revenue. Gross profit-wise, the split was £0.5m from consulting services – even though we had not really started it up then – and £2.5m from everything else. This year we are targeting a gross profit of £1.4m from consulting.

CRN: There are some big brands in this space – how will you differentiate yourself?

SS: The difference in our approach is we use technology and then combine this with the audits. We interview people to find what policies and procedures they follow and then we use technology to analyse the network, data flows and traffic to see what is actually happening.

CRN: Is there a potential conflict of interest that stems from combining technology supply with consultancy?

SS: No, the two divisions are quite distinct with their own directors, sales teams and consultants. The consulting division is completely independent in the findings it provides and it might be that the client does not need additional product. If they are interested in buying product, someone from our technology services team will get in contact.

We are seeing a benefit from being able to link the two things together. When we go in and tune a policy on a product we have sold and implemented, we can use intelligence from the consulting division.

CRN: What was your recruitment strategy for the division?

SS: We have taken on one other person from the Big Four. To be crude about it, we are looking for badges. If they are a penetration tester, being a Check team leader is really important because they will then be listed on CESG’s web site. Government departments can typically only use people on this list. And large organisations such as banks use the same list.

CRN: Can you tell us more about your traditional business?

SS: We do not come up against other partners that often because a lot of the technologies we focus on are new – such as Varonis, BigFix, Lumension and most recently Palo Alto. We have two technology streams – emerging and established. Established vendors we work with include Check Point, Websense and Sourcefire. We are Sourcefire’s largest EMEA partner.

CRN: How typical is it for a VAR like Pentura to move into consultancy?

SS: I do not know anyone that is doing both. I know some good consultancy companies and some good resellers that sell technology, but I do not know many that have gone 50/50.

CRN: Finally, what else do you have planned for 2010?

SS: Because this is fairly new, we want to get to the end of the year to achieve our targets before we move on to the next big thing.