Cylance takes fight to 'Dinosaur' security vendors

End-point security newcomer looks to shake up market

In the CRN Emerging Tech Hub we will track new and emerging vendors as they land in the UK and look to make a push in the channel

To start the hub off, no vendor has been making more noise over recent months than Cylance.

Who are they?

Cylance's mission statement is straight to the point, declaring "we prevent cyber attacks" on its home page. The end-point security player uses artificial intelligence and machine learning to predict cybersecurity threats, claiming that the term ‘prevention' should not be seen as a dirty word. It boldly claims to be able to prevent 99.9 per cent of cyber attacks before they happen.

In June, Cylance announced $100m of series D funding to support its global expansion, which follows investments of $15m, $20m and $42m over the last three years.

2016 has also seen a number of cybersecurity experts join Cylance from more-established players. Anton Grashion joined from Intel Security as senior director of product marketing; Stuart Quinsey joined from LogRhythm to become EMEA channel director; and Evan Davidson left FireEye to become vice president of EMEA sales.

EMEA

Cylance has been in Europe since last year through its distributor Ignition - which had acted as an incubator - but now officially has an EMEA presence after opening an office in Cork last month, for which it plans to recruit around 175 employees over the next few years.

Quickly following the office launch was Cylance's first EMEA partner programme, which went live this month.

The endpoint security player is currently in 14 EMEA geographies, including the UK, through relationships with 7 distributors.

Stuart Quinsey, EMEA channel director at Cylance, said the firm is looking to continue to recruit a broad range of partners having already formed relationships with security giants like NTT Security, and more niche consultancy firms like Cognition, as it looks to target end-users of every size across any vertical.

"Every level [of partner] is important and equally as important as the other because they service different parts of the market," he said.

"Whether they're a small MSSPs that deals with small organisations that we perhaps otherwise wouldn't be able to touch through the standard partner community, through to your big systems integrators.

"Each one of these component parts is equally important to me, to the company, and to the channel because they bring varying degree of expertise that we need to get into those markets."

Cyber security civil war

Cylance has whipped up quite a storm in the cybersecurity sector over recent months and has taken regular pot shots at security heavyweights including Sophos and Trend Micro.

Cylance has often criticised the size and sluggishness of traditional security players - EMEA marketing director Anton Grashion referred to them as "the dinosaur in the tar pit" - while Trend Micro head of channel sales James Munroe hit back questioning the financial stability of VC-funded start-ups.

The new-kid-on-the-block was also at the centre of a testing scandal in June last year, when Sophos posted a video of its own products outperforming Cylance, after a rogue employee from a reseller reportedly smuggled Cylance products to Sophos.

What the analysts say

Aside from speaking to the press, Cylance has embarked on a number of high-profile marketing campaigns, including advertising at Waterloo Station and Heathrow Airport, which Keith Humphreys, managing consultant at market analyst Eurolan, said is the most important step for any new vendor.

"What Cylance are doing is very much a new concept and to do a new concept you have to have the evangelists out there, and you have to have the marketing to back that up, and Cylance are doing a good job of that," he said.

Dominic Trott, research director at IDC, told CRN that Cylance's AI approach is beneficial as the number of cybersecurity threats increases rapidly.

"Cylance are an interesting bunch," he said. "They are the ‘hot new thing in town' - with a heavy marketing focus - not just Waterloo but also Heathrow Airport - down to their AI-driven endpoint protection solution.

"This helps to avoid reliance on signatures - a more traditional, reactive approach that tends to focus on blocking known threats, an approach that it is ever tougher to drive success with due to the sheer scale of new threats we see emerging every day.

"That is to say, using the AI to understand what is malicious/unwanted behavior and address unknown threats, rather than waiting until you detect the signature of a known threat.

"The only problem is the relatively high level of false positives that Cylance generates - this adds to the time and burden that security professionals are faced by."