CRN has spent recent weeks canvassing resellers on their burning questions for the endpoint security vendor's boss. We put them to Marko last week, and here's how he responded...
All AV solutions are much of a muchness, so how do you differentiate yourselves from other AV vendors?
You can to some extent say the same about why you would buy one brand of car and not another one, because all cars have four wheels and will get you home. But still there are differences. I think we can approach it from several perspectives.
The first one is our reliability. Some vendors are more reliable than others. For example, how likely is it that the product will crash the machine, or that the new version will not work properly in your environment, or that you'll update the operating system and everything will break down?
We have a very strong record in this regard. I think for the more than seven years I have been CEO of this company - and I've been with ESET for 20 years - we haven't had a major incident of this type, so that is probably the first thing.
The second one is of course what usually comes to mind: do you protect better than the other products? That's difficult to measure, but our approach is very multi-layered, so it's not dependent on one type of technology that is delivering the protection, with signatures that need to be updated and all these things. There are a number of very sophisticated layers and I think this is distinguishing us from other vendors.
The third one, which is very important, is speed. ESET products are well known for being fast and not being a burden on the machine. These are the three main qualities that we try to follow and this makes the difference.
How does ESET fit into a wider cybersecurity solution for customers and what other security vendors do you typically partner with on projects on an OEM basis?
This question can be taken from opposite directions. One would be that we are focused on being primarily end-point security, so having solutions that prevent malware attacks at the end-point level and that includes anti-virus - whatever the term means right now. It's obviously a lot more advanced than it used to be.
When we go into more complex deals we sometimes need to provide other parts of security as part of our offering, so that is the technology alliances that we have and the partners we invite into the alliance are those that provide different sides of security or IT, such as backup for example, that we don't do directly.
The other direction is that we have been available in the market for a long time. There are a number of smaller and bigger companies that come to us because they need our knowhow and technology to be included into their solutions.
Some of that is connected to the Internet of Things - integration into routers and these kinds of devices - and it can be quite big things, for example when Google opted to include our technology into its browser to provide protection against PUAs.
Why should partners switch from the AV vendor they have traditionally worked with, and how does ESET deliver the maximum possible ROI for partners?
There are two things. One is that we are a private company so more or less the only source of income for us is the revenue. We cannot do revenue that is not generating profit.
We don't go into these kind of deals; we can only do that in a limited way as otherwise we wouldn't be able to work well. ESET has been a very profitable company for many years. That automatically means that the partners are profitable, but it is typical for ESET to have long-term relationships, so we have a number of partnerships that are 10 to 15 years long.
Some of them are exclusive partners and we try to protect the channel. For example, we offer renewals as part of the revenue, so partners have access to that if they made the initial deal and that doesn't seem to be automatic with other vendors, so we try to have a win-win relationship with our channel.
How does ESET tackle the issues around ransomware, given that it is a very advanced threat that traditional tools often can't deal with?
The question indicates that it's a very advanced threat, but from our technology perspective it isn't really more advanced than other threats, it's just different.
It's a type of attack that is so hard for those who suffer from it and that's why it gets all the publicity, but the protection against this attack is, to a large extent, similar to the other attacks.
I mentioned our multi-layered approach, so for example with the WannaCry attack - which is one of the most famous - it was able to spread so quickly because it was using certain vulnerabilities that were known for years but disclosed only three or four weeks before the attack.
Vulnerabilities themselves are not a problem and until someone uses one, you have no trouble. This is when the vendors decide what they do - in our case we introduced solutions for the vulnerability and a couple of these were after the disclosure of the vulnerability, so by the time the WannaCry attack went on we had protection in place and our customers almost didn't suffer at all.
There might have been some small exceptions that used older products or not updated products, but we were just doing our job properly and responding in time, before the actual damage was done.
What is your response to people who say anti-virus is dead?
I've heard that several times. I've been in this industry for a long time and usually it's not the whole sentence; it's usually something like ‘AV is dead, you need this', so it depends on what you call AV. If you mean technology from the 1990s then I would say yes it is dead, but if you mean all these extra things that were developed over the last 20 years then it is far from dead - it is actually essential.