Cylance's EMEA channel boss on the vendor's hype, UK growth and channel 'hit squad'

Stuart Quinsey talks CRN through the vendor's progress in EMEA after arriving with a bang two years ago

Cylance made perhaps more noise than any vendor in recent years when it launched into the UK in 2016, demonstrated no better than when it plastered its logo over Waterloo Station (pictured above).

But after its strong introduction - and a handful of aggressive interviews taking aim at legacy security vendors - Cylance was relatively quiet from a PR perspective in 2017.

Speaking to CRN Stuart Quinsey, senior director of EMEA channels at Cylance, has now opened up on the progress Cylance has made in Europe, explaining that 2017 was very much a "build year" for the firm.

Cylance now has 70 staff in Europe, including a team of 13 focused on the UK and Ireland.

Across EMEA the vendor has dedicated teams in the Nordics, Benelux and southern Europe - all of which are raking in seven-figure deals, Quinsey claimed.

From a channel perspective Cylance is working with fewer than 20 channel partners in the UK which, he added, is by design.

"Less is more for me," he said. "If you can have fewer, strategically aligned partners you're likely to drive far more sustainable success and then you can build from that in slower form.

"I've never been a fan of over distribution; I think unfortunately a lot of vendors do fall into the lure of just signing everyone and thinking it'll be the key to their success. What that does is devalue the relationship you have with your partners and ultimately impacts the street price."

Cylance having so few partners may come as a shock to some, with the next-gen endpoint protection player perhaps the most talked-about vendor in the channel when it landed in the UK two years ago.

But Quinsey (pictured) said the firm has had to manage the hype and has picked out a select group of partners to form its "national hit squad". He highlighted the likes of Softcat, Bytes, CDW and SecureData as key to UK plans.

"Two years ago when we hit down in the region every man and his dog was interested in working with us and it didn't matter whether they knew security or could sell it; it was the lure of this new, AI (artificial intelligence) ML (machine learning) tech," he explained.

"It was about what it could do for their own portfolio as opposed to what we could do together. We had 120 people in our first partner event in the UK two years ago, but when you actually boil it down the thing that is important to me is how strategically we can work together and ultimately provide end users with stronger long-term solutions.

"If we succeed we share the spoils together and if we fail, we will both feel pain. We don't want to be just a next-gen offering in their portfolio. I want to hear that people are committed to us."

EMEA on the map

Quinsey said that the EMEA region saw growth of 300 per cent in the last financial year, outgrowing the rest of the business. Cylance does not disclose its revenue, but in January said that it had reached a revenue run rate of $100m and year-on-year growth of 177 per cent.

It claims to have reached this run-rate figure in a fraction of the time it took vendors including Palo Alto Networks, FireEye and Symantec.

Quinsey explained that this growth has allowed the vendor to place more emphasis on relationships with pan-European channel players and systems integrators, but stressed that there is still an important role for smaller, regional security VARs.

"It's incredible growth [for EMEA] which really did allow us to get on the map for the US and become a very important contributor to the global number," he explained.

"We do feel that, while the SMB and mid-market is important, the hyper growth will continue as you start to turn in those pan-EMEA and global accounts.

"There is a key focus for us to service those markets, but the important thing is we have built an infrastructure where it doesn't matter if you're a small partner or not.

"What we don't want you (partners) to do is fall into the trap of building that infrastructure yourselves, which is why we've built a service platform over the last six months that the partners can consume from and fill the technical deficit they may have."

The buzzwords

It is hard to argue that Cylance's heavy marketing campaign didn't have an impact on the wider security market.

In the years since, legacy vendors have tweaked their own approaches so that the terms ‘artificial intelligence' and ‘machine learning' feature prominently almost everywhere you look in the industry.

Quinsey believes that Cylance deservers to be credited with bringing AI and ML into the mainstream.

"I genuinely think that is almost unquestionable," he said. "A few years back when we were talking about AI and ML it was very unknown and there were a lot of questions from the market about what the thought process was and what the impact would be.

"I lost count of the amount of times that we would go through those conversations with partners, so a lot of what we had to do was changing the thinking of the market, because if the market doesn't know something it will gravitate to what it does know.

"The whole thing for us has been about staying true to what we do because we have the first-mover advantage when it comes to AI and ML. if you look at the market I think people are trying to emulate what we do.

"Every company has an AI-infused solution, and that is amusing to me in one way and flattering in another, but what it really does is rubberstamp that that is the way the market is moving."

In terms of staying true to its word, Quinsey said that Cylance doesn't subscribe to the views that 'breaches are inevitable' and 'it's not if, but when' - mantras that some in the cybersecurity space are supporting.

Cylance is still very much backing its prevention approach, but what a lot of the industry is probably not aware of, Quinsey claimed, is Cylance's post-breach capabilities.

"This is too hidden, in my view, but we are probably the most proficient services company in the world when it comes to incidents. If you talk about post breach, a lot of our engagements are customers phoning us up and saying ‘we've hit the big red button' because they think they've been compromised.

"We have a subset of our technology where we can send out our agents to assess where they have been breached, and clean that environment in record time. We can do things in a tenth of the time with ten-times the sophistication to help customers out of the pit quicker."

First bump in the road

After the hype had started to die down towards the middle of last year Cylance had what was probably its first real encounter with negative press, when news of restructuring and a batch of redundancies was leaked, and then confirmed.

Quinsey said these redundancies had no impact on the EMEA operation, adding that the cuts weren't as severe as reported.

"To be honest I think these things are always blown out of proportion," he said. "When you go through the growth that we are going through you go from a handful of people to nearly 900 people in 18 months.

"There is no benchmark for that kind of growth, so you're putting people into the areas that you think are right as far as you can see - which is right in front of your nose at that point in time.

"Sometimes you need more investment in certain areas and less in others, so when you do this stuff you're making your best judgement call, and our attrition rate is actually very low. It's a natural part of a living, growing thing."