(Pictured above: Steven Grobman, McAfee’s senior VP and chief technology officer, on stage at McAfee MPower, Oct. 3.)

MCAFEE MPOWER — McAfee plans to launch a new partner program in first-quarter 2020 based on a year of feedback from partners and other partner programs that have proven successful.

Ken McCray, McAfee’s head of channel sales and operations for the Americas, gave a preview of the upcoming MPACT partner program at this week’s McAfee MPower 2019 Cybersecurity Summit in Las Vegas. The theme of this year’s conference is “It’s About Time.”

McAfee’s Ken McCray

“The feedback from our partner advisory members and additional partners we’ve talked to, they seem to like what we’ve done in rebuilding the program,” he said. “The process started with feedback from our partners. We’ve taken that feedback, distilled it down to what really matters and made sure that we built a program … [that] recognized the partners’ commitment to McAfee. So partners who lead with McAfee will definitely benefit greatly from the program. It had to have elements of training that align to our corporate strategy. The partners will see that everything we do in the partner program singularly aligns to what the company is doing — that was very big. And then the program will reward them through benefits such as rebates once they complete some of the training. So we’re very excited about where we’re going with the program.”

In the new program, the partner can decide which path they want to go with McAfee, McCray said.

“If you’re a traditional VAR partner, you can go down that path based on your business model,” he said. “If you’re a partner who defines themselves as a service provider, you can go down that path. So we left it up to the partner as opposed to McAfee saying, ‘You need to do this; you need to be certified in this area.’ We know what’s happening in the industry, but we felt let’s leave it up to the partner to make that decision.”

Also at MPower, Steven Grobman, McAfee’s senior vice president and chief technology officer, told attendees his company’s 1 billion sensors provide a better understanding of the global threat landscape than any other cybersecurity company. McAfee is focused on faster threat detection, as well as being able to anticipate threats before they can impact an environment, he said.

McAfee can zero-in on threats that are targeting individual sectors, he said.

“There is some bad news,” Grobman said. “Every single one of our environments is vulnerable. The vulnerabilities exist even if they haven’t been discovered. In software, there are going to be inherent flaws. In the bad scenario, the bad actor finds the vulnerability first and starts to exploit it, and then we figure it out. In the better scenario, a threat researcher finds the vulnerability and works with the vendor to build the patch. At some point in time, the bad actor will find how to use that vulnerability and it will be exploited in the wild. But we’re trying to stop them.”

Nate Jenniges, McAfee’s senior director of product development for enterprise endpoint, said enterprises still are facing the continuing evolution of threats, “even in places like ransomware where we’re seeing a whole new set of tactics and techniques to try to get onto the endpoint and through the defenses.”

“People are using machine learning and AI to outmaneuver the machine learning and AI; that’s on the endpoints,” he said. “Also, a lot of organizations are still struggling with keeping everything up to date, all the software across all those organizations.”

MVision Insights provides a view into the global threat landscape, understanding new and existing attacks, and then analyzes customers’ security environments to detect any shortcomings, Jenniges said.

“The ability of us to walk people through it and be more proactive at getting your environment configured and optimized against the evolving threat landscape is a huge benefit,” he said. “In addition, there are new technologies in those …

… endpoint products that allow us to continue to evolve and fight against those attacks  … really pivoting to looking  at the behaviors of what’s happening, looking for campaigns and attacks, and families. And when you do that, you’re looking at stuff that’s executing, so a key feature we’ve added is the ability to roll back remediation. So if something has actually executed before you were able to get everything in place, at least we have a trigger mechanism now that you can actually restore it back and undo the effects. So in the case of a ransomware and it’s encrypted all your photos … we can actually put them back from the attack.”

From a partner perspective, it’s the ability for the partner to be able to see threat campaigns and understand what a campaign is trying to target, and “being able to go to their customers and help them get their security hygiene upgraded, and it’s all automated,” Jenniges said.

“What it also helps with is the amount of time that’s being spent with endpoint detection and response (EDR) and investigations,” he said. “They’re absolutely needed, but there’s way too much making it into that stage. When the outcome of an investigation is we didn’t have the right software deployed, we didn’t configure right it or update it, if we can really, drastically reduce that piece, we’ll reduce the amount of things that have to be investigated.”

Jasper DeMann, director of strategic alliances at ISA Cybersecurity, Canada’s largest McAfee reseller, said two things stand out from this year’s MPower.

“I very much like the tagline of ‘it’s about time’ where there needs to be some change,” he said. “This has to be a team sport. An evolution we can see with McAfee is how it’s been transitioning from a player pushing for a lot of solutions to really being an industry player … with certain acquisitions, as well as with solutions that are very partner friendly and bringing the best of different sides of the business. Secondly, it’s not just that cybersecurity specialists have to work together, but everybody at an organization has to be part of this team. That also means we as partners and you as vendors have to demystify cybersecurity and make it something we can all talk about in terms of everybody understanding.”

MVision Insights “pulls everything together; it’s no longer different services that you need to master, but really understanding how everything works together,” DeMann said.

Adam Ostmeyer, distribution business development manager with Optiv, said MPower really showed “what we’re going to push forward, the next stage of everything we’re going to be doing with McAfee.” Optiv is a large McAfee reseller and service provider.

“There’s definitely been a good amount of stuff here that some our executives have seen, and they’re definitely going to take that back and start to use that to put more into plans for 2020 and 2021,” he said.