Customers plagued by shadow IT and out-of-control cloud use? Shine some light on the problem.

Lorna Garey

February 26, 2018

7 Min Read
7
Shutterstock

**Editor’s Note: “7 Minutes” is a feature where we ask channel executives from startups – or companies that may be new to the Channel Partners audience – a series of quick questions about their businesses and channel programs.**

Lumeta shines a light into the dark, unmonitored corners of customer networks — and that might be an eye-opening vision, especially if they have connected IoT devices or lines of business accustomed to spinning up servers in the cloud without IT’s knowledge. Research by the company shows that over 40 percent of endpoints and cloud nodes are unknown, unmanaged, rogue or participating in shadow IT.

Partners can use the marquee product, Lumeta Spectre, to spot all attached endpoints, virtual machines, cloud-based infrastructure like IoT, policies and segmentation changes in a customer network. The company has technology integration alliances with top security providers including Carbon Black, Cisco and McAfee, and it also works with AWS and VMware. Director of channels Paul Kriksciun says that integration helps customers get the most out of existing network and security product investments by feeding them security intelligence.

On Friday, Lumeta announced what it calls Spectre for Leak Path Monitoring to detect unauthorized inbound or outbound connections to the Internet or to sub-networks — that is, leak paths. It also took part in the recent Cisco 2018 Annual Cybersecurity Report, along with Anomali, Qualys, Radware, Saint and TrapX.

Kriksciun-Paul_Lumeta.jpg

Lumeta’s Paul Kriksciun

We asked Kriksciun to take seven minutes to explain why MSPs, VARs, resellers and other partners should recommend Spectre.

Channel Partners: Tell us what customers love about your product or service. What’s the secret selling sauce?

Paul Kriksciun: Today’s customers are outsourcing business processes, exploring the Internet of Things, and are at different points in their journeys to and from the cloud — all of which create massive network-security risks. The first and most important step in selling prospective organizations on Lumeta is teaching them about the (many!) blind spots in their networks: “If you can’t see it, you can’t secure it.”

Once we can show an organization how much of their network and how many endpoints go unmonitored, leaving potential vulnerabilities undetected, Lumeta’s unmatched cybersituational awareness platform, Spectre, is an easy sell, quickly becoming a must-have solution. It is the only solution to provide true real-time cybersituational awareness needed to identify all IP networks and endpoints and eliminate the gaps in visibility and security monitoring common for today’s dynamic network and virtual infrastructures.

Lumeta Spectre and its active ecosystem of technology integration partners provides a comprehensive security solution stack that enables security and network teams to more quickly identify and remediate threats with a unique end-to-end understanding of endpoint, cloud and network infrastructure in real-time.

CP: Describe your channel program — metal levels, heavy on certifications, open or selective, unique features?

PK: Lumeta’s channel program has two levels: Authorized Reseller and Value-Added Reseller. We work closely with a select group of value-added resellers and channel partners to provide our cybersituational awareness solutions to enterprises, service providers and …

… government organizations around the world.

CP: Quick-hit answers: Percentage of sales through the channel, number of partners, average margin. Go.

PK: One-hundred percent of all new logos are through Lumeta partners, with 20-25 percent margins plus [market development funds].

CP: Who are your main competitors, and what makes your offering better?

PK:  Lumeta’s approach and wide array of capabilities truly make it unique, and yet, the security market is crowded with many vendors claiming complete visibility and “continuous” monitoring or polling abilities. Vendors like ForeScout, Skybox and solutions that use Nmap claim various levels of visibility across networks or endpoints; however, the reality is that these vendors and others handle only a subset of what Lumeta does, and they only focus on easily identifiable endpoint devices or discover infrastructure in a limited capacity.

These restrictions limit the ability to address unknown, rogue or “shadow IT” infrastructure enterprise-wide, including into the cloud. This can actually be quite dangerous, as organizations get a false sense of security from these vendor promises and are actually very exposed to attackers exploiting these blind spots.

Lumeta Spectre integrates with many direct competitors on the above list, because we can fundamentally improve the ROI any of these classes of solutions to be much more effective than what they can currently offer in terms of visibility or actual real-time monitoring at the exact moment of change. We are really that unique that, down the road, we could still partner with one of these vendors. The beneficiary ends up being the customer, not the vendor.

Another factor is leak paths. Leak paths are used by most advanced attacks, yet Lumeta is the only vendor able to detect 100 percent of network leaks, whether preexisting or as they are created in real-time. It is amazing that such a common attack vector is basically ignored. That is how data is stolen: Attackers install more malware tools and enable ransomware keys to encrypt data.

In addition, one of the best things about working at Lumeta is how on-board the entire team is – from leadership down – to making Lumeta a channel-first company. This is so important to overall growth of the company because if you’re not committing to the channel, you’re not committing to growth.

CP: How do you think your technology portfolio will change in the next three years?

PK: Today’s customers are transitioning to and from the cloud, outsourcing business processes and exploring the IoT, all of which create massive network security risks. We’re going to continue to see IoT disrupt traditional networks. With the introduction of IP-based technology, our focus is on enabling greater centralized control and management over more services and expanding business opportunities across sectors. There’s also rapid adoption of IoT for Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) being increasingly employed across government, health care, retail and banking sectors.

IT departments are growing pressure to implement technology strategies that drive measurable improvements throughout their organizations, especially in the area of network security. Most organizations today struggle with network visibility when it comes to protecting their increasingly connected ecosystems. Lumeta, Cisco pxGrid, McAfee ePO and other ecosystem products provide a powerful security stack to help organizations gain …

… the visibility they need.

CP: How do you expect your channel strategy to evolve over that time frame?

PK: How can Lumeta be more of a strategic asset to our partners? That’s the question I always try to answer first and foremost. This is a pivotal time for the company’s channel program, and this past fall we announced a two-pronged strategic approach to double-down on our commitment to keeping Lumeta a channel-first company.

The first phase of Lumeta’s updated channel plans will focus on refinement, prioritizing partnerships that offer a real and immediate value-add to customers and being highly selective when it comes to working with new partners. Next, we’ll work to scale the program across the U.S., and eventually Canada and Europe.

CP: What didn’t we ask that partners should know?

PK: The blind spots that I mentioned earlier in this conversation are a bigger problem than most people understand — until they see the Lumeta platform in action. Lumeta research determined that over 40 percent of today’s dynamic networks, endpoints and cloud infrastructure are unknown, unmanaged, rogue or participating in shadow IT, leading to significant infrastructure blind spots by both enterprise and government departments alike.

Surprisingly, most of the “IoT security” solutions on the market today do not provide the complete visibility needed to secure IoT environments effectively. One of the larger areas that is part of just about every high-profile attack, including ransomware, is our ability to detect leak paths across networks and to the Internet, even from the cloud. We find that organizations can already have hundreds or even thousands of leak paths that are unknown, unmonitored and left unsecured. It is amazing how many we find that are actively sending information to known malware sites we’ve identified! This is big problem in any enterprise network, but really a big deal when it comes to securing IoT. Our latest product, the new Spectre for IoT/ICS, delivers complete network visibility in any IP-enabled environment.

Read more about:

Agents

About the Author(s)

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like