The Gately Report: Palo Alto Networks Plans Strong Growth with Partners in 2024
Plus, an unknown threat actor compromised the SEC's X account.
![The Gately Report logo The Gately Report logo](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltcab17752b92b599f/65242b07dbf7e6d4fabc2d6d/The-Gately-Report-logo.jpg?width=700&auto=webp&quality=80&disable=upscale)
Channel Futures: Palo Alto Networks completed its acquisitions of Dig Security and Talon Cyber Security. Will these create new opportunities for partners? Also, how will these acquisitions impact partners of both companies?
Tom Evans: It's probably a little early to say exactly how it's going to impact them. It definitely will create opportunities for our partners when we launch it into the go-to-market strategy. We're figuring out exactly what or how to handle [Dig Security and Talon Cyber Security’s] existing partner ecosystems. I will tell you it'll give everyone an opportunity to become a broader Palo Alto partner. It's just a matter of how we engage and how they're going to want to engage, if some of those partners want to become a broader Palo partner or just stay focused on that technology. But it'll definitely open up, like with all of our acquisitions in the past, an opportunity for new revenue streams for all of our partners.
CF: Palo Alto Networks’ revenue grew 20% in its first quarter of 2024. What role are partners playing in Palo Alto Networks’ revenue growth?
TE: We are a partner company. Everyone, including our CEO, has said that we go to market with our partners. A large percentage, well over 90% of our business, is through our partner community. A large percentage of that is driven by our partners and brought to us by partners. So as we grow, our partners grow, and we rely on our partners to continue that growth. So everything that we forecast and everything that we predict, and everything that we grow is reliant on the partners growing with us and bringing us opportunities, and becoming more efficient.
CF: Palo Alto Networks became the first cybersecurity company to reach $100 billion in market value. What does that mean for partners?
TE: I think it's validation for our partners that we are the best cybersecurity company in the industry, and it gives them the ability to understand that they can feel comfortable and safe recommending our technologies to customers. Customers are continuing to buy from us. And I think if we look at our partner community, they are seeing that, with the evolution of all of the integration of all our technologies and with the size of hitting that $100 billion, we're definitely someone they can trust, someone they can partner with. There' are a lot of different ways for us to go to market with our partners. And from what I've heard in talking to the CEOs of partners, it's really around a trust factor, that they know when they recommend us to their customers, they're recommending the best solutions, and that their customers are being successful and mitigating cybersecurity concerns by deploying Palo Alto.
CF: Is Palo Alto Networks gaining or attracting new partners? If so, what’s fueling that growth?
TE: Palo Alto Networks always has a ton of partners every year that want to come join our partner program. It's just natural. Since I've been here for six years, we've always had a large number of partners that have applied and tried to join us. As we evolve into new technologies and as we make acquisitions, that opens up another level of partner community. We're not in recruitment mode by any means, but we certainly do add a pretty healthy amount of partners every year that are experts in their technology field. And it could be across our entire portfolio, or it could be very specific to some of our technology. So we're not hurting for partners.
CF: Is Palo Alto Networks emphasizing or focusing on particular partner types?
TE: We're not focusing on a specific partner type. If we look at customers, they're leveraging all sorts of different partners. And I think what we've realized as a company is that we need to embrace all different routes to market. We need to embrace our distributors. We need to embrace our SIs.
Specifically, we're growing pretty healthily within our SI space, our large global integrators. We're doing very well in our service provider space … and then we evolve into the cloud provider. So the partners that are doing a lot with Amazon Web Services (AWS), Google Cloud Platform (GCP) and Azure, they're certainly growing a healthy amount with us. We're not trying to go after one specific type. What we're trying to do is look at it from a customer perspective. They may want a reseller to come in and just resell the technology. They may want a solution provider to come in and really advise them of how they can go to market. They may want an integrator to do a lot of their services. They may want to go through the cloud.
And so what we're doing is embracing it all and saying that we want the customer to have a choice and to have a very diverse ecosystem that they can go after and leverage on many opportunities, multiple different partners. What we can do to help that is try to foster a way for all of those partners to integrate within our program, how we can compensate them, how they can work together and how we can introduce them together. We're getting away from the idea that there's only one partner on one individual opportunity. There could be different partner types, and we're certainly very protective of the partners that bring us opportunities. But customers are looking for many different partners to bring them different things along the way.
CF: AI in cybersecurity is a hot topic right now. How is Palo Alto Networks making use of AI? Do partners have a lot of questions/concerns about AI? How are you addressing those?
TE: Certainly it's a hot topic. The number of threats right now is at an all-time high. And one thing that we think is the biggest challenge facing our partners right now is staying ahead of all of those innovations within the technical world, and artificial intelligence (AI) is a big part of that. It's presenting challenges for our ecosystem. But what we're doing is working with them to make sure they can understand how to adapt the capabilities, how to look at these as potential opportunities and address some of the challenges.
We're trying to figure out how partners can invest in that training to really leverage AI effectively and understand the implications that it has. We understand that there's a demand right now for very skilled cybersecurity partners out there and in the AI space is one of them. And so we're just simply looking at it and saying, how do we support that? How do we create training around that? How do we have our products involved and integrated with that so that our partners can look at it and say they feel like we're staying ahead of the game?
What we've done a lot is really understanding the industry trends that are coming and predicting out where we're headed. And that's one of the reasons why we've been so successful. What we're looking at is, with this complex landscape, how do we make sure our partners invest in this and really understand how AI is impacting and the effect it's having on cybersecurity. And a lot of our customers are looking to their partners to really give them guidance and understand how they can technically advance in areas like AI and others. So we're very well aware of it; we're talking about it and we're trying to make sure that we're ahead of others with regards to AI.
CF: Is the evolving threat landscape shaping Palo Alto Networks’ overall business, product and channel strategies?
TE: We certainly take it into account. We're looking and understanding where the threat landscape is evolving, but we're also trying to stay ahead of it. And we've done a very good job of understanding where the industry is going. We're doing a really good job of understanding what threats are coming in the future, and we've been able to stay ahead of those by putting things in place not only on the product side and the technology side, but within our program as well. A lot of changes we made this year with regard to our program for our partners is really to become more educated and enabled around our specializations and our proficiency, because we found that the partners that are growing the fastest with us are the ones that really do have the most expertise.
This isn't a world of commodity-based reselling anymore. This isn't who can sell the most boxes. This is who is that trusted advisor who can go into the customer and sell them lots of different technologies to solve complex business problems. And what we're trying to do is put our program behind that and say, if you can get specialized or become proficient in a broad group of our products, it'll help you with our customers. We're in [our fiscal] second quarter now, and when I look at this year, since we've launched our new program, the partners who have embraced that are the ones that are growing the fastest with us, have the biggest pipeline and have the broadest spectrum of all the products they're selling. It's not just, let's say, firewall-based, but it's really a lot across all of our solutions. We're definitely seeing that.
CF: What’s the latest in terms of feedback from partners? What are their latest needs?
TE: We addressed a lot of what we were hearing over the last year-and-a-half around predictive profitability, and we made some tweaks and changes to our program with launching over the last 12 months the most comprehensive set of changes to our program. And one of those was really changing the compensation model for our solution providers and for our distributors. That was a big topic that I heard over the last ... 12 months. We addressed that by allowing them to earn different front-end incentives, but also now pretty heavy back-end rebates and back-end incentives, along with sales incentives for their sales force.
What we've heard since we've done that is that the partners are really starting to understand that predictive profitability. They can understand what's coming in. It's allowing me to have conversations with the CEOs of our partners and saying, "If you know this margin is coming in or you can predict this margin, how do we start investing together?" And one thing that we're seeing is a pretty natural increase in the number of certifications, the number of accreditations and the number of people that are getting enabled around our technology because they can now invest ahead of the curve and they understand that investment is coming because their margins are greater. We want to figure out how to keep doing that across all of our routes to market, not just solution provider and distributor.
So this year, we're certainly looking across all the other routes and saying, how do we do something similar? How do we change the way we're compensating them? How do we change the way we're training them? We have lots of solutions now that, if we go to market with our partners and if we can train our partners on how to deliver services in that, it's going to be a game changer for us. So that's what we're really looking for in the future.
CF: Many organizations are dealing with tight budgets. How is Palo Alto Networks helping partners meet those organizations’ needs?
TE: I think by being a really good partner to them. Palo Alto Networks is obviously giving them different ways and lots of ways to invest in our business. It doesn't have to be monetary. It could just be time-based. We recognize that the dollar is important to them and especially in this environment. So we're trying to offer more training that they can take that doesn't cost them anything. What we're trying to do is take a step back and say, how do we effectively handle our customers in the most effective way? And if our customers need partners beyond our own internal employees to really be able to sell our solutions and deliver those services, let's get them trained. Let's not charge them for it, but let's get them trained. Let's evolve our feet on the street, so to speak, so that our partners are now an extension of our sales force and an extension of our technical community. The technical side is where we're heavily focused this year.
CF: What do you find most dangerous and surprising about the current threat landscape?
TE: It's evolving and quickly changing. I think we're doing a great job of sort of staying ahead of it, or at least handling it when things do change. I think there are other companies that aren't evolving with the threat landscape and it's creating some challenges. And I think for us that presents a bit of a challenge. If things are changing as rapidly as they are, how do we continue to stay ahead of it? We do a pretty fantastic job of getting our internal teams trained on the evolution of where this threat landscape is going. Transitioning that to the partners is challenging. And so we're constantly evolving and trying to find ways to train, and how do we get information out there? How do we write blogs? How do we just do more communication so that our partners are aware and can really be as close to our feet on the street that we are? And that's a hard thing to do when you have thousands of partner sales reps and partner technical reps within the community.
In other cybersecurity news …
The U.S. Securities and Exchange Commission (SEC) last week said someone briefly accessed its X social media account and posted a fake message saying it had approved exchange traded funds (ETF) for bitcoin.
The SEC posted the following on X:
“The @SECGov X account was compromised, and an unauthorized post was posted. The SEC has not approved the listing and trading of spot bitcoin exchange-traded products.”
The unknown individual compromised the SEC’s X social account by acquiring an associated phone number, which led to a spike in the price of bitcoin. According to Reuters, the SEC said the unauthorized access was terminated.
Etay Maor, senior director of security strategy at Cato Networks, said in a year when more than 50 different countries are expected to hold democratic elections, “we are already witnessing the real-world ramifications of disinformation spread online by cyberattackers.”
“Incidents since the start of the year are reminiscent of the April 2013 Associated Press Twitter account hack, which caused false rumors to spread of an explosion at the White House and stocks to plunge,” he said. “[Earlier this month], attackers breached Mandiant’s X account to promote a cryptocurrency scam. The SEC’s X account hack became the latest, painful reminder of overlooking basic security hygiene practices, such as using strong passwords and two-factor authentication. These security enforcements should be the bare minimum for organizations under scrutiny to comply with evolving security protocols. The irony is that this latest hack follows the SEC’s new public breach disclosure policy, which took effect last month."
Claude Mandy, chief evangelist of data security at Symmetry Systems, said the key takeaway from this incident is that cybercriminals are always after the quickest way to monetize access, and this often doesn’t require sophisticated attacks, but merely credential compromise.
“It’s hard to say why X has been targeted more as yet, however, their changes in 2023 to multifactor authentication (MFA) via SMS, forcing users to pay for this security functionality or use app-based MFA, may be playing a role,” he said. “Given this was solely on the social media platform along with a raft of highly respected security firms, I suspect it will be rapidly forgotten in the broader scheme of things. It does, however, reinforce the importance of security for public and private sector organizations, regardless of size and stature.”
Netskope’s annual Cloud and Threat Report revealed a 400% increase in generative AI app use among enterprise employees in 2023 compared to 2022.
Bad actors are taking notice of the rapid growth in generative AI app adoption as employees are more likely to expose sensitive data through these apps.
According to the report:
Cloud apps accessed in enterprise increased by an average of 19% per year, with users jumping from 14 to 20 different apps in just two years
Half of all enterprise users interact with 11 to 33 cloud apps each month, with the top 1 % using more than 96 apps per month. Interactions with these cloud apps are increasing at an even faster rate, from just over 1,000 activities per month two years ago to nearly 2,000 activities per month today.
Most enterprise users generate between 600 and 5,000 activities per month, while the top 1% of users generate more than 50,000 activities per month.
“With growing AI app usage, employees are more likely to expose sensitive data like credentials, personal information or intellectual property,” said Ray Canzanese, threat research director with Netskope Threat Labs. “For safe enablement of AI apps, organizations must implement reasonable controls and advanced data security capabilities while focusing on how employees can use AI productively.”
The most common way attackers gained initial access in 2023 was through social engineering, as it is the easiest way adversaries can find their way into systems that quickly patch against known security vulnerabilities and limit remote access, according to Netskope. The most widespread schemes this past year used social engineering attacks like phishing to steal credentials, and trojans to trick victims into downloading and installing malware.
Users fell for phishing scams three times more frequently than users downloaded trojans, with an average of 29 out of every 10,000 enterprise users clicking on a phishing link each month in 2023. Cloud apps and shopping sites were among the top targets throughout the year, while banking portals, social media and government targets also saw a notable increase.
As the second most common attack vector, users downloaded an average of 11 trojans per month per 10,000 users, meaning a typical organization of that size would have had an average of 132 trojans downloaded by users on their network per year.
The majority of adversary activity targeting Netskope customers in 2023 was criminally motivated, with geopolitical adversaries most active against users in Asia and Latin America. Netskope found that the top criminal adversary groups throughout 2023 were based in Russia , and the top geopolitical threat groups were based in China (targeted primarily at victims in Asia, especially Singapore).
Netskope’s annual Cloud and Threat Report revealed a 400% increase in generative AI app use among enterprise employees in 2023 compared to 2022.
Bad actors are taking notice of the rapid growth in generative AI app adoption as employees are more likely to expose sensitive data through these apps.
According to the report:
Cloud apps accessed in enterprise increased by an average of 19% per year, with users jumping from 14 to 20 different apps in just two years
Half of all enterprise users interact with 11 to 33 cloud apps each month, with the top 1 % using more than 96 apps per month. Interactions with these cloud apps are increasing at an even faster rate, from just over 1,000 activities per month two years ago to nearly 2,000 activities per month today.
Most enterprise users generate between 600 and 5,000 activities per month, while the top 1% of users generate more than 50,000 activities per month.
“With growing AI app usage, employees are more likely to expose sensitive data like credentials, personal information or intellectual property,” said Ray Canzanese, threat research director with Netskope Threat Labs. “For safe enablement of AI apps, organizations must implement reasonable controls and advanced data security capabilities while focusing on how employees can use AI productively.”
The most common way attackers gained initial access in 2023 was through social engineering, as it is the easiest way adversaries can find their way into systems that quickly patch against known security vulnerabilities and limit remote access, according to Netskope. The most widespread schemes this past year used social engineering attacks like phishing to steal credentials, and trojans to trick victims into downloading and installing malware.
Users fell for phishing scams three times more frequently than users downloaded trojans, with an average of 29 out of every 10,000 enterprise users clicking on a phishing link each month in 2023. Cloud apps and shopping sites were among the top targets throughout the year, while banking portals, social media and government targets also saw a notable increase.
As the second most common attack vector, users downloaded an average of 11 trojans per month per 10,000 users, meaning a typical organization of that size would have had an average of 132 trojans downloaded by users on their network per year.
The majority of adversary activity targeting Netskope customers in 2023 was criminally motivated, with geopolitical adversaries most active against users in Asia and Latin America. Netskope found that the top criminal adversary groups throughout 2023 were based in Russia , and the top geopolitical threat groups were based in China (targeted primarily at victims in Asia, especially Singapore).
Palo Alto Networks partners will see a lot from the company in 2024 to increase ease of doing business, and therefore fostering faster growth.
That’s according to Tom Evans, Palo Alto Networks’ vice president of worldwide channel sales. He said the company continues to execute on the launch of its new partner program, “but we are now looking to enhance that.”
![Palo Alto Networks' Tom Evans Palo Alto Networks' Tom Evans](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltd1e8442dfdc597c0/651e9729de6321423dc78552/Evans-Tom_Palo-Alto-Networks.jpg?width=700&auto=webp&quality=80&disable=upscale)
Palo Alto Networks' Tom Evans
“There will be some things coming around custom and specific programs and specializations for our SIs, service providers and cloud service providers,” he said. “We're developing different specializations and proficiencies for certain technologies like XSIAM Elite. We're revamping some of our Prisma Cloud and our MSSP programs, and we're continuing to evolve technical expertise. So I think what they'll see this year is really a heightened awareness on all the other routes to market.”
Palo Alto Networks Simplifying Partner Experience
In addition, Palo Alto Networks will continue to work on being a much easier partner to do business with, Evans said.
“We're trying to change our internal systems to make it much simpler,” he said. “We're trying to change all of our processes so that it doesn't have thousands of steps. We're trying to just be a better communicator as far as how we get information to our partners and we're learning as we go. We're also now evolving our blog series and completely changing our portal, making it much more self-sufficient. We're launching brand-new tools in the next two months around how partners can now integrate with our Salesforce so that they can see all their opportunities, but then also understand how they're tracking compensation-wise so they can get a predictive way of knowing what dollars are going to come out of the rebates and how they're compliant towards our new program.”
Palo Alto Networks’ new partner portal emphasizes self-sufficiency so “they can be very individual and they don't have to rely on our channel business manager to walk them through if they're compliant or not,” Evans said.
“They can log in, see how they're doing without us, and we want that to be the case along with all of our training," he said.
Scroll through our slideshow above for more from Palo Alto Networks and more cybersecurity news.
About the Author(s)
You May Also Like