Security market disrupter Cylance picks Australia as Asian launch pad

The former head of Telstra’s security business has been appointed Cylance’s regional director

US-based IT security company Cylance has opened an office in Australia to tackle the Asian market, promising a radical new approach to endpoint security.

It has appointed the former head of Telstra’s security business, Andy Solterbeck, as regional director with responsibility for South-East Asia and Greater China. He joins Telstra’s former chief information security officer, Glen Chisholm, who is the company’s US-based global CTO.

Cylance has also appointed Greg Singh as regional director of sales engineering and the former head of channel and alliances marketing for APJ at FireEye, Hwei Oh, as director of marketing for APJ.

In its February 2016 Magic Quadrant for Endpoint Protection Platforms (EPP), Gartner described Cylance as “the fastest-growing EPP startup in the last ten years.” The company was founded in 2012 and Solterbeck said sales were now running at US$100 million annually.

The company intends for its go-to-market model to be 100 per cent through partners.

“We are right in the midst of very active recruiting discussions,” Solterbeck said.

“We are looking for people who own real security practices and are trusted advisors to their customers.”

The company claims to have number of proof-of-concept trials with potential customers in Australia.

Solterbeck told Computerworld Australia that Cylance was one of a new breed of companies disrupting the IT security market.

“Virtually every industry is being disrupted by software-based business models and approaches,” he said.

“Security was one of the last to be disrupted but we are the disruptor.”

He described the product as “a replacement for current outmoded antivirus software,” and said that, while it would be technically ideal for the consumer market Cylance had no immediate plans to offer it to consumers.

“The consumer space has completely different support paradigms. Right now we're set up as an enterprise business. But from a technology perspective the product is identical. [A consumer version] is absolutely being discussed,” Solterbeck said.

The software runs on Windows and Mac. There is a Linux version, but it available only as an OEM product.

Solterbeck said that Cylance’s approach to antivirus was radically different to standard techniques in that its software runs in stand-alone mode: It does not require frequent updates with new virus and malware signatures in order to function. Instead it relies on an algorithm that has been designed and ‘trained’ to differentiate between normal and abnormal files.

He said Cylance had developed the algorithm by examining every possible file type it could get its hands on and applying machine learning techniques: “Each file has a few thousand useful attributes and each of those attributes has a bunch of different settings: that adds up to millions of different combinations. What we have done is develop an algorithm that can look at those attributes and say if a file is good or bad.”

Cylance claims a detection rate in excess of 99 percent and Solterbeck said it would enable organisations to reverse a shift of focus from prevention to early detection that has been the result of an uptick in successful attacks.

“The industry as a whole has got itself into a situation where it has given up on prevention and has focused on detection and remediation. Our philosophy is that prevention is significantly better than a cure. … The aim is to move away from human intervention to automation as much as possible.”

Further, he claimed that because the Cylance software is an algorithm performing mathematical calculations, it has a much smaller footprint than traditional antivirus software.

“The current version of the algorithm is 30 megabytes. It uses very little CPU and very little memory,” he said.

These attributes, and the lack of frequent updates, he said, made the software ideal for Internet of Things applications, where processing power and bandwidth are often limited.

“The IoT space is incredibly interesting for us and the guys in the US are doing some very interesting work. You can expect to see some developments.”