Panda Security restructures for growth

Spanish firm Panda Security is marking its 25th anniversary with a five-year plan to accelerate growth

Spanish firm Panda Security is marking its 25th anniversary with a five-year plan to accelerate growth.

Leading the process of internal and external transformation is chief executive Diego Navarrete (pictured), who, after one year at Panda Security, is relaunching the business.

With its seventh consecutive quarter of revenue growth, the firm maintains a strong performance in the European market, especially in the UK, the Nordic countries and Germany, but it plans to bolster US sales and marketing this year.

Navarrete believes the future of the computer security industry lies in cloud computing and big data; it faced a turbulent journey into that arena almost eight years ago, when it became ‘The Cloud Security Company’. At the time, the firm bet on this new model, letting go of a good part of its corporate customers, who preferred to maintain their security on-premises.

“Panda turned completely towards cloud computing and we had to be honest with our customers,” said Navarrete. “It was not that we did not want their business and walked them to the door; we knew that if they were not willing to move their security to the cloud, we could not be their provider.”

Navarrete considers Panda’s competitors as strong on marketing, but less so in technology, where he believes the firm still has a competitive advantage.

“230,000 samples of malware are analysed in our cloud every day, and using the new big data technologies we can correlate elements with behaviours in the cloud faster and more efficiently than anyone else in the market,” he said.

According to Navarrete, Panda’s corporate business is already leading its revenue, making up 60% of the total income in the past year, although SMEs constitute the bulk of the business. However, Navarrete believes big businesses will prove that Panda’s innovations and security philosophy are the right ones.

“They will ratify our strategy and our solutions, especially in the area of advanced persistent threats (APTs),” he said.

Panda Security automatically analyses 99.6% of the 230,000 samples of malware and only 0.4% of them need the intervention of a Panda Labs expert to carry out analysis. “We are not working with false positives anymore, because we analyse both goodware and malware samples,” said Navarrete.

Panda Security is developing a tool to monitor files and executables in real-time to classify 100% of the executables without using a signature file. “That’s only possible with our 25 years of experience analysing malware and the power of our cloud and big data,” said Navarrete.

As an example, he claims the combination of cloud and big data enables Panda to block 95% of DDoS attacks. “You only need to correlate a good IP reputation database from other players and eliminate all the newly created IP addresses that are accessing your servers.”

However, cloud-based security faces a challenge in terms of its licensing model. Navarrete believes the providers should evolve towards a subscription model of a service that can be turned on and off in real-time. “That is the right model, although the computer security industry is far away from it; even we are not 100% there yet,” he said.

Challenges around the IoT

Mobility, the internet of things (IoT) and machine–to-machine (M2M) communications are other drivers in Panda’s five-year plan.

Navarrete says the company addresses this scenario with "simplexity" – in other words, "making complex things simple and simplifying the complexities”. Panda aims to become the advisor that provides a management console that integrates information from multiple smart devices into a unified display.

However, the development of standards will be decisive on IoT growth, not only to control internet-connected devices and objects, but also to secure them. In this sense, Panda Security is already working with associations such as the Open Interconnect Consortium, which seeks to develop these standards and data-sharing, including threats and vulnerabilities.

Navarrete believes that pan-industry collaboration across all industry sectors will be needed to let security companies access APIs, operating systems, etc, in a simple way.

He points to the importance of developing multi-appliance and multi-OS technology because it is not just about accessing to the appliance through its IP address, but also accessing the kernel level to get the threats blocked. 

“The development of IoT standards is much faster than previously thought, especially thanks to Intel (hardware) and Google (Android) efforts, which are pushing in the right direction.

“We’re also in discussions with hardware manufacturers, software vendors and car manufacturers, because our desire is to play a key role from the beginning of the process and get embedded security devices,” said Navarrete.

The plan is also to seek partnerships with telecommunications equipment manufacturers, because he believes routers and switches will serve as the hub to connect smart appliances, enabling centralised security. Navarette said the best scenario for Panda Security would be to become a kind of security certificate in the style of ‘Intel inside’ seals in the microprocessor market.

The CSO evolution

Navarrete supports the idea of security as a comprehensive process of the business. “The bad guys are becoming more sophisticated; they have jumped to the cloud and to big data. While they are more professional and increasingly smarter, what was previously a protest, or even cyber terrorism, has become a business, and we have to be ready,” he said.

According to Navarrete, security in companies is still very fragmented, to the point where the database administrator thinks it is enough to simply encrypt data, or the network manager is satisfied with a single IPS.

“The CSO should get a full understanding of the ongoing information security projects, and that is not always happening”, he said.

Panda Security dealt with reports of more than 1,000 retailer attacks in 2014 and the major vulnerability was a lack of a solid security policy. Navarrete believes this may be caused by the evolution of chief security officers who originally worked as security engineers and have not acquired the necessary management skills, nor a holistic view of business processes.

This is not helped by the fast-growing rate of security in companies, “where the guy who installed the firewalls may start off managing 10 people, then 20, and end up keeping an eye on more than 2,000”.

Read more on Hackers and cybercrime prevention