John DiLullo is somewhat of a rarity in the high tech world.
The CEO of Lastline, a cybersecurity company based in Redwood City, California, says most chiefs in the industry come from the product and engineering side. DiLullo’s background is in sales—prior to his role at Lastline, he was a global sales executive for F5 Networks. He also held positions at Cisco Systems, Avaya, SonicWall, and Aruba Networks.
“It adds a huge amount of context when you’re trying to sell a product, especially from an emerging company or an emerging technology, to understand the person that’s actually going to invest in your product, how will they perceive you? What are the elements of value that really matter? There are so many companies out there today that have great products but haven’t finished that last mile of understanding what people are actually willing to pay for and what business needs they have.”
This is what dooms a lot of tech-focused startups, says DiLullo, who joined Lastline last year. He spoke with Chief Executive about how the company is trying to stand out in the crowded cybersecurity space, how they recruit tech talent, and more. Below is an excerpt from the conversation.
What are some of the big challenges that Lastline is facing?
The company is growing and growth comes with growing pains and trying to figure out what you need to invest in and at what time, and what are the skills that you are short on and what [skills] you have plenty of. I think there are a couple of unique things about Lastline, which are really some of the core attributes of the company but some of the core growing pains stem from them.
Our background is really in academics. Our three founders are some of the top published academics in cybersecurity. And so, we have this great foundation of essentially applied science where we understand more deeply than any other company on earth what are the threats that modern enterprises are having to endure from hackers and from intrusions, and breaches these days. That’s from an applied science perspective, but actually getting that applied science into the hands of customers is very commercial. And so, you see a lot of companies that maybe don’t have great products but bring it to market well and then you have other companies like us that have an incredible technology, but have to really figure out how to pivot and drive that go-to-market movement.
To that point, you guys are in a crowded space. It really seems like every company on the block has some kind of cybersecurity defense solution. So how do you stand out in a crowded market?
It’s interesting, despite the crowd, if you look at the major breaches that happened last year, every one of those customers, every one of those companies probably had a next-generation firewall, probably had an identity and access management system and likely had some type of intrusion prevention capability. And a lot of people are investing in a lot of these different technologies.
It really is time for a different look at the problem. And I think that’s how you get your head above all the noise and that’s what we’ve done. So, in our core as a company I think we’ve recognized nearly 25% of all traffic on the internet right now is malicious traffic. The average intrusion today is lasting more than 200 days. So somebody breaches your network and on average they’re actually operating in your corporation’s network for more than 200 days. And add to that the fact that there’s a shortage of qualified security professionals today worldwide. It’s more than 200,000 people, and by many estimates in a year or two, that’s going to be over a million people.
It’s a huge shortage of talent and also a lot of success by the bad actors. And I think we realized that what you need to be able to do is you need to not only have a static response to security work. Every day you find something and then the industry responds, and that’s why you see this diaspora of companies out there that are all responding to different things.