SonicWall CEO Bill Conner On Cybersecurity Trends CEOs Should Know

Bill Conner is President and CEO of SonicWall, a network security company offering next-generation firewalls and network security solutions that protect more than 1 million networks worldwide for more than 500,000 organizations in more than 150 countries.

Conner was selected as CEO to launch SonicWall as an independent company from Dell by Francisco Partners and Elliott Management in November 2016. In less than a year under Conner’s leadership, the company has surpassed financial and operational goals, delivering record partner registrations of more than 18,000 global channel partners with 5,000 net new partners and strong pipeline growth with over $330M in new partner deal registrations.

Chief Executive caught up with Conner to talk about what CEOs should be paying attention to in cybersecurity, as well as how he’s managing growth at SonicWall during his first year at the helm. Here are excerpts from the conversation:

Cyber security concerns that should be on the CEO’s radar screen

Right now, I’m doing kind of global briefings around the world, and you really don’t have to talk ransomware anymore, CEOs get that. They’ve read about it. I think a lot of them still think they are not vulnerable to that. But if you just look at the stats, our average customer has about 500 attacks a day through the first six months, which is up 187% year-over-year. And if you think about that comparison, that’s on top of WannaCry and Petya, which were the two largest ever. So, that has reshaped and gotten more malicious. But the awareness is there.

What we’re really focused on now is encrypted communications. And especially at the C-suite. If you go back to Deming on quality, right, everyone thought the cost of quality and how cumbersome it was and they didn’t even have a lexicon until Deming. I think security is going through that same metamorphism. Boards and CEOs are now starting to learn the lexicon of security. But much like the year 2000, there are still questions like “Where’s my silver bullet? Is this a one-time investment that’s gonna go away?” So, I would say, “It’s a cyber arms race. And this thing is changing by the hour every day.”

What you need is process and structure and layered security to take advantage of that. A good example is encrypted communications—two-thirds of the traffic on corporate networks now is internet traffic. What’s happened now in our first annual threat report this past year, showed now the bad guys are using encrypted communication to get into your network because they can go buy a platform like Let’s Encrypt with anonymous free certificates. So, they’ll use that. And what they know is only 5% of the businesses are looking at the content inside encrypted network traffic.

We are really focused on using next generation techniques in the cloud. We use virtualization, emulation, and hypervisor, but we now use memory process to look at stuff. So, using those four different combinations, our efficacy is just tremendously high. And we can do that in usually under two seconds. And we block that. When we block those files till we get a clean verdict. So, we are one of the only guys that does what we call block till verdict and uses those four multiple technological engines to look at it.

On taking over as Sonic Wall CEO and managing growth

From day one, I had a four-year plan. And, with private equity, next month is as good as the last month, it’s very tactical. But three major areas we focused on. One was innovation in product capability. And under Dell, a lot of our products were getting what I’d call long in the tooth. The innovation curve was not at the speed of software and security. And so, I overspent in R&D as a percent of revenue and doubled down in engineering with a kind of a two-year roadmap, if you will, on where we wanted to take the company into cloud technology around security. Really doubling down on the deep learning and machine learning and AI capability that was fundamental to the company, as well as then taking advantage of next generation hardware.

And really looking at one of the assets that this company has and has had, if you go to its core, was over 200 countries and a million sensors around those 200 countries for looking for malware and what we call our threat network. So, we really took advantage of turning the focus back to what was happening and what I’d call malware cocktails. If you look at January to June of this year, there were over 8 or over 7 billion malware cocktails that happened. So, an average SonicWall customer, an average customer had over 16,000 malware attacks and that’s up 88% year-over-year.

So, we started really digging into that. And then, looking at new kinds of capabilities and innovation like our Capture Client and our Capture Advanced Threat Capability. And then, the one that we just announced this year was Real-Time Deep Memory Inspection. What that’s all about is looking for new architectures to defeat this malware as a service and using kind of machine learning and our capabilities to do that. So, huge around piece around product and I think the stats around that are pretty self-evident in terms of in the last nine months, we’ve had over 24 new products and 160 million lines of code written, I’d challenge anyone in our industry to compete with that in terms of the capabilities.

And I think if you look at it since then, I think we’ve gotten 39 awards on product and people in those pieces. So, huge, huge, huge focus and investment on what I think are next generational capabilities to stop… like the Intel pieces like Foreshadow, Spectre, Meltdown or one of the few that can stop that real-time. In fact, our RTDMI technology that we’ve got a patent pending on, Real-Time Deep Memory Inspection, sorry, is in the first six months, we found 12,300 actual new malwares cocktails that have never been seen in the market and they range from PDF to Office to, you know, we didn’t see it but the capabilities around the side channel on Intel. So, you know, that’s hugely important because those are things we know on the deep web that no one else is stopping.

Related: Understanding The Seven Types Of Data Breach