Sumedh THAKAR, President & CEO, Qualys: We help organizations, mitigating cyber risks based on a single unified platform, by measuring, prioritizing and fixing them
October 2022 by Valentin Jangwa, Global Security Mag
Sumedh THAKAR, President & CEO at Qualys, met at Les Assises de la Cybersécurité in Monaco, explains that to mitigate cyber risks, instead of using multiple tools, the focus should be on measuring, prioritizing and fixing them, as fast as possible, leveraging automation.
Global Security Mag: Is it your first time at les Assises de la Cybersécurité? Could you please, introduce yourself, Qualys, and tell us more about your journey at Qualys?
Sumedh Thakar: I am CEO, I have been at Qualys for almost 20 years, and I took the CEO role about 2 years ago. I was one of the first Software engineers on the platform to join Philippe Courtaud, our Founder and ex CEO. Over a period of few years, I started focusing on how to build the Qualys’ platform because we believed at that time that our solution was unique and words like SaaS or Cloud were even not existing, but that is what we were doing because we were visionary about what we wanted to do. Then we started to release Cybersecurity needs skills and we needed to reduce the too many numbers of tools that people were using, so we focused on creating capabilities that helped us to build a massive platform used all over the world by a lot of global top companies like Banks and others. So, my journey is moving from engineering to more into product management and finally to Chief Product Officer overlooking our entire platform growth. In February 2021, I had the opportunity to take over the role as the CEO of Qualys, helping shape the vision both from the technology perspective which is what Qualys is as a Silicon Valley company focused on technology innovation and then helping the Go to Market and the product business side. It has been great to pick Philippe’s dream which was already well done for many years and now take it to the next level and securing the digital transformation we are seeing throughout the world. At Qualys, we are very excited helping the global companies reducing their cyber risks, because today, Information Technology is the engine that is driving social economic changes all over the world and Cybersecurity is the key enabler for that.
I am happy to have the pleasure to be here at les Assises the first time ever and it is great to see first after the pandemic everybody coming back in person and the energy that is out there. In Cybersecurity there is a lot of Marketing that goes on, but it is great to see that there are so many companies trying to do innovation, and a lot of them are out there finding a way to protect our Infrastructures which is always great to see.
Global Security Mag: What are the key differentiators of Qualys?
Sumedh Thakar: Today, for securing the digital transformation, really the only focus for professionals is to reduce the risk of getting compromised. And nowadays, we have a lot more software being reading because every company is becoming digital, your bank, your bus or train, everything is about application, so people are running more software which means there are a lot more vulnerabilities that are being created and more software is deployed. The attackers are looking that as a financial gain for them. So, it is a very organized Industry of ransomware etc., because they see that they can attack and make money. The challenge here is, because there are much more software and few people being able to stay on top of their security posture, being able to manage and mitigate the security risks.
At Qualys, what we really do is to focus on helping the customers find all the assets and vulnerabilities, prioritize the ones that cause the most risks and then actually fix and automate them. Compared to most of the other solutions in the market, that are only finding assets or reporting or fixing the vulnerabilities, what we have done is creating a platform that differentiate us from everybody, as with our solution, the customer is able do to everything, from finding all the assets continuously, detecting all the vulnerabilities in a continuous manner, finding the risks calculation on that, and then also fixing them. Today, we need to reduce the amount of time it takes from finding to fixing, because that is the time of golden hour for the hackers to come in. So, if you stay open for one week, it is very bad, for 3 days, it is better, if you can do it just 4 hours, it is even better.
So, what we do is helping our customers to fix their risks in nearly real time, and that is what differentiates us from other solutions that are only giving reports of what they choose you have.
Global Security Mag: Where do you see Qualys and the market in 5 years?
Sumedh Thakar: There is a lot of advances happening very rapidly in Information Technology. Cloud and Containers security have become very popular. 5 years ago, we probably would not say that would be the case.
So, I don’t know what the next innovation in IT in 5 years will be, but what I do know is focusing Qualys on creating a highly scalable Cloud platform, we have created a framework, so no matter what kind of digital technology comes up, Qualys will be able to react very quickly to add support for securing the technology on a single unified platform. Because when a new technology comes up, customers never have 100% of that technology right. The technology may be OK for Cloud, but many customers still have on-premise systems, laptops, so they always need one based platform where they can look at all their risks and vulnerabilities on one place.
So, from now to 5 years, I would like Qualys becoming more and more partner with the CISOs to help them understand their risks across all infrastructure and then fix and mitigate them as fast as possible with automation. Because today, with more vulnerabilities and less people, the real solution for us to be better is Cybersecurity automation. That is for us the best way to reduce the gap because we can’t rely on human doing a lot of mitigation work.
We are always trying to focus on innovating in technology. To do so, we have great skills at Qualys, about 2000 employees and we are running a huge platform for companies all over the world. Because we are focusing creating technologies, we need great minds as we continue expanding the platform, we look forward to continuing investing in our business and in our people. Doing that in a meaningful and appurant way so that we can make sure that, because we have a good framework on the platform, we can go and get few people that can then add more and more capabilities to the same platform, which can help our existing customers to scale.
Global Security Mag: What is your message for our readers and CISOs?
Sumedh Thakar: Today, the most important thing in Cybersecurity is to reduce the risks that you have in a fastest possible manner. My message is, instead of focusing on individuals tools and features, everybody needs to focus on first define and measuring cyber risks, finding ways to leverage automation to mitigate risks as fast as possible. So, if you can reduce your risks much faster, for attackers, it is much more difficult, as for them it is a financial equation. If it is harder and takes a lot more effort to get into your organization, they are not interested as it takes too much of expenses to get into there. So, today, instead of focusing on multiple and too many different tools, the day by day focus should be on how you measure, prioritize, and fix your cyber risks as fast as possible.