Few industries have seen the impressive growth, momentum and investment as the cybersecurity industry over the span of the past few years.
The shifting, increasingly sophisticated threat environment and rapidly rising cost of a data breaches has all organizations – from government agencies to the largest private enterprises – rushing to incorporate the latest security solutions to protect their networks, intellectual property and the personal identity information of their customers.
This demand is creating incredible interest in cybersecurity, driving established firms to invest in smaller, emerging companies with innovative solutions, and causing investors to flock to the market in hopes of finding the next big cybersecurity solution.
One of the many cybersecurity companies making waves in the National Capital region is Blue Ridge Networks, a provider of breach prevention, endpoint protection and information security solutions. The company’s best-in-class solutions, rapid growth and diversification into new markets and sectors will be discussed at this year’s Mid-Atlantic Growth Conference, when company CEO, John Higginbotham, presents as part of the event’s heralded Technology Showcase.
We recently sat down with John to learn more about Blue Ridge Networks, its solutions and the trends driving interest and growth in the cybersecurity market. During our conversation, we also discussed what differentiates Blue Ridge Networks’ solutions in a crowded marketplace, the company’s impressive growth and why they’re participating in this year’s Mid-Atlantic Growth Conference.
Here is what John had to say:
Mr. Higginbotham: Most of my career, I’ve been an entrepreneur, investor and leader in high technology companies. In fact, I started my career with Hewlett Packard as the product manager that brought their first microcomputers to market. So, throughout my career, I’ve been actively involved and engaged in IT.
I first came to know Blue Ridge Networks through an investment firm in which I was a partner. They had made an investment in Blue Ridge, and that’s how I learned about the company. Then, through some of their customer deployments – particularly in the government – I quickly realized that they had a stellar reputation for best-in-class capabilities and breakthrough technologies.
I got involved as a direct investor a few years ago to support the company’s expansion into broader market opportunities. From that early investment, I grew more actively involved in the company. Finally, the board asked me to lead the company through the challenging transition to serve a wider range of commercial markets. It’s been an exciting run.
CGCS: What does Blue Ridge Networks’ suite of solutions do? How is the company’s solution and service offering different from those offered by other cybersecurity companies?
Mr. Higginbotham: Blue Ridge does three things: best in class breach prevention, secure remote access through the cloud, and threat intelligence enhancements. What makes the technology different is that Blue Ridge has true prevention-oriented technology.
The vast majority of cybersecurity providers are focused on detection, response and remediation, which has been very effective for many years. This ability to identify an attack, analyze it rapidly and then identify an appropriate response worked well for enterprises when they had a much less egregious threat environment and when the malicious actors were still somewhat predictable.
Over the last few years, the sophistication and variety of attacks has rapidly increased. They’ve evolved to specifically defeat that type of detection approach. You now have file-less malware, weaponized documents, phishing attacks, targeted attacks that can evade event the best dectection capabilities. And these attacks are constantly changing, making it impossible to constantly detect all of the types of anomalies occurring across today’s widely-distributed and deployed cloud networks.
We now have enormous ecosystems of endpoints touching the network and changing every second. That old detection model is archaic and has reached its end of life. It can’t scale the way it needs to and it can’t meet the demands of this new network and threat environment.
Blue Ridge has developed capabilities that are fundamentally designed to isolate the endpoint from that environment without having to resort to detecting all of the anomalies that are occurring. The company has invented a number of technologies that can be used in a practical sense, can scale, can be non-disruptive to users, and can be easily maintained for the enterprise.
These solutions can be used for breach prevention on the end point, as well as securing data packets through the cloud from drive-by downloads and other egregious things that can happen when packets are in transit across the network. Those two technology bases have led to the ability to deploy best-in-breed endpoint protection that prevents attacks without having the detect them and to deliver critical data from endpoints to the network securely and safely through the cloud.
And, in almost 20 years of deploying these technologies, there have been no reported breaches of a Blue Ridge solution. These technologies are battle tested, field tested and globally deployed, and they’ve consistently proven their abilities.
Mr. Higginbotham: Part of what got me actively involved was the commitment by the company to transition to a broad market solution provider to U.S. and global commercial enterprises, while continuing to support our historical federal, state and local government customers.
Three years ago, 90 percent of our sales were to the government. Now, software managed services for commercial enterprises account for more than half of our revenue. These customers include banks and financial services companies, healthcare organizations and commercial enterprises in general for both endpoint breach protection as well as managed security services for critical cloud operations.
This transition has been very exciting. It’s also been very challenging. But we’re emerging from it as a leading supplier of these capabilities regardless of industry or sector.
Approximately 70 percent of our business will come from commercial enterprises this year. We’re already providing services to more than 500 regional banks. We have a number of direct accounts related to ISP distribution to small and medium business. We even have a version of our AppGuard Breach Detection that AOL deploys co-branded as Tech Fortress for their consumers.
CGCS: Why are these solutions essential in these markets/industries in particular? What challenges are they facing that make Blue Ridge Networks’ solutions so attractive?
Mr. Higginbotham: It’s across the board. Everyone is getting hacked. The question of whether current technologies are sufficient or not has already been answered by the marketplace.
All of the organizations that you see in the press that they’ve been hacked over the past few years have all been implementing perceived best-in-class security solutions, including breach detection systems, endpoint detection and response systems, white listing, antivirus or other tools. Unfortunately, all of these enterprises have been hacked despite spending significant money to deploy even incremental improvements to get out in front of malicious actors.
Even with the incredible expenditures in traditional solutions, Gartner expects almost half of major enterprises to be breached over the next two years. The US House of Representatives released a study that suggested that 60 percent of the small businesses that are hacked will go out of business.
We know that what we’re doing now isn’t sufficient because we’re still getting breached. We need to reach out to integrate new types of technologies to get out in front of this. And that’s where our solutions come in.
Blue Ridge has brought new solutions to the marketplace that add an additional layer of defense to existing multilayer defensive strategies in place across enterprises. This gives our customers a path to a material improvement in information assurance at very low costs and sustainment requirements. More than an incremental improvement is needed in the marketplace, and our solutions are leading candidates to bring this next generation of capabilities into existence to help enterprises get in front of malicious actors.
CGCS: We’re seeing a large uptick in startups and investment in the cybersecurity industry – especially in the National Capital Region. Why is this region such a hotbed for cybersecurity startups and companies today? What is driving the growth and investment in the industry, both locally and nationally?
Mr. Higginbotham: The need is across the country. It doesn’t matter how large or small of a community you live in or what part of the country you’re in. The need is out there for something different to address this problem.
We’re seeing these cybersecurity companies rising in skill centers in the U.S. that have capabilities, personnel, experience and companies that have dealt with these kinds of issues. Obviously the National Capital region – with its strong federal government institutions that have been directly involved in cybersecurity over the previous decades – is a solid choice. The Bay area, thanks in large part to its IT expertise, is up there as well. And there are other, smaller skill centers across the country with concentrations of cybersecurity companies and startups.
This is an emerging situation driven by need, and that need is growing in urgency because the frequency and cost of cyber breaches is rapidly escalating. Just look at the impact of a successful breach on a small enterprise – it will kill the company. Look at the impact on large companies – you see the loss of enterprise value due to loss of customers, damaged reputation, and lost confidence by stakeholders.
The impact and cost of a successful breach has reached the point of being intolerable for any size organization anywhere. And that’s driving massive amounts of money, effort and attention to this sector. It’s an unaddressed problem. And investors obviously look for these types of opportunities. So, there’s a lot of capital finding its way to this industry to underwrite organizations and initiatives to help address the problem.
What differentiates Blue Ridge is its almost 20 years of deep experience in solving this problem, which is something that few companies small or large can claim.
CGCS: You’re going to be attending the 2016 Mid-Atlantic Growth Conference and participating in the event’s annual Technology Showcase. What made you choose to participate at this year’s conference? What can attendees expect from your presentation at the event?
Mr. Higginbotham: Our company mission is to expand rapidly on the capabilities that we can offer to the marketplace. We now have sufficient field experience and a growing customer base, and the confidence that we can present our capabilities to anybody to seriously consider to help address their cybersecurity needs.
We want to expand as quickly as possible in the places where these needs exist. We suspect that most enterprises will look favorably on what we have to offer.
The Mid-Atlantic Growth Conference is a great way for us to increase awareness for the company and the capabilities Blue Ridge can offer. The conference will also give us the opportunity to engage more with the community, and interact more with prospective customers, capital providers and service providers throughout the marketplace to increase our relationships.