Search

“Ransomware always starts with the network, that’s why micro-segmentation is so important”

Updated: Feb 24

A candid talk with Guardicore’s co-founder about zero trust, integration into a major global company, privacy concerns, and grandmothers

Illustration. Unsplash
Illustration. Unsplash

Many entrepreneurs dream of creating the next big startup, then selling it to a large multi-national corporation and moving on, either to the next idea or to the good life, sitting on an exotic beach somewhere. But the founders of Guardicore chose a different path.


Founded in 2013 by Pavel Gurvich (CEO), Ariel Zeitlin (CTO) and Dror Sal’ee (VP APAC), in Israel, Guardicore became a market leader in micro-segmentation, a zero trust approach that divides the network into distinct security segments, tailored to individual needs and privileges. The company raised $110 million before it was sold to Akamai – one of the world’s largest content delivery, cybersecurity and cloud service companies – for an approximate $600 million in late 2021.


Rather than cashing out and moving on, Guardicore’s founders – in fact, the company’s entire staff – were incorporated into Akamai as its Enterprise Security group, remaining in Israel and strengthening the presence and reputation of the Akamai brand outside its US headquarters.


“Akamai already had a significant presence of hundreds of people in Israel, and with the acquisition of Guardicore, hundreds more were added,” says Pavel Gurvich, who is now SVP and GM of Enterprise Security at Akamai. “We’re building some incredible products in Israel, Akamai’s entire enterprise security strategy is led from here, its engineering is now led from here, and so this place becoming a major hub for Akamai in the security strategy realm, its biggest development center outside the Massachusetts headquarters.”


Q: Guardicore was doing very well. What made you decide to sell rather than go the IPO route?


“We were growing super fast, still are, but I think we were still a few years away from going public, it wasn’t an imminent kind of situation,” says Gurvich. “We were on the right trajectory as far as revenue, customers, team size. But when we were approached by Akamai, we realized that joining forces was the way for us to accelerate growth even more and go after something bigger. It was a significant opportunity to take our technology faster to a larger market and scale, and give our customers something that is more comprehensive than what we had on our own.”


Pavel Gurvich. Photto courtesy Guardicore / Akamai
Pavel Gurvich. Photto courtesy Guardicore / Akamai


Q: Can you explain a little about the Zero Trust approach?


Gurvich: “If you break it down, Zero Trust is about a few key concepts. First, there’s the network segmentation, making sure that no one can explicitly access anything by default. That’s what Guardicore does. Then there’s access, making sure that you do not have access to the entire system by default, and can only access the certain locations that are relevant to you. The third part is identity, making sure a certain person asking for access is really who they claim to be, and there’s also secure internet access, or secure web gateway, making sure you won’t get infected by a virus when visiting websites.


“Guadicore had a leading micro-segmentation product, and Akamai has leading products in access, identity and secure web gateway. So we thought that if we combine all of this into one portfolio, we will have an offering not comparable to any startup on the market, or even to other large cybersecurity players out there. So it’s great – now we can offer a complete, end-to-end, Zero Trust portfolio of products, which is really unique. And we’re growing.”


Q: What is your vision for the future?


“I’m really interested in making Akamai the leader in the enterprise security sphere, this is what really excites me,” says Gurvich. “Akamai’s security business as a whole is $1.2 billion a year, so it’s a substantial security company. But we want to make enterprise a very large portion of it, and tap into the local expertise and resources here in Israel to lead that innovation. This is an exciting part for us. We’re recruiting all over the place, we’re building, growing.”


Gurvich also stresses another point. ״Many large corporations here in Israel are mainly engineering sites, so the logic of what you’re developing, how you’re developing it and how it will go to market and by whom is completely external, whereas here we’re in a different dynamic,” he says, with noted excitement.


“Our whole group is managed out of here, this is where we set our strategies, goals, roadmaps. Never alone, of course, always with the US team, but generally speaking – it is a place where decisions are made at a large scale., and so I see it also as a place for people to grow and build new things.”

I ask about the organizational culture. “The cultures of Akamai and Guardicore aren’t very different,” replies Gurvich. “Both are innovative companies that put a lot of emphasis on the best idea and freedom of thought, and also aggressiveness and the need to win.”


While Gurvich admits that the transition into the new structure “hasn’t been easy all of us, it’s been an adjustment,” he notes that the Guardicore team “found an incredibly friendly and helpful group of people (at Akamai, MK) who are really welcoming and want to learn from what we’ve done and show us their work, so we can combine the best of both.”



Q: Looking at your website, I couldn’t help but notice that you only have one woman in a leadership position…

“First of all, we’re super proud of Ola being one of our key leaders (Ola Sergatchov, VP Corporate Strategy – MK). But unfortunately, we’re behind where we need to be,” Gurvich candidly admits. “I can give you a whole bunch of excuses of why it’s hard, why there are less women, talk about availability and experience – but they’re just that, just excuses, and we should do better.


“To be honest, I felt this was an area we weren’t doing a good enough job at Guardicore. Akamai emphasizes inclusion and has quite a few women on the board of directors and the executive team. So we can learn from them also in this respect, and also tap into more resources now.”


Q: As cybersecurity companies such as yourselves advance, so do the attackers. Where is this cat-and-mouse game going?


“If we’re talking specifically about ransomware attacks, not nation-state operations, you see that they always start with the network, so that’s why we need micro-segmentation, zero trust,” Gurvich explains.


“What stands out in this type of attack is the ability to monetize effectively,” he continues. “So if you look at the way things are developing, let’s say that 5 or 10 year ago you would get spam, and the criminals would get affiliation fees. Then, it became all about mining currencies, so you’d infect computers and make an exchange for bitcoin or another cryptocurrency, and that would be the monetization skill.


“And today, we’re seeing attackers infecting machines so they can sell you the key, that’s how they can monetize. So I think that if you want to know where attackers are going next, you need to think about the next thing they will be able to monetize.”

And what is it?

“Well, we don’t know. We don’t have all the answers, but I think a few things are becoming clearer. First, the concept of data residing on laptops, where you can encrypt it and ask for a key, is going away. Most of our future data and communication will be on cloud services, and I think that we will probably be seeing an interim step of disruption of access to these services and data, which could lead to potential extortion.”


“I think in this is probably what we’re going to see 12-18 months from now. And the next thing, to be honest – ask me 6-12 months from now, and maybe I’ll be able to detect the trend.”


Q: Do you think the general public is starting develop a better awareness of cyber security?


“We’re seeing less attacks going after individuals,” says Gurvich. “There was a period where ransomware was encrypting your grandmother’s hard drive, but this is over because it’s just not effective in terms of the value you can extract. The attacker now thinks ‘let’s just go after the insurance company and get all the grandmothers at once, and they will pay us 1000 times more.’

“I think this is where the risk for the public lies, not in the data that is encrypted or the ransomware attack on the insurance company – but the massive amounts of personal information accumulated by various companies and organizations.


“Look at Israel – we have been stolen, as a society, someone stole our data many times over from many vendors who provide us with basic services – insurance, health care, telecom, government, municipalities, dating websites…

“I think that the accumulation of all that personal information in the hands of criminals on a long term…I would be worried. The Israeli government is also going in the direction of collecting more information about us, versus less, and that just increases the risk. There is no doubt that this information will be used for financial gain by criminals.


“We should all be very worried about giving out our information. Very easily, people are willing to trade privacy for convenience, and I do not think we understand the implications of what we’re trading just now for what’s coming next.”


*******


Guardicore, as part of Akamai, will participate at the Cybertech Global TLV conference, which will be held between March 1st and 3rrd, 2022. For additional information, please visit the event’s website.


**Some replies have been slightly edited for clarity by the author.

103 views0 comments