Accelerating Cybersecurity Deals: Channel-First Go-to-Market in Cybersecurity

[00:00:00] Hey, it's Andrew here. Just quickly before we start the episode, I want to tell you about one of my favorite newsletters. It's called Strategy of Security. If you want to understand the companies, ideas and trends shaping cybersecurity and its sub-markets, you should take a look. Cole Gromos runs the newsletter and he has spent the last 20 years in cybersecurity, including stints at PwC and Momentum Cyber, the investment bank dedicated to cybersecurity. Recent articles I'd like include,

[00:00:30] how could platformization work in cybersecurity where he talks about there being lots of single vendor platforms, but not a multi-estate platform. And also one called demystifying cybersecurity's public companies, where he explores the pure play ones and also hybrid companies, which are in cyber. He lists all of them and then breaks down the numbers in all sorts of different ways. Now, this is not a paid promotion. I just simply enjoy what Cole is publishing. Check it out at Strategy of Security.

[00:01:00] Now, on with this episode.

[00:01:35] Channel Programs with Patrick Dillon, the CRO at Airlock Digital. Patrick, welcome to the podcast. Andrew, appreciate it. Thanks for having me. Now, this is actually the second time that we've had an estrewing company on the podcast, believe it or not. The first one was Alistair Faulkner, who's the CEO at Darwinium. So I thought it was kind of cool that we're talking about global channel programs with a company that actually might know about global things beyond the boundaries of the U.S. Well, we're all things Australia except my accent. So you get the U.S. accent with me today instead of the Aussie accent.

[00:02:05] There's something telling me, yeah, that somewhere in the U.S. you are. Where are you based? I'm based in Atlanta, Georgia. Okay. Always been there? For the last 20 plus years. That's awesome. All right. So we're going to talk about your global channel program today. Tell us what's new and what's going on with it. No, I appreciate that. Yeah. So, you know, at Airline Digital, we're certainly a channel first organization. We started in Australia, headquartered there, started really about 11 years ago. And we kind of grew through the Australia data security standard called the Essential Eight.

[00:02:35] And so a lot of organizations, government organizations, the private organizations doing business with government entities have to comply with the Essential Eight. And number one within the Essential Eight is application control. And we are the global leader within application control. And so we really kind of grew up with our channel roots being in Australia. And then when we moved and opened up business here in the U.S. about five years ago, we primarily did that through channels. So we always want to be a channel first organization.

[00:03:03] We think it helps just from not only a branding and awareness standpoint, but I think just coming from Australia, having a lot of key, you know, big name partners helps from a credibility standpoint. You know, they get to test our tech before they introduce us to their customers. And so it kind of validates a lot of the things that we do. Now, I noticed that AirLot Digital uses a phrase to describe what you do as allow listing. Correct. I've not heard of allow listing. I've heard of whitelisting. What's the similarities or differences? So it goes by a lot of different names.

[00:03:32] So application control, allow listing, application whitelisting, application blacklisting. It really all kind of means a lot of the same things to us. It means denial of execution. Within Australia, you know, the number one requirement under Essential Eight is called application control. A lot of people do call it allow listing. It's just a more modern name on the whitelisting versus blacklisting. It's allow listing versus blocklisting. So, you know, it's more of just an evolution of that term.

[00:04:00] Now, I was a seller at McAfee in about 2008 or so when we bought a company called SolidCore. Yeah. And the challenge always with whitelisting back then anyway was how do you deploy it in a manner that doesn't cause a nightmare with support, doesn't annoy executives who ever try to do stuff going, why wouldn't this just work? Yeah. And it was always confined more in those days to kiosks and things that you wanted to really lock down. Is that still where we're at or have you figured out? No. And that's really kind of how our company was founded.

[00:04:29] So our founder and CEO, David Cottingham, was a practitioner for basically the equivalent of the NSA in Australia, the Signal Bureau. And he was tasked with deploying Microsoft's AppLocker and just found it too challenging, those same things that you just stated. Too hard to deploy, too hard to manage. The help desk gets flooded with calls because people can't run what they need to at the right time.

[00:04:53] And so that really was the emphasis for starting the company because stopping an executable is not blind sites, you know. So we didn't invent that. What we really did is we really kind of revolutionized application control in general so that you could do it at speed and at scale. In fact, you know, we do it with customers with over 100,000 endpoints on a regular basis.

[00:05:13] So it's one of those that not only, you know, have we solved the technology process problem, we've really solved that business process problem of making sure that it's easy to deploy. It's super lightweight so it's not breaking things on a regular basis. It's very scalable in terms of both the size and the technologies. We go back and we support everything back to Windows XP so it's very, you know, impactful within that AT space. It's very lightweight. It's an 8 meg agent so it's not always scanning. It's not always disrupting things.

[00:05:43] We allow for a lot of different avenues for trusting applications and files. And we really look at it not as an application control business but more as a file execution control business. Because as everyone knows, applications are just really a whole hodgepodge of different files and DLLs and libraries that are all kind of put together. And all it takes is one bad guy to inject one malicious file into an application and then they can inject ransomware and malware into an environment.

[00:06:11] So we really look at it from a file standpoint. And then around that we build business workflows that businesses are able to kind of customize to their business. Too many times what we see is companies having to customize their business to a security product. But with us, we've kind of turned that on its head and allow organizations to kind of build in what their workflows need to be. They can determine what policy groups, which user groups need which applications, what applications can do in certain segments.

[00:06:41] So it's not just those critical systems. As you mentioned, SolidCore is covering that are more static like servers or kiosks or ATMs, something like that. But we go kind of full in not only on desktops but desktops for developers as well. And we've got different tools and business processes to allow organizations to do that at scale and at speed. That feels like it's come a long way since the days when I was selling it back in the day.

[00:07:07] I always felt like the security aspect was probably largely solved. It was the business aspect that was holding it back, right? It sounds like that's where you put a lot of innovation time to time. Yeah, and that's really kind of, like I said, where we want to focus on that. And our customers are really kind of large enterprise organizations for the most part with, you know, tens of thousands, if not hundreds of thousands of endpoints that they need to be able to secure.

[00:07:32] And being able to do that in a way that allows them to still operate at speed and integrate those changes or any changes that need to take place into their existing change control processes is really kind of what separates us from everybody else. Those problems that you just mentioned absolutely still exist. But every time we go in and we show organizations kind of how we revolutionize things, it becomes kind of some of those clear differentiators. You mentioned SolidCore before.

[00:07:59] Last week, I was literally at a Fortune 25 customer looking to, you know, they're like, we have those same problems you just mentioned. We kind of go in there and we try to show them, hey, this is how it's different. And, you know, nine times out of ten, they agree that, yes, it is different. It is better. It's faster. It's more scalable. That's great. Okay. So, Kim Navarrete is one of the Optiv reps in the Bay Area. If Kim is looking at your program and saying, okay, well, do I do business with Airlock Digital?

[00:08:29] How do I do business with Airlock Digital? And what's in it for me? How would you talk to her about a program as she wants to do some work with you? So, Optiv is one of our best partners out there. We kind of met them probably about two years ago at Falcon, the CrowdStrike user conference. CrowdStrike is actually one of our biggest partners. They don't offer application control on their endpoint, on their Falcon agent. So, they give us all of that business. If you go on the CrowdStrike marketplace, we're the most popular vendor on the CrowdStrike marketplace.

[00:08:58] So, the Optiv, you know, the endpoint architects came and met with us. And they actually, you know, we provided some licenses to them so they could go and beat it up and test it out. And they were looking for a replacement for the old Bit9 Carbon Black product that got purchased by Broadcom. Because, you know, a lot of folks were looking for alternatives to Broadcom products, you know, once those acquisitions take place. And so, they brought it into their environment and they just fell in love with it.

[00:09:24] And so, Optiv right now is our largest partner both by, you know, revenue bookings as well as pipeline and deal registrations. So, for them, it's really a matter of either replacing existing, you know, solutions that are already out there or in a lot of cases, net new opportunities. We're seeing a lot of things, especially around heavily regulated industries, financial services, you know, healthcare, you know, manufacturing and T, critical infrastructure. We're seeing a lot of net new business kind of come our way.

[00:09:52] And so, you know, Optiv has been a great partner with us from over the last two years. So, Kim should look for Bit9 Carbon Black solid core deployments, have a conversation about modernizing what they're doing, probably hitting some of the pain points we've talked about. Absolutely. And especially in regulated and kind of locked out environments, right? Is that what we're hearing? Those are the quick wins for us.

[00:10:13] But really, you know, it's really meant for any type of environment, any type of organization that's looking to reduce the risk of, you know, ransomware and malware in their environments, which this is why we're here at RSA is everybody's trying to do that same thing. So, it really does fit in every organization. But those critical ones where they're more heavily regulated seems to be where we even shine even further. So, how does Kim make money? Kim makes money by reselling.

[00:10:39] So, we, you know, we've put together, you know, when I first got here, we had kind of a standard, you know, referral program for partners. And we really wanted to kind of revolutionize that as well because we do think we've got a great product. But when you are an Optiv, you are a WWT, you've got several hundred, if not several thousand other vendors that you're trying to make money with. And a lot of times it's hard to differentiate, you know, where you're going to make the majority of your money.

[00:11:06] So, what we bring to the table for partners is a number of different things. First, our technology works. It's great. You know, we have high win rates. You know, every, we win between 40 and 50% of every first call we do. It's great. First calls? First call. First call demos, we do. We win between 40 and 50%. Proof of concepts, we win between 70 and 80% of all the proof of concepts that we do.

[00:11:28] Our biggest reason for not purchasing is they didn't get us in the loop soon enough before their existing product had to renewal. So, they bring us in a year later after they do a one-year renewal. So, certainly we do that. It's also a quick sales cycle. Our average sales cycle is under 100 days. So, they can actually bring a deal in in the beginning of a quarter and close it in that same foot.

[00:11:51] So, for, you know, these channel partner sales reps, you know, if they're going out there selling EDR, if they're selling, you know, privilege access management or IGA, those are some big products that can make big money. But it also takes 9, 12, 18 months, you know, to go through those sales cycles. With us, it's a much smaller sales cycle. Is that because they're hitting a renewal date for their old technology or what's the driving urgency there? No, I think it's just because they, you know, when organizations come to us, sometimes they may be up against a renewal day, but it's just a quick process.

[00:12:21] It's easy to be able to see our product. It's easy to be able to demo. Once they demo, you know, our conversion rate from demo to POC is extremely large. But the POC process itself only takes anywhere from one to four weeks. We had, you know, our largest customer, which is over 100,000 desktops, POC'd the product in four weeks, you know, so they were able to see everything that they needed to from a use case standpoint. And that goes from how they initially deployed all the way to moving into full enforcement.

[00:12:50] So we offer a short sales cycle and we still have a pretty high average sales rate or sales price. Our average sales price is sitting at, you know, currently closed business is about $137,000. But in our pipeline, we're seeing much larger and larger deals. It's about $330,000. So it's some pretty chunky deals that are out there for them to be able to win. So Kim's going to be happy that deals close quickly. They close more often. Correct.

[00:13:20] Then perhaps other technologies might do. Does she make money on a deal reg as well as margin? Yeah. So what we try to do is we try to make sure that we're putting in incentives to be able to do incentives for first calls, demos for proof of concepts, as well as for closing. And then if there's competitive takeout campaigns, then we give extra margin as part of that as well. So on that $300,000, then, what she can kind of expect roughly as her payout on that or the up-to-s payout on that? Yeah.

[00:13:50] So Optus payout, you know, depending. We have different tiers of partners. So if, you know, anywhere from 20% to 40% of those, depending on how much they've obviously done with us. And then Kim's going to get paid, you know, obviously from Optus based on her comp plan. But then she can also earn additional money on driving the business through, you know, the process as well.

[00:14:12] So a lot of times they can make an extra, you know, $600 to $1,500 just for putting that deal through all the way, you know, to closure. And then obviously then the commissions that they'll make off the margins. And is Kim co-selling with your reps? Typically we, you know, in the U.S., most of our reps take it from cradle to grave. We like to co-sell, you know, and we also co-sell, as I say, tri-sell with when there's CrowdStrike opportunities involved as well.

[00:14:42] So, you know, what we want to do is we want to try to make sure that we're engaged from the highest levels all the way down to the practitioner levels in order to make sure we've got the best outcome to be able to win that. Our folks certainly do the heavy lifting, but the good thing with the product is the product shines. So there's not really a ton of heavy lifting to do.

[00:15:00] We've kind of in the last, you know, six months or so have really kind of put out a lot new, a lot of additional content to help both our partner as well as our internal teams to be able to sell and have more of a guided methodology in terms of when they're speaking to the customers. And that, once again, goes from the practitioner level all the way up to the C-suite. So, you know, because nowadays, you know, you're doing $100,000 plus purchases. You're going to need some sort of C executive to sign off on that.

[00:15:27] And so we want to make sure that we're working with our partners on that, taking a lot of that lift off. So for their standpoint, it's deal regging. And then it's making sure that they're, you know, we will help them co-sell throughout the process. We'll provide them with the tools that they can then follow back up with the customers on their behalf. And then we're doing a lot of that heavy lifting on our side. As you were looking to enhance the program, what specific annealment resources have partners told you you're missing or you wish you had that you'd been able to solve or about to solve? Yeah.

[00:15:56] Well, when I got here, we were missing everything. So we really wanted to focus on building out kind of a complete program. So we've got to, you know, we have a new partner portal. So everything kind of is funneled through that partner portal. That's where all the deal regs take place. That's where they can see everything in the different stages from a pipeline perspective. But more importantly, that's where all of their assets are.

[00:16:19] And so, you know, traditionally, you know, when you work with different parts, they have a lot of, you know, maybe some selling guides, discovery questions, some one-pagers that you can send. But we wanted to kind of kick that up a notch. We have a whole video library where partners and their customers can go in and they can either have different bundles of videos and everything that they can see. And that's for both the partner team to be able to learn how to sell. So they can go in there and they can be either a sales rep or an SE.

[00:16:47] And they can go through and say, you know, how do I sell Airlock Digital? And so it's almost a choose-your-own-adventure. So they can go back in there and add additional courses as they want. But then they can also take those same video or a different set of videos, excuse me, that are customer-facing for those videos to their customers throughout the buying cycle, you know, or do that in conjunction with our sales reps throughout the buying cycle. So it's a much more kind of comprehensive approach to this.

[00:17:14] So we use a tool called ConsenSys to be able to kind of do those demo automation, you know, technology in the background. But it's really enhanced our kind of win rates across the board. You know, when people can go in and they can watch those videos over and over and over, it's much better than the one-page data sheet. It's much better than having to go back in and look at a Zoom call over again that lasts an hour. You know, these are broken down into, you know, one- to five-minute chunk videos, and they get to select what they want.

[00:17:43] So it's just more, you know, it's easier for both the channel teams as well as their end customers to digest that information. Is there any expectation on being certified in some way to sell? So that's really kind of the next step for us is really putting together a more comprehensive certification program, both from a sales and SE and a delivery standpoint. So Optive has just completed their first, you know, services delivery with a large organization for us.

[00:18:12] So we're seeing our partners build more of those, you know, our product's really meant to deploy pretty easily, which is great. But it's really about, you know, kind of customizing the policies for the customers that the Optives and their peers are working with the end customers on. So, you know, having that certification program around, you know, helping customers develop policies and moving from what we call auditor learning mode into enforcement is really kind of what we're training our partners on right now.

[00:18:42] Big topic for RSA this week, this year, is AI. I think five or six of the top 10 finalists in the sandbox were some sort of AI-type product. Also a big topic in sales right now as well. I'm wondering how you're thinking about incorporating AI into your selling motions, your partner motions. What does it really mean for you and where do you see it going? Yeah, AI, I mean, you know, I think unlike a lot of other terms in the past, it's more than just a buzzword, which is kind of good. It's actually real.

[00:19:10] It's actually real and it has real consequences. As a company, from a product standpoint, we are very conservative when it comes to AI, okay? We are in the business of making trust decisions, okay? And so the AI that we have in our tool is really through a third-party virus total that is integrated into our tool. We don't have AI making any trust decisions for, you know, on our product.

[00:19:36] And we, you know, kind of one of our value props that we bring to especially enterprises is only they can understand the context of what is important to them. So you don't want somebody else making those trust decisions on your behalf. So it's different from that, from our product standpoint.

[00:19:52] Internally, we certainly want to incorporate AI to where we could make it easier for our partners and our own internal sellers to be able to do certain things and complete certain tasks that are more administrative and function. So there's different tools out there that we've either implemented or in the process of evaluating and implementing to be able to make that sales process, you know, go a lot smoother, both. Well, like I said, either for our internal teams or our partner teams.

[00:20:21] So if a partner team was to come into our partner portal and they're like, I just don't know where to look and it's too much stuff, you know, can they type something in and all of a sudden, you know, the right things will pop up or, you know, an AI, you know, output will be generated, you know, kind of for them. So those are the things that we're looking to be able to do because, once again, speed to market is important for any sales person. Time kills all deals.

[00:20:47] So the more efficient you can make a sales process, the more, you know, administrative tasks you can take away from salespeople, they're that much hapt. So we're looking to incorporate both that from a partner standpoint as well as an internal standpoint. I think very similar to that is the idea of easy to do business with from a partner perspective. I'm wondering how AI, how you're incorporating it might take away some friction in the process. Yeah. One of our things is, one of our taglines is security without complexity. We like to be easy to do business with.

[00:21:17] Our tool itself is not super duper complicated. Our, you know, dashboards and those sort of things are one to two clicks to get wherever you need. You know, the integrations are very easy. So we also want to be easy to do business with from a, you know, go-to-market standpoint. So, yes, having those tools to be able to make it simpler for someone to either get the information that they need and get it in the hands of a partner to be able to respond when they have inquiries coming to us.

[00:21:42] We certainly want to make sure that we're seeing how we can enhance that sales process from a customer but also from a partner standpoint. I'm curious how you're thinking about different parts of the world because, you know, different dynamics about what's expected from partners and from vendors. How do you build a global program that respects what they really want to get in each area? Yeah. And you're absolutely right. Different partners in different parts of the world. Partnerships mean a lot of different things.

[00:22:08] So in Australia, you know, we have a more mature, you know, partner model where the partners are selling actively on our behalf. And they come to us at the end of a sales cycle with a purchase order. We also have a lot of co-selling that goes on with those. In the U.S., we have more of a traditional co-selling, you know, model where they're bringing in deal registrations. Our team is doing a lot of that heavy lifting and doing the majority of the selling. And we're working with our partners, you know, with those end customers.

[00:22:35] In Europe, it's kind of a more, I think, going through the partners. It's a much more channel-centric, depending on the regions that you're in. You've got to have partners that have, you know, special, you know, kind of specialize in certain geographical regions. My last meeting just before this was talking about, okay, you know, how do we kind of segment up Europe to make sure we've got the biggest impact from a partner standpoint? And, you know, one of the key partners that we have, we probably have seven partners over in Europe right now.

[00:23:04] A lot of those were just bringing us business through the CrowdStrike relationships. And so that's kind of how they started. But as we expand and actually put boots on the ground in Europe, we've got to have a much more, you know, partner-centric approach to the business over there. So it really comes down to a lot of different things when you're talking about a global expansion. It's really kind of focused on the types of partners that you want. You know, it's not one-size-fits-all. You can't go out and find, you know, partners that are just selling this widget over there.

[00:23:32] We focus on endpoint security. So we want to focus on the partners that have a strong, you know, install base of endpoint security customers already. Then you've got to look at that co-selling or selling, you know, motion. Who is doing the selling? Are they leading? Are we leading? Is it co-selled together? You know, are there distributors that are involved as part of that? Certainly the dispute business comes into play. Really, in all the different geos that we have.

[00:24:00] You know, we have several strong, you know, distributors in all of those markets that really can then enhance, you know, kind of the turnaround times from a paperwork standpoint. But really, the big thing that we're trying to establish is more of an awareness campaign. And that's why we're really trying to make sure that we're going in heavy with partners. The more people that know about us as an organization, the more they like our tech. Our tech just works.

[00:24:28] It's nice to work for a company that technology is simple and just does what it says it is. So, the partners kind of like that as well. And so, by having a, you know, very tailored approach in the different geos around the world, it really has kind of helped gain traction with some of those regional partners a lot better. And so, we think that will continue as we kind of drive that.

[00:24:52] It takes a strong team to be able to manage a lot of different partner contracts and operations and those sort of things. And we're building out that, you know, kind of in conjunction as rolling this out. But we've received a lot of strong support and strong comments from the partner community as we've done this so far. And it's nice to be able to see that we're really kind of gaining traction pretty quickly. You said there, it was interesting, the awareness side of this, right? Is that, I mean, let me kind of make a couple of educated guesses.

[00:25:20] You're in a market where you're bringing something new to the market, but you're going to have a lot of knowledgeable people who know whitelisting and know all the problems with it and know why it does or does not work. So, you kind of have to change their minds. Also, maybe they're thinking, and I don't know, Australian company is just the hotbed of technology that we want to trust. I don't think you've taken any funding as well. Is that right? Correct. Yeah. I mean, we're, yeah. So, how do you overcome that awareness, but also, I guess, credibility?

[00:25:50] And those are the two biggest things. We had a third-party consulting company do a big kind of go-to-market analysis for us. What is the total addressable market with an application control? How is it going to grow over the next several years? What are the big challenges that Airlock faces? The good thing is, and the bad thing, is that, you know, awareness is our biggest challenge. You know, so if we can solve the Airlock, you know, who is Airlock and what does it do problem, that gets us a lot of the way there. When you solve that, let 3,800 other vendors know how you solve it. Yeah.

[00:26:20] The other bigger thing is, to your earlier point, you know, yes, application control, application whitelisting, allow-listing is very difficult. And so, what the next big thing that we have to do is we've solved that problem. And that is, once again, an awareness, you know, campaign. So, working with analysts, working with, you know, partners to be able to show and prove that we've done that and we've done it at scale is impressive. Yeah. And it's a hard lift to be able to overcome some preconceived notions.

[00:26:50] But once people see it, you know, it's kind of eye-opening. I mean, when I first started with the company and we were at, you know, the first week we were at Black Hat in Las Vegas. And they're like, what do you do? And I'm like, you know, allow-listing. And they're like, what? And it's like application whitelisting. And you can just see, oh, they've tried it. Yeah. And they failed that. And so, now, you know, it's really about revolutionizing that space. And a lot of, you know, a lot of CISOs, they're not early adopters.

[00:27:19] So, they don't want to know if you've invented something. They want to know if you've reinvented something. And so, we have truly reinvented, revolutionized, reimagined whatever term you want to use, you know, application whitelisting, allow-listing, application control. And we're able to do it at speed and at scale like nobody else out there. And it's meant for those enterprise and mid-market customers. And it's just, we consider it foundational.

[00:27:45] Most vendors that do application control do it as a feature and not a focus. This is our focus. And we do it better than anybody else. And that's why we're able to do it at scale. Is nothing surprising about how quickly or how slowly people come around to hearing what you're doing? Is there anything you kind of wasn't expecting that? We see that every single day. It's one of those where we're working with, you know, the biggest logos out there. And they've had a legacy technology in there before.

[00:28:13] And they've had it deployed at, you know, a couple thousand endpoints out of several hundred thousand. And they're like, we just, you know, this is, you know, we'll switch you out because you might be a little bit better. And then they see how much better. And then they're like, oh, wait, we could put this on desktops. That's probably the biggest thing that surprises people. But in Australia with essential aid, you've got to put it everywhere. We don't, you know, that's and that's very different. And I think in a lot of ways, going back to your earlier point of, oh, you're an Australian based company.

[00:28:41] Well, from a cybersecurity standpoint, you know, Australia, New Zealand, you going back several years ago, they got hacked a lot first because they had similar, you know, markets as the U.S. But the bad guys could try their stuff out. And so they made a decision as a country to put together, you know, the essential aid, which really has reduced the number of attacks, successful attacks that have occurred over there. And so we were built around that. And so we had to do it at scale.

[00:29:10] So my Australian customers do it across all of their endpoints from day one. They don't do it on just kiosks or just critical servers. They're doing it across the board right off the bat. So when we show them that that's, you know, what we've been doing for a long time, that certainly makes them go, let me see more. And then when we do the, you know, the proof of value, proof of concept, we're doing it on a lot of different assets, including, you know, desktops, including developer desktops.

[00:29:38] Developers are always the big thing that everybody's like, oh, I can be able to do it on there. And we've got a couple different ways to be able to do that. And certainly everybody is a little bit unique. You know, that's the difficult thing with cybersecurity is every customer is a snowflake. And so that's why, you know, having a tool that customers can kind of conform and configure to their own business really kind of allows this product to be that much more successful in the wild.

[00:30:06] Well, Patrick, we're at RSA 2025. It's Monday morning, the start of the week. What are you most looking forward to this week? Oh, my God. Going home? Yeah. Don't go home till Friday. No, this is probably, I've been coming to RSA for 10, 12 years, actually probably longer than that now, almost 20 years. Wow. It's kind of sad. This is probably the busiest week I think I've ever had at RSA. The schedule is booked. More and more folks are kind of, you know, realizing, you know, kind of who we are, what we do, and how we can, you know, kind of help their customers.

[00:30:36] So certainly meeting, you know, the existing folks that we've already kind of established good relationships with, but really kind of some of those new partners out there that are like, wow, we've heard good things about you, but let us actually see for ourselves. Those are kind of the big things, you know. Having those converts is really kind of important for us and will be important for us as we kind of continue to grow. We have huge growth plans over the next, you know, 12 to 24 months.

[00:31:05] We're planning on, you know, probably tripling the size of the company, both from a people standpoint as well as a revenue standpoint. So making sure that we've got a really strong and robust partner program is going to be important for us. So I'm really looking forward to meeting with more and more partners. In fact, meeting with CrowdStrike right after this, you know, right across the street. And yeah, it's going to be a good week. But yeah, when I get home on Friday, it'll be nice.

[00:31:29] Yeah, you get a chance to really break bread and break down some barriers or walls, I guess, to get to know people better. And our trust is built up this week, I think. Absolutely. Absolutely. Well, thanks so much for joining us. I wish you and the company all the success, the sales team especially, this year and beyond. Appreciate it. Thanks so much for having me. We are back with visionary or smoking crack. Why don't you introduce yourself? Hi, it's Brad Arnold here with Silent Push. All right, Brad.

[00:31:58] I'm going to throw some bold predictions at you about the future of cyber, cybersecurity sales, sales in general. You tell me, am I a deep thinking, insightful visionary? Or did I inhale a little bit too much walking through the tenderloin on the way to the conference this morning? Well, I'm actually staying in the tenderloin, so I know exactly what you're saying. All right. You ready for the first one? Let's do it. All right.

[00:32:21] By 2030, 80% of cybersecurity purchases under $100K will happen without a human seller or a human buyer. It'll be AI bots doing the buying and selling. Is that visionary or is it smoking crack? Well, I think it's definitely visionary, but you could still be smoking crack on that one. It's hard to say. I'm wondering how that plays out on the CS side. Do you think they'll be taking over some of that?

[00:32:47] Well, I mean, I think a lot of the AI work or a lot of the CS work will be augmented and supported by AI for sure. For sure. If not already. All right. Next one. In five years, more CISOs will report to CFOs than to CIOs and CEOs, and sales will become primarily a finance discussion first and a securities discussion second. Is that visionary or is that smoking crack?

[00:33:15] It's visionary, and it could have actually happened last week, you know. It's already going down that path. Well, I mean, everything, especially right now, has got a really big focus on price and then the time to value, which ultimately is CFO land, right? Right. All right. Next one. In 10 years' time, both the RSA Conference and Black Hat will be dead, completely gone. Is that visionary or smoke and crack? Smoke and crack. Everybody's going to come forever.

[00:33:45] It doesn't matter what we hear about. It's coming or going. It's always here. Come to this or die, except for this one. Too many people enjoy it too much or invest in too much of that, I guess. Yeah, I think all of the above. You know, it's just ingrained in the yearly schedule. All right. Last one. So, recently, Google acquired Wiz or announced they're acquiring Wiz, and some people in the industry called the combo G-Wiz as a funny way to describe it. So, here's my question.

[00:34:15] Within 12 months, CrowdStrike will buy Island, the enterprise browser company. And a new combined name of the company will be Hong Kong because it's a crowded island. Is that visionary or is that smoking crack? I'm just confused with the question. I'll just leave it at that. Probably smoking crack. Probably so. All right. Well, thanks for joining us, Brad. All right. I appreciate it, Andrew.

[00:34:52] It would mean a lot to me and to the continued growth of the show if you'd help get the word at. So, how do you do that easily? There are two ways. Firstly, just simply send a link to a friend. Send a link to the show, to this episode. You can email it, text it, Slack it, whatever works for you, and it's easy for you. The second way is to leave a super quick rating. And sometimes that can seem complicated, so I've made it as easy for you as I can.

[00:35:20] You simply have to go to ratethispodcast.com slash cyber. That's ratethispodcast.com slash cyber. And it explains exactly how to do it. Either of these ways will take you less than 30 seconds to do, and it will mean the world to me. So, thank you.