Earlier this summer, fast growing security operations company Arctic Wolf opened a new phase in its international expansion with the establishment
of a European HQ in the UK and the recruitment of Clare Loveridge as Vice President and General Manager EMEA to drive growth across the region.
Loveridge has more than 20 years’ experience in sales and channel roles
at companies like Data Domain and Nimble Storage where, as EMEA Channel Director, she helped grow Nimble’s business across EMEA. This experience will prove invaluable as she builds Arctic Wolf’s partner network and adds to the company’s existing 650-strong global partner base.
Arctic Wolf has a channel-only go- to-market model for its cloud-native platform, which spans the complete operations framework, including Managed Detection and Response, Managed Risk, Managed Cloud Monitoring and Managed Security Awareness – all backed by a personal concierge service that guides each customer through their security journey.
The company’s move into EMEA comes after a doubling of North American sales and a $200 million Series E financing round in October 2020, followed by an additional $150 million Series F financing round in July, which gave Arctic Wolf a valuation of $4.3 billion.
Technology Reseller spoke to Clare Loveridge to find out more about the company, its customers and its channel proposition.
Technology Reseller (TR): Please could you tell readers a little more about Arctic Wolf and where it fits into the overall security market.
Clare Loveridge (CL): Security is a really hot topic right now, and one reason for that is that there are so many security products on the market, but they are not keeping the bad actors out.
Arctic Wolf has a slightly different way of doing things. All our marketing says
we offer the industry’s only solution that spans the complete security operations framework. As we look at the market, we see a lot of MDR providers, we see a lot of MSSPs and we see an awful lot of security tools. Our security operations framework includes many of those – and more.
We cover MDR, which was the basis of our framework – the company started in 2012 and we launched MDR in 2014. We also have Managed Risk, Managed Cloud Monitoring and the recently launched Managed Security Awareness, all of which are delivered by a specialist concierge security team.
For me, the concierge security team is one of the keys to what we do. Each organisation will have a concierge security team linked to them – two named individuals that are aligned to their business. These two individuals work as an extension of the customer’s internal security team to provide 24×7 monitoring, detection and response, as well as ongoing risk management and cloud monitoring. We are not just looking at a tool that will report on certain alerts. We are looking to cover the entire security posture.
In addition to that, and this is another key point, we don’t expect organisations to rip and replace all the tools they already have, like firewalls and IDS (intrusion detection systems). We actually use those tools and the alerts they generate and ingest them into our platform, because that gives us so much information about what’s going on in the network, what’s going on in the infrastructure and allows us to give that full security coverage for the organisation.
TR: Who are your customers and do they typically have an in-house IT department?
CL: We have customers that span from very small to very large enterprises, but the bulk of the business we have done since our inception in North America is in the 300 to 3,000 user space, and not all of these will have an in-house IT capability.
What we find is that even if they do, because of all the tools organisations are
using, they often experience ‘alert fatigue’. The general stat that we see – and this is a global stat – is that 40% of organisations receive 10,000 alerts per day. To be able to analyse all those alerts, understand what they mean and weed out the false positives is more than a full-time job, it is several full-time jobs.
We did a bit of research in the UK and found that 39% of UK SMBs are overwhelmed by the amount of cyber security alerts they receive daily. Typically, they are receiving up to 75 alerts per day – that’s just for the UK SMB market.
Following on from that, you have a skills, talent and time challenge. Organisations that have in-house IT teams might only have one individual looking after security and being able to look at the security posture of the business and plan for the future and at the same time make sure they are on top of all of the threats, understand what they are and action them is very, very difficult. Most organisations are not able to keep up. What we hear from many customers with generalist IT teams is that alerts are put on the back burner because there are more important priorities to take care of.
TR: How does Arctic Wolf keep on top of it all?
CL: Our cloud-native platform ingests all data, taking in around 32 billion observations per day, which turns into 765 investigations by the concierge security team. Alerts come in, they are passed or sent to our triage team of 250-plus security experts who investigate them, take out the false positives and work out which ones are important. An average of one or two incidents per week need to be reported back to each customer. The concierge security team will tell the customer exactly what the alert is, what the threat is, what they need to do about it, and how to stop it happening again. It really is a true extension of their security team.
TR: Where are these experts based?
CL: At the moment, we have security operations centres (SOCs) in North America and in Canada. We don’t currently have a SOC in EMEA, but we will be launching one towards the end of this year in Frankfurt. We have already hired some concierge security teams in Germany, and we are also hiring in the UK. So, there will be concierge teams in the UK and Frankfurt.
TR: Your most recent product was the Managed Security Awareness module. What does that involve?
CL: This, for me, is a really interesting market. They say that 85% of breaches come from bad guys targeting employees to get them to share their information through things like phishing scams and links. In 85% of cases, employees are enabling bad actors to get into networks and systems and once they get in, they are there for six months or longer, finding more and more ways through and getting more and more information.
They also say that 80% of everything you learn you forget in under a month.
Yet, only around 6% of organisations offer training more than monthly – they do training for an employee, but then move on. Managed Security Awareness is essentially micro-training. We continue to drip-feed learning points over time, which results in better retention of information. We send spurious links and do trainings on top of that. It may only take five minutes, but it will happen every few weeks.
TR: What is your go-to-market model? CL: In 2019, Arctic Wolf announced that it was 100% channel. Having worked for start-ups before, it is very unusual to come into a company where their partner programmes are so well baked, so mature, and that is because the company has been 100% channel for a few years now.
There are a couple of different ways a partner can sell our product; they can resell it or they can offer it as a service. When they resell it, all of the service at the back end is passed to us; the concierge security team will deal directly with the end user. That’s the reseller model.
With the service provider model, the concierge security team will deal with the service provider, and it is up to the service provider to do the ongoing work with the end user.
Resale is much the most common option. That said, the service provider programme is growing very quickly.
TR: Are you attracting more resellers that perhaps aren’t security specialists? CL: We are. We have signed around 30 resellers in Europe in the last four months – and when I say Europe I am talking about the regions where we have people, which, so far, is the UK and the Nordics. We have had a sales team in the UK for four months now and in the Nordics for two and half. We have also recently hired in Germany and Benelux.
We have signed around 30 partners so far, including 22 in the UK, and the vast majority are infrastructure partners. Some of that is because my background, where I have long-standing relationships, is in infrastructure, but it is also because Arctic Wolf enables channel partners to offer a comprehensive security solution without necessarily having to acquire knowledge of a whole host of tools or build a whole security team, because they can do that with us.
TR: Do you have a distributor in the UK? CL: We are in conversation with distributors, and it is something we will look to do, but I am not quite sure when that will be at this stage. One of the unique things about Arctic Wolf and the way we are launching in EMEA is our investment in people. Very often, you will see sales teams come in, but until a pipeline is built, there is less support from non-quota carrying heads. Arctic Wolf is really investing in people and putting support into regions, so alongside the sales team and the security operations team in Frankfurt, we are hiring marketing teams and channel teams to support the in-country sales teams.
TR: What criticisms have you encountered from potential customers? Do they worry that your service is too expensive?
CL: We haven’t come across any objections about it being too expensive, because one of the key things customers are saying is that when you compare what we offer to having full-time employees to manage the security systems, it is not expensive.
There is also quite a shortage of skills in the security industry, particularly trained security experts. Companies are struggling to find, hire and keep those employees because it is such a competitive market at the minute.
TR: What are your plans for the rest of the year?
CL: Our plans are to build out where we have teams, so the focus will be on the UK, Nordics, DACH and Benelux. That doesn’t exclude any of other regions, but that is where our key resources will be. Then we will look to expand into more countries next year. The big focus for the second half of this year is the launch of the SOC in Frankfurt.
To find out more about Arctic Wolf, please visit www.arcticwolf.com