Catch Amit Nath, Country Manager – (India & SAARC) F- Secure in a conversation with Sanchit Vir Gogia, Chief Analyst & Group CEO,Greyhound Research on Greyhound Research’s knowledge sharing series ONTrigger
Listen to the podcast here or on iTunes / SoundCloud:
Can’t hear the podcast? Don’t fret at all! Read full transcript of the interview below in text. To download the transcript in pdf, click on the icon on the right. 
BTW, if you like what you read below, just click the twitter birdy (in text, in blue) to tweet 😉
Sanchit Vir Gogia: Hello Everybody. Thank you for making the time to come back on our YouTube channel to see the latest interview, as part of our interview series, Greyhound Research ONTrigger. In case you have missed it you can go on twitter and use the #ONTrigger to learn more about our initiatives and see some of the other interesting videos that we have shot recently.
Today we have the good fortune of having Mr. Amit Nath- Country Manager, F-Secure with us here. Thank you Amit for making time. It’s a pleasure to have you here.
Amit Nath: Pleasure to be here.
SVG: Amit, you have been a long time security guy, about 16-17 years if I am not mistaken.
AN: Yes, at least about 10.
SVG: About 10. Wonderful! How has security as a topic changed in the CIO agenda? Has it gone low or has it gone higher?
AN: Well! I think you cannot wish security away because the business landscape keeps on changing and when business changes so does technology platforms and therefore security also comes into play. As businesses continue to re-invent itself, you will always find that the role of a CISO is getting more and more prominence in the industry and I think that’s how the security market in India is growing as well. 
SVG: You mentioned CISO. So is security still a CISO agenda or is it part of the CIO agenda?
AN: I think it’s a very specialised job. It needs a lot of focus, it needs a lot of learning and re-learning and it’s very specialised. I think if you look at some of the more mature organizations, you look at the top hundred organizations in the country today, you look at hundred large enterprises, they will always have a CISO and I think that is the right approach. In some of the companies you don’t have CISOs. I don’t know whether it is good or bad. My personal preference is that it helps if you have a CISO who is very focused on what the organization needs from a security standpoint.
SVG: Sure but that’s a very ideal perspective. Let’s think about SMEs, a typical hundred-five hundred member organization, because India is all about SMEs. There are hundred top companies but again the larger business happens with the SMEs. Now help me understand that as a practitioner, as somebody who’s been in the security industry forever, how should large enterprises and SMEs approach security differently or should they be looking at it the same way?
AN: SMEs won’t have a CISO. No, these are two different markets completely. I think some of the business drivers in large enterprises are completely different and some of the drivers on the SME side are completely different.
SVG: What are these? Let’s break it down a little bit for the audience.
AN: Let’s take one of the most abused words in the industry which is cloud. So let me use that as an analogy to say hey, if I go and talk to any large telecom player in India or I go and talk to an extremely large enterprise guy, he will have a lot of concerns around cloud at the moment. He will worry about his data, he will worry about control, he will worry about security and all of that. But just translate that conversation to a completely smaller SME player. He doesn’t understand ABC of security. He is constantly under cash flow issues. He doesn’t have money to hire dedicated IT security specialist at any layer. He may not even be able to afford an IT manager or even a CIO. So if I’m running say, a fifty-sixty crore company,I have fifty employees and I need to make sure that my data is safe, I will simply look at the cloud and say hey, the cloud will give me scale, it will give me ease of doing business and I don’t have to really invest in a CAPEX model.
SVG: Can I stop you there please? We hear about cloud as the main stay option for SMEs but when we as an analyst firm go out and speak to the CIOs, these decision makers, they are still wary of the cloud. I’d love to give an example here which I really am fond of, that just like when ATMs came in like a decade ago people were scared of using ATMs. Cloud is pretty much the same way today. Now how are you sort of seeing that mind-set change happen in India in terms of the use of cloud as a mainstay option for delivering a technology?
AN: I think it’s here to stay and it will only grow. I’ll give you a perfect analogy. About eighteen months ago people used to be not having these conversations around public cloud but a lot of stuff that we do in day to day is all around the public cloud. But let me just come back to your question saying, I see a large option of small and medium enterprises going the cloud way. I can only speak about security and cloud is really big. I see customers buying security as a service in India and that will only gain traction. I don’t see it to be an inhibitor of any kind.
SVG: But when I speak to partners, and I speak to these guys who are on the ground selling, they sometimes feel very inhibited about the fact that look SaaS is here. It’s going to eat away my business, so there are lots of these fallacies in the market. How do you think you tackle all these things?
AN: I think we do a lot of education because we must not forget one thing. If I look at the entire security market in India today and we can all debate figures, it could be hundred fifty million market and ninety five percent of that market in my mind is still capex market.
SVG: Why is that?
AN: I don’t know maybe historical legacy and it’s just going on and on and on.
SVG: Maybe mind-set issues as well.
AN: And maybe mind-set issues as well! But I look at us. If I just talk about F-Secure, I look at it as a company that is going to drive that change process and I’m very comfortable with the fact that I can go to a CIO, I can go to a CFO, if I’m talking to a large mid-size enterprise or I can talk to a small guy and say, why are you buying CAPex? Give me one good reason why are you buying CAPex. Why can’t you go the OPex way and save forty-fifty percent of your cost. I think it’s a good discussion to have and I think if I can still solve that customer’s problem and make sure that he does it the OPex way than I think it’s a great selling proposition but the selling also has to happen at a partner layer because the partner has to understand how he will partner with the business.
SVG: So let’s just take a step back here and talking of partners and talking of selling cloud, I’ve been tracking the market for the last ten-fifteen years and off late what I have seen is lots of ISVs like yourself are actually partnering with the telcos to offer a cloud delivery but the irony being that the Telcos are struggling to sell SaaS, Telcos are struggling to sell cloud because they are best at selling pipes and more so Telcos business model is under a dramatic change because here are the OTT players who are now sort of blending into the entire telecom space and its getting increasingly harder. Now help me understand, do you think telco is a viable option to go to market and sell aggressively and you know, help solve a customer’s problem?
AN: I think the answer to that is yes and no. I think the Telcos have been a great channel. Whichever security company has used those channels, it has helped build a large scale but the critical issues now for Telcos is coming and saying what next after that? There is that problem there but that market is essentially a B2C market and that market is now showing signs of maturity and stagnation. That market is no bit more different also because it gets compounded by the fact that it has to comply with a large amount of regulatory compliances around that.
For example, if you look at TRAI, TRAI says for every consumer that you activate you must have a double consent. So the business models with the operators have changed. Earlier the VaaS services used to get sold like a bundle, no longer. Now you need double consent and so and so forth. But the good part of this is that the business models with Telcos are now changing. More and more companies are looking at Telcos to say hey, I still want to use you as a pipe but I will do all the marketing myself. We call it the FEAT model.
SVG: Who does the support?
AN: The Company does it. F- Secure does it. And that’s the new business model that we have seen is now getting derived which means that I use you as a pipe but I sell it in the market as say, F-Secure. I don’t sell it as a white label solution. So I end up doing all the marketing, all the technical support, all the pushing, all the mobile advertising while you still get revenue share. I think that model is now evolving and that’s how the telecom market is going to change.
SVG: I totally agree with that because you know we have been tracking the telecom players for a very long time and the only reason telecom players have not been able to earn a lot of money from the cloud delivery is because they have not been able to provide anything beyond an L0 support, L1 and L2 has been a struggle and that’s where the money hasn’t really flown in, you know the customers haven’t really benefitted.
So help me understand, you said that you’ve sort of made that change. Is that a change you made personally? You came into F-Secure about twelve months ago if I’m not mistaken and is that a change that happened post you coming in or was it a change that F-Secure was going through?
AN: It’s a global model change that we are doing with how we want to engage with telecom operators. We have a huge historical legacy in the company of doing business with telecom players across the world and therefore we are now coming up with new business models around that. I think the last twelve months in India where we made a move really is the B2B market.
SVG: And again its partner layered?
AN: It’s completely partner. We are a hundred percent focus channel company.
SVG: And if you were to talk about the next twelve months, you have done a fantastic job being FO12, making significant changes, bring in new people, add the entire energy to the business and good job with that. Help me understand the next twelve months. What can your partners expect from you over the next twelve months in terms of key investments that you’re going to be making for them in this country?
AN: I think from a partner perspective we are really automating a whole lot of stuff. I think we are re-defining how channel marketing is done. So we are coaching up partners with respect to social media strategy where we are doing more digital marketing with them. We are bringing some of our global best practices in channel marketing into India, so we are doing all of that at least on the channel marketing side.
But we are also spending a lot of time with our partners to build new business models because ultimately that’s what it is all about. How do we take the opex story to the market? What does it mean for the partner? The other critical part of that partner ecosystem is have you looked at other components of technology that I can offer as a service.
Let me give a very crazy example. Can I offer mobile device management as a service? That’s a new business model. Can I offer DLP (Data Loss Prevention) as a service? I’m not talking capex. Can I offer encryption as a service? So we are constantly now trying to re-invent new business models which the India security market has not seen and I think that’s the new value-add that I want to do over the next twelve months. Yeah sure, we will continue to push aggressively our customer acquisition, partner acquisition, the traditional security business model, but that’s been there in India for the last fifteen-twenty years and everyone is probably playing their own game and winning market share but we are here to change and re-invent the market and that’s what the next twelve months is likely to bring.
SVG: Well good luck Amit. I wish you all the best for you next twelve months.
AN: Thank you so much. I appreciate it very much.
SVG: Thank you once again everybody for taking time out to see the latest interview with Mr. Amit Nath- Country Manager of F-Secure. For other updates, please go to our website greyhoundresearch.com or send me an email on connect@greyhoundgroup.com and we will reply to you within 24 hours. Thanks once again everybody.