SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Exclusive interview: Gemalto’s channel strategy for ANZ
Tue, 2nd Oct 2018
FYI, this story is more than a year old

Earlier this year, Tech Data was appointed the distributor for Gemalto's portfolio of SafeNet identity and data protection solutions in New Zealand.

The deal allowed Tech Data to add include advanced authentication, cloud access, data encryption, and encryption key management to its security portfolio.

On the back of the partnership, TechDay spoke to Gemalto Australia and New Zealand enterprise and cybersecurity regional director Graeme Pyper about the opportunities the cybersecurity solutions provider is seeing in the region and their plans for growth.

What are the biggest security threats Gemalto is seeing in the region?

With data breaches continuing to rise, either inadvertently through human error or maliciously through cyber criminals, it is no longer enough to simply implement perimeter security.

Data's very nature is that it exists in various places, meaning that firewalls and monitoring tools are no longer enough to protect important data in their many locations.

It is vital that companies of all sizes do the very best at protecting consumers and their own databases from unauthorised access.

Gemalto's 2018 Data Security Confidence Index (DSCI) report showed that only 54% of companies surveyed globally know where their sensitive data is stored.

This statistic should be of major concern as it shows that Australian companies are not taking the necessary steps to learn where their data is stored, let alone how to protect it.

The DSCI report also found that the majority of Australian companies (84%) believe that unauthorised users can access their corporate networks.

We are seeing new trends in the region, particularly in the rise of identity theft, with the threat being identified as the biggest threat in the report.

We are seeing this particular type of threat in New Zealand at the moment with the RealMe phishing scams actively underway in which fake emails are prompting unsuspecting users to upload sensitive documents.

Mandatory Data Privacy Regulations such as NDB and GDPR mean that companies suffering data breaches have nowhere to hide.

Companies are, by law, required to be transparent with their customers if a data breach has occurred, with this exposure holding the potential for lasting effects on a company.

The possibility of damage to reputation and share price as well as loss of customers is a reality that a lot of companies face since the implementation of these laws.

PageUp is a good example where this has happened and is an area that the NZ Office of the Privacy Commission is currently reviewing.

How are companies responding to the threat? What can they do to mitigate risk?

We are seeing companies that are in possession of private and confidential data, such as healthcare, local Government, utilities, financial services and telecommunications service providers being the most at risk.

Many of these companies are now looking at how to best protect that sensitive information, taking into consideration cloud or third party service providers as well.

Companies are responding by implementing various security measures such as perimeter security via access control using multi-factor authentication, Data Loss Prevention (DLP) or data backup strategies.

While there are myriad of security measures companies can deploy, data breaches are always going to happen.

It is inevitable, and when it happens, it is important for companies to protect their most sensitive data by securing the breach.

There are four fundamental steps companies must undertake to mitigate risk:

  • Identify where sensitive data is stored
  • Minimise the number of data repositories where possible
  • Safeguard data by leveraging encryption and encryption key management
  • Control access
What opportunities are Gemalto focusing on for its partners in the region?

There are good opportunities for companies that are looking to differentiate themselves from the pack and be a thought leader in the industry by opening up the discussion around data.

The channel landscape, particularly in New Zealand, is quite diverse in terms of size and capability.

Most partners in the region are already providing threat prevention and protection solutions around perimeter security such as firewalls, web filtering, email filtering and antivirus.

We offer the opportunity for partners to have a conversation with the end user, allowing companies to offer strategies beyond these solutions, enabling a long-term relationship and furthers the “trusted adviser” relationship they already have.

What does Gemalto look for when choosing partners for its partner programme?

The partners that we currently work with on a local, as well as a global level, see the value we bring in our entire portfolio of solutions, they see that we are committed to investing in innovation that is aligned to what customers need in the face of threats.

Gemalto typically does not seek partners that offer commodity products alone - it is important that we align with our passion for security.

We look for partners that are capable of having a comprehensive security discussion.

We take pride in understanding our customer's need for complete data security and it is important that we are able to share this with our partners.

Ultimately, we look for companies whose security solutions can be complemented by Gemalto's identity and data protection solution suite.

What are Gemalto's plans to drive growth in the region?

We will continue nurturing relationships with our strategic technology partners such as F5, VMware, Dell and Nutanix as we believe this is the key to our continued development.

Gemalto believes that our value lies in continually developing relationships that enable us to add value to our partners.

We strive to be a thought leader and trusted advisor in identity and data protection.

We plan on growing our Cipher Partner Program so that we can help customers adapt their business and security needs to meet the challenges of cloud, mobility, and escalating threats.