CEO Interview: Alert Logic’s Bob Lyons on the future of MDR

Bob Lyons tells us how Alert Logic plans to stay at the front of the Managed Detection & Response pack

“Like most tech CEOs in 2020, I serve many constituents,” says Bob Lyons, CEO of fast-rising Managed Detection & Response (MDR) company Alert Logic. “Ultimately, my job is to create value for the three primary stakeholders of any business: customer, employee, and shareholder. I cannot fulfil that obligation to any one of them without addressing them all.”

You could say the British Army maxim of “serve to lead” captures the cybersecurity veteran’s leadership style: not only hiring top talent but building a “destination culture” where employees are supported and valued; understanding customer needs and constantly improving their experience; and of course, ensuring Alert Logic is among the top names in the burgeoning MDR Market to keep shareholders smitten.

Incredible growth is expected in the MDR market. Analyst firms have projected that 50% of organisations will be using MDR services by 2025. The rising importance of MDR is due to a number of factors. Threats are growing in volume, complexity and sophistication. And organisations are increasingly fighting an uphill cyber battle with limited resources.

Gone are the days where tech vendors handed over security tools and let organisations get on with it. MDR has stepped in to provide much-needed hands-on guidance, enabling companies to reap the benefits of new innovations in endpoint detection, security orchestration automation and response (SOAR), and user entity behavioural analytics (UEBA).

“The value proposition of building a perimeter with countless security tools has become less effective at protecting our clients,” explains Lyons, who before joining Alert Logic served as president and COO of Connexions Loyalty. “The business impact of failing at cybersecurity can be so devastating and most companies lack the expertise and capabilities to be constantly vigilant. Companies need better access to technology, threat analytics and expertise — rather than just a flood of alerts from a disconnected portfolio of SaaS tools.”

As Fran Howarth, practice leader at Bloor, writes, MDR gives organisations access to “expertise as and when needed to stack the odds in their favour”. Unlike traditional Managed Security Service Providers (MSSPs) that are perhaps more generic in nature, MDR is tailored to the specific needs of the customer and their IT environments. Bespoke customer service is a central pillar.

Hence, why Lyons recognises success in this market requires more emphasis on customer experience than other security segments.

“As CEO, I act as chief customer officer, customer champion or whatever role I’m needed to serve our customers,” he says. In July, Alert Logic announced that it was ranked as a leader in The Forrester Wave: Global Managed Security Services Providers, Q3, 2020. The analyst house cited rapid deployment, ease of setup, and consumption pricing as key factors that separate Alert Logic from competitors.

Coverage Everywhere, Simplifying the Experience, and Continuous Innovation

Lyons is just as laser-focused on the market’s macro trends to ensure Alert Logic extends its leadership position as the market expands. The company’s product roadmap is focused on three primary areas: “Coverage Everywhere, Simplifying the Experience, and Continuous Innovation”.

On the first component, Lyons says MDR vendors need to avoid focusing primarily on the endpoint. Increasingly, end-users demand coverage for other threat vectors: the network, web applications or cloud service providers. “Starting with coverage everywhere makes the most sense because you can’t secure what you can’t see,” he says.

To expand its coverage, Alert Logic recently added firewall logs and log-based Web Application Threat detection to its offering, and in 2021 plans to extend its native endpoint capability beyond gathering telemetry and functions like file integrity monitoring (FIM), to a more “full-servicing” of clients’ Endpoint Detection Response (EDR) needs.

In 2020, the company also invested a lot of energy in simplifying the user experience. Navigation, dashboard and reporting have been modernised. An Application Registry now streamlines log collection and ingestion, to help security analysts easily find, visualise, and configure log source — in what the CEO calls “a marketplace style experience”. Customers after a more advanced experience, can also now access a selection of more advanced features.

As part of its final pillar, continued innovation, Alert Logic’s threat intelligence team is fusing machine learning into its analytics modules while R&D builds more integration and automation with third party systems.

“As we look forward into 2021, we will continue to be focused on adding and refining capabilities that free up security teams to deliver on value-added tasks and those that help them contribute to their companies’ bottom line, such as automating various response options, both in cloud and on-prem environments,” the CEO explains.

The biggest challenge for Alert Logic? “Ensuring that we innovate and invest in the most strategic areas to cultivate strong, high performing technology alliances. We want to be hyper focused on partnerships that help everyone involved – vendor, channel partner and customer – excel.”