Shlomo Kramer, CEO and Founder, Cato Networks: Platform is the future of IT Security, Cato Networks is the SASE platform company and a journey
July 2024 by Valentin Jangwa, Global Security Mag
Shlomo Kramer, CEO and Founder, Cato Networks, met in London along with Greg Eden (VP, Communications, Cato Networks) and PR Paradigm (Isabelle Gilquin, Associate Director), explains Cato Networks’ journey.
Global Security Mag: Thank you for your time. Where do you see Cato Networks in 5 years?
Shlomo Kramer: Well, our mission is to be the first platform-based IT Security company. So, security has evolved over the last 30 years of its existence through innovation, primarily, and through startups that then were acquired by consolidators, the portfolio companies, Cisco, Fortinet, Palo Alto, or any large name that you can think of has grown through multiple dozens of acquisitions. And portfolio has become a real issue for the customers because that means for them or for the MSSP that manages the security for them, the need to own the solution and the groundwork, to deal with the undifferentiated maintenance work that is associated with taking all these point products and making them into a solution. And we want to bring a platform that abstracts the complexity. We own the groundwork, and the customer gets the business outcomes. Much like AWS did for data centers, essentially. So being the AWS of IT Security.
Why platforms? You will hear many of the appliance-based, appliance generation, security or portfolio companies, talking about platformization or the need of platforms. So, when we started it was visionary, clearly now it’s becoming more and more of the speak, because the operational costs and the business rigidity of a portfolio-based solutions, creates a big problem in the market. The market is broken because of that, and so is the security. A percentage of IT Security spent, out of IT spent, has gone 50 % since the COVID days, while the costs of data breaches has gone even more than that. So, we are spending more, and we are less secure and it’s becoming worse and worse. So, platform is the solution for that operational complexity and business logic.
Global Security Mag: Coming from setting up firewalls and web application firewalls companies, can you tell us how came the idea of founding Cato Networks, and explain why that company name?
Shlomo Kramer: I have been in the Network Security space since it started. I was one of the founders of Check Point. It was the first generation being the software-based Network Security. Check Point was all about simplicity and operational efficiency. With a single floppy disk in five minutes, you could be up and running, connected securely to the Internet with any application. Stateful inspection was the kind of the key driver there. And then in the second generation, there was kind of generational transformation 20 years ago from software to appliances. I was the first investor and board member of Palo Alto Networks. And Nir Zuk, the founder coming from Check Point as well, had the idea of taking all these floppies, all these pieces of security, and converging them into a single platform, the appliance, physical appliance. It was simplifying things considerably, but with digital transformation, and with the fact that the physical perimeter has gone, people are working from anywhere, applications are everywhere, data centers are everywhere. There was a need for a new form factor, a third generation, and a second generation of transformation. And that was the core idea behind Cato Networks. Digitally transforming IT Security so it’s not the ball and chain of digital transformation for the organization.
With that said, I’ve lived through the previous two generations and Cato Networks is driving the third generation of Network Security.
The name Cato is more an obscure answer.
The Pink Panther character in the cartoon and film had an assistant called Cato, and the assistant used to attack the Pink Panther to make sure that he’s alert and ready to respond to any types of threats, and that was the idea. It was also a catchy name and an open domain on the web, so we went with it. It is a creative name and a good story.
Global Security Mag: Can you explain the SASE trend?
Shlomo Kramer: Let’s put it on a timeline when we started 2015, it didn’t have a name and people didn’t quite get it. In 2019 Team Gartner got it in a very un-Gartner way, because Gartner is very much a point solution, a point product, very siloed, so SASE was a diversion from their usual course, and a very welcome one. And they took a snapshot of what we did back in 2019, called it SASE. But they didn’t say whether it’s a single vendor, whether you can take two vendors, one to do the Network, one to do Security. There was SSE, which was a subcategory. There was an SD-WAN, which was a subcategory. And in the last four or five years from now, ever since they’ve published that paper and said that the future of networking and network security is in the cloud, and SASE is that future, things have converged and moved in our direction. So, there’s no dual vendor SASE anymore. The last one was Zscaler who threw the towel and came out with a networking solution. before that, Netskope and others. And through acquisitions and not necessarily organically.
The single vendor SASE is going twice as fast as the dual vendor. And an analyst said that in Q1 80 % of the SASE revenue were single vendor SASE. And Cato is the poster child of single vendor SASE, so in that sense things are moving in our direction. All the analysts came with a magic quadrant and radars, etc. We are the leaders, the vast majority, and I’m sure that eventually we’ll be the leaders in all of them. And the market is maturing in their buying patterns. So, mid-size organizations got it immediately, because the pain is so acute of point products. And the resources are so scarce that they jumped on the SASE wagon first. But we are seeing that larger and larger organizations are buying into it. And now we have multiple Fortune 500 customers that made a full transition to our SASE solution. So, we are seeing kind of the very large enterprises starting to move in this direction as well. But it’s a journey and it will take years. But the key question is to know whether this a generation transformation like the one 20 years ago when all the software firewalls, none left, all of them are basically appliance-based. Let’s take a number, 5 years, 7 years, 10 years from now, how many of the firewalls are going to be appliance-based versus cloud-based. I would say the vast majority. So, this is a journey that eventually will transform the entire industry, and we are hearing more and more voices that agree with it.
Global Security Mag: When it comes to the turmoil of the world, digital transformation, cyber security challenges, how would you say that Cato Networks’ solutions are making the world and the business world a better place?
Shlomo Kramer: in four ways, including people in the equation. One is we provide better security. Security, and I’m not the first one to say it, is a data problem. You need to have all the data in one place to make a smart decision. If you’ve got multiple point products, you’ve got multiple separate pools of data, and brains that make decisions, separate decisions. If you’ve got a single data pool, with all the context from all the elements, and make a single decision, you have better prevention, you have better detection, and you have better security. So that’s one. Second is about operations and transforming the economics of operating a cybersecurity solution. And we changed that dramatically with the convergence into a platform. It’s clear, like AWS did, took the groundwork out of data centers. We take the groundwork, so the customer needs to do less and just get the business results. I can give you numerous examples of customers that were blown away by the level of operational transformation that we bring to cybersecurity. Just this quarter, we have a large Scandinavian manufacturer that placed an upsell order because what they thought was going to be an 18-month project became a 6-month implementation project. And their quote is, “this is unbelievable, I’ve never seen an IT project a year ahead of schedule”. I can spend all our time giving you many examples. The third is business agility. Both the known and unknowns, so both addressing the digital transformation requirements. I need to move my applications to the cloud. I need to use these SaaS applications, enable them, but I want to secure them as well. All these things are known, and we have a customer, for example, like Carlsberg, that has a strategy of acquiring a company and the vesting process can be very difficult. Selling a company can be also very difficult from a security harmonization perspective. But with us, it becomes very clear. And that strategy can come out of nowhere. It can be a new business strategy; you didn’t know about it.
Finally, the fourth point is the personal transformation of the people that do the work. And on our website, there are numerous quotes of people saying, “you know, you changed my life, as I don’t anymore need to do all this groundwork, I can focus on what matters to the business and security”. And generally speaking, it proves to be correct. To be an enabler of digital transformation, IT security needs to be digital as well.
Global Security Mag: You have been so successful, Shlomo. what gives you the motivation to have new ideas setting up new companies?
Shlomo Kramer: If I were a basketball player, a soccer player or whatever, and I would win two championships, would you ask the question about why keeping on playing for winning another championship? Well, my answer is: for the love of the game! As for Cato Networks, the sky is the limit and there is a huge potential.
Global Security Mag: Cato Networks is a private company. Are you thinking about going public?
Shlomo Kramer: We are really focusing on building the next generation security company. As you can see, we are very ambitious about it. Being a public company is a milestone on that road. And we will get to it.
Global Security Mag: What is your key message to our readers?
Shlomo Kramer: The key message is that platform is the future of IT security. And to be a platform company, you need to build that platform from the ground up. You can’t unscramble a portfolio company to be a platform company. And Cato Networks is the only company in my knowledge that have built a SASE (Secure Access Service Edge) platform from the ground up with that particular focus and the journey is ongoing. Plus, we have also launched the Cato MSASE (Managed SASE) for our partners.