John FurrierWelcome back everyone to theCUBE's special presentation here in our Palo Alto Studio. I'm John Furrier, host of theCUBE. We're here for a CUBE and NYSE wired community kind of event around AI leaders in Silicon Valley. Also, the CFO AI Summit, the impact of the business model transformation around AI, data, and all the stuff that's changing the game. Of course, cybersecurity is a big part of it. Sumit Dhawan is here, the CEO of Proofpoint, former CUBE alumni, many times. Sumit, been great to see you back on theCUBE, CEO of Proofpoint. Congratulations.

Sumit DhawanWell, thank you John and great to be back here.

John FurrierOne year on the job. We know each other from VMware. Obviously, you led the go-to-market, all the success. VMware continues to have success there. You're here at the helm for one year. Give us the overview. What's it like? Tell us what's going on. Give us the progress report.

Sumit DhawanWell, first of all, it is been a year that's gone by fast and they say if you're having fun, things go fast. So I am having fun. Yes, I completed my year about a month ago and during this last year, the company and Proofpoint, we have focused and doubled down in what our belief is. Our belief is simple. Cybersecurity has two parts. We make it more complex, but it really has two parts. You prevent stuff and if by any chance stuff has come in, you detect and respond. We focus on preventing stuff, preventing threats, preventing data loss, preventing the bad things to happen from a cybersecurity perspective. In the grand scheme of things, that happens usually at people, right? If you think about it, we all are people. We work for our organizations.

Sure, if threat actors are trying to attack CUBE or Proofpoint, they can go after network ports and all, but it's much easier for them to go after you or I because they can have socially engineered attacks. And Proofpoint focuses on preventing those attacks, preventing insider threats, preventing data to be leaked. That's what we call as human centric security platform and just positioning that, focusing the company on it, executing on innovation and customer success along the vectors of human centric security. We are having a blast and we are doing very well as a company. So that's been the progress report.

John FurrierI want to get into the preventive side and I want to definitely get this identity piece of it. Gartner just had an event in Vegas. They talked a lot about this, became one of the big themes. We saw that at Black Hat and throughout the year. It's always the individual social engineering. You mentioned that. This is a huge piece because you get the credentials. You're already in, they got the keys to the kingdom, the breach is there. It's the easiest way in. I mean from a hacker, that's where the optimization is. This is kind of well known, but how do you stop it? What's the strategy? What's the secret sauce? And Proofpoint, because it's kind of a public secret, I guess it's a public everything. Everyone knows identity's the fastest way in into the market.

Sumit DhawanIf you think about it, even before identity can be taken, what do the attackers do? They're going to try to see and do everything possible for you, John, to click on something, phishing, or they're going to try to do some kind of a fraudulent way in social media or some mechanism to try to attract you with something that you feel is urgent, something that you feel is critical. And human tendencies are to react because that's how we've been trained to do. So they exploit on those tendencies and that's all become easier with the invention of generative AI. Because used to be that people who are crafting these socially engineered attacks, they don't have the language skills to be able to craft those in a very comprehensive way. They used to get things wrong. I mean even Grammarly and now ChatGPT removes those issues.

I can issue multiple sophisticated attacks and run them in volume in any language, in any parts of the world to any customer I like. In response, what do you do? You have to really have AI to defend. The good news is now language models can actually detect the intent, and that's what Proofpoint system is. It's a very semantic AI technology. It detects the intent behind what other people are trying to communicate with you and how the relationship of that person has been with you in the past. Using all of that very sophisticated knowledge, it then detects whether this is normal or it's potentially completely not normal behavior and it needs to be handled differently.

And so over the course of last 12 months, we are proud of this technology that we call Nexus. Nexus are the sophisticated language models, language models that are being fed and trained with the world's most comprehensive threat data and are now able to run real time and detect whether a communication is just regular business communication or it's threat. That's what is powering the technology, which is cool. This sophisticated AI to protect against all these very sophisticated attacks that are being written using AI.

John FurrierYeah. It's funny, I was at Black Hat and I was asking a lot of other folks in other events we've done at the NYSE and here in Palo Alto, CISOs, when we do the CISO conversations, I say, "What's your resilience strategy?" Because we do a big thing on cyber resilience right now, which as you know is a lot of storage people talk about ransomware recovering, but GenAI doesn't really have an answer yet for resilience because there's no real rollback and once it's out there, it's hard to redo everything. You don't want to reissue all the GPUs to calculate everything. And so people are talking about this, so I asked the CIO of JPMorganChase, Lori Beer, at re:Invent, I said, "What's resilience for AI?" I'm paraphrasing now about her exact words, but we're something along the lines of, "It's just another app and we have app reviews and we have a resilience framework and we apply that." So what she's saying is that we look at GenAI as an app coming in, so we have to take all the precautions for the app.

I'm like, "Okay, great. Now, how do you manage that?" So this comes back down to her answer on cyber defense, which is, "We have to protect everything. We have $10 trillion a day in transactions." Now they have a $17 billion IT budget, so they kind of got a luxury budget, but they're hardcore on this point that we want to protect the systems. So the question is with Proofpoint, what are your customers telling you around, "I got a lot of vendors, do I consolidate? Which platforms do I go with?" What kind of conversations are you having in that area? Because end of the day, there's so much going on, more data's coming in, the attacks are not stopping. How are CISOs talking to you around the protection piece?

Sumit DhawanI want to talk about the whole GenAI data resilience separate, but let me address your question and we'll get to the topic. I think firstly, cybersecurity, ever since the whole adoption of cloud and mobile in the enterprise took place led to a highly, highly fragmented set of solutions solving, individual pain points and the preference from enterprises and reality was there because there was no real integrated platforms, was to get a best of breed individual point solution to solve a single pain point. The reality is that was the only practical solution at that point so you can't blame the decisions. But fast-forward to today, when you are thinking about a little more standardization of cloud, a little more standardization of mobile. In terms of customers minds, their architectures have been established. It's an amazing opportunities for CIOs and CISOs to think about few integrated platforms in the world of cybersecurity.

John FurrierFew, not more?

Sumit DhawanFew. Yeah. What do you need? You need to think about something at the network tier and SASE has emerged as a platform. You have to think about something at detection and response layer. XDR has emerged as a platform. And we believe you have to think about something at a preventative human layer. Preventive human layer is what we call, which is human-centric security platform where we can help you do threat defense, data security across all forms of communication, whether the data is at rest or in motion via a single integrated platform. That becomes your upstream security and we fully integrate with your SASE and XDR. So to me, that trend has started. There's just real value for CIOs and CISOs to simplify, lower the cost, and improve security by going through that path, and we are benefiting from it.

There are more and more customers of ours who are saying, "Well, we already rely on Proofpoint for say, email security. We are already using them for information protection. Now, they're using us for impersonation protection." They're looking for more value from the investments that they've made with Proofpoint. And I think that trend will continue in-

John FurrierSo SASE, XDR, human centric, almost like the stack of platforms?

Sumit DhawanThat to me makes sort of your infrastructure, your cybersecurity platforms. And identity, I would say would be the fourth. They all ride on identity technologies and that would be the fourth, and that completes kind of your cybersecurity architecture that today, if someone tries to do that with a one platform that can cover all of those, at best you can get a licensing program. But by the time you roll it out, you're going to have those four independent product or platform decisions that have to fit together.

John FurrierThat's a great call out there. I have to ask you about the business model, how you guys are doing, how's business going, what's the portfolio look like as you guys accelerate out and evolve with this wave? How's Proofpoint doing? What's the portfolio look like? What changes are coming?

Sumit DhawanDuring the course of this year, our focus was really doing two key things. Number one, I want to make sure that our technologies are providing best-in-class efficacy and we invested heavily in our data and AI models, and that was the Nexus reference that I talked about. I'm very proud of what Nexus is able to do. We stand up against the competition. Just the semantic behavioral AI technology that we have, we blow away the competition in terms of the efficacy of our solution. So what we do, we do the best and we leverage the most modern technology to do so. Secondly, we invested in providing integrated technology stacks so that when customers adopt our platform to use more than one module and modules is email security, impersonation protection, collaboration protection, data loss prevention, insider risk and posture management.

When they use these modules, they have a common technology architecture. What's a common technology architecture? We look back and we started, you and I, we are users, digital users. What do we work on? We work on browsers, we work on data, we work on email, we work on collaboration tools. So we built what we call connectors and control points. We call these control points, Zen. Why? Because these Zen, they're supposed to provide peace of mind of preventive security. So we call these control points as ZenWeb for browser, it's Zen for endpoints, ZenConnector for clients, ZenConnector for cloud applications.

John FurrierYou're in zen state because you don't worry about security.

Sumit DhawanExactly, exactly. Everyone needs to be in the peace of mind. It's the mission. It's our motto. And so we called it Zen. And that was a major piece of work. So we created an architectural platform. I'm very, very proud of what we have done this year and it's fueled the growth of the business. Now you asked the question where we are going. Last month, we made a strategic acquisition of a company called Normalyze. They're a leading provider. Gartner called them "a cool vendor" in the data security space because now with Normalyze, we can help our customers discover data anywhere, any cloud, any data source, on-premise, in the cloud, discovery. We can help you classify, clearly quantify the risk that is there based on the access privileges that are already available to different users and put layer of governance to control access.

John FurrierSo that's basically go out and find everything going on, all the assets, inventory, identity schemes that they have.

Sumit DhawanIt's data layer, predominantly data. So it focuses on data because the problem can be too big otherwise. This thing basically says, "Hey, your data is multiplying and is sitting in multiple places. Your data stores keep multiplying." This is a scary fact, John. We have a customer of ours in the retail industry who has developers that are building more and more cloud applications through digital transformation efforts. Within one year, they looked at their data sources, data sources as they could be in AWS S3 buckets, in the Snowflake in Databricks, on-premise, Office 365. Within one year, the number of places where the data is stored, data sources doubled. I'm talking about in thousands doubled.

John FurrierBecause the developers are just parking the data there. Do they know where it is or was it one of those things where they-

Sumit DhawanThey didn't know-

John FurrierWow, this is every-...

Sumit Dhawanwithout us. So we sort of bring this magnifying lens, help you look at the data, you discovered it. Now you can classify it because once you've classified it as in how I should treat the data, now you can put policies on it. That to me is the layer of preventive security. So next time I met meet Lori, I got to say it's more than applications. It is also the data, and if you get the hygiene and the posture of your data security right, then you have a true foundational preventive security at the data layer.

John FurrierAnd those regulated industries like JPMorganChase, they're very hardcore. I'd say they're the exception than the basic enterprise defending themselves.

Sumit DhawanYou're right.

John FurrierI mean they're hardcore. I mean they have a lot of regulation privacy, but they have over an exabyte of data. And so they're also thinking about how to protect that data and they're under a huge pressure.

Sumit DhawanWell, think about it, right? With generative AI applications, if you write a generative AI application, if you really don't have your data posture right, then effectively generative AI application will crawl it, learn from it and tell any users of that application whatever data is accessible to them.

John FurrierI mean, you can get, the entire data estate could leak out.

Sumit DhawanCould leak out.

John FurrierThat is a huge threat. And that could come in from an email, that could come in from some collaboration tool. So you're a human-centric piece shield, I call it, that piece protects the data access because once they're in, it's a penetration point.

Sumit DhawanThat's what we believe in. So we are excited about the future for that reason. The portfolio we have is giving us, there's so many macro reasons for customers to say, you know what? This network-based appliances that we're trying to do email security in the past, the days of those appliances are gone. They're moving to our solutions that are more modern defense. They're expanding on our platform because of desire to have strategic partners. Platforms do more. And now we are excited about enabling our customers to be able to adopt modern applications and generative AI experiences and ensuring the data security stays strong. And it's an exciting time.

John FurrierI love chatting with you because you're a technologist and that should be pointed out, but you're also the CEO. You have to drive the numbers. You're also very strong at the go-to-market at VMware. We talked a lot about that. You know partners, you know channels, you know go-to-market. Where are you at Proofpoint now? Because we are in a turning point in cyber. One, there's so much going on. It's not really turning down. It's turning up. There's more threat. But GenAI is putting the thumb on the scales on the benefit of the good guys for once, not yet fully there. Some will argue that it's equal. I don't think so. I think the bad guys still have an edge because they're organized until they get taken out by... Put in jail because they'll reconstitute these gangs. But it's getting better for the good guys. What do you look at when you look at the go-to-market, when you go talk to customers? Obviously, the stack's a simple concept, your customers are busy. You would now have stakeholders. What's your go-to-market framework? How should people look at your business from a sales, go-to-market partnership? Can you share your vision?

Sumit DhawanI think there are three aspects to it. Our go-to-market is designed for obviously the strategic objective and the growth levers of the company. The growth levers and the strategic objectives of the company that we fundamentally believe in is that today, while we have 85 out of Fortune 100, we only have 15% of Global 2000. So we are looking for adding more customers and making sure there is more and more choice available for customer acquisition. So we invest in that. Secondly, once a customer comes to our technology, we are making it easy for them to expand into our full platform. That's not a concept that is mature in the cyber industry. It's new because cyber industry, driven by both vendor side as well as customer side, has been predominantly structured to sell one product at a time and showcasing the value of the platform in multiple ways.

Technology value, customer business value, economic value, risk and benefits of it. That's a transformation we are going through. We are structuring our go-to-market to enable that conversation with customers, showcase it, guide them through how they would adopt all the piece parts and truly derive most value from the platform. So in terms of expansion in the go-to-market front, we are making that adjustments. And then thirdly, we see a lot of opportunities in under-penetrated segments where we haven't played in the past, especially in the mid-enterprise. Let's just call it sub 10,000 employee or sub 5,000 employee organizations. That's not a sweet spot traditionally of Proofpoint. And there have been a lot of reasons. Our technology has been traditionally designed for larger customers.

John FurrierLarge scale enterprise.

Sumit DhawanSecondly, our channel programs are not friendly for those enterprise customers. Our engagement model from systems perspective has not been. So we have invested in '24 because we saw customers saying, "Hey, I'm 5,000 employee company, but you know what? I am getting targeted 5X more than I was targeted in 2021, so I need best in class." So we made some acquisitions of technology, which was simpler, add-on to Office 365 through an API. What we did was we said, we have all this threat stack intelligence, why don't we combine the two? That offer becomes available in the marketplace very soon, which is best of threat intelligence, simplest of the solution, combine it, that's what the market-

John FurrierSo make it easier to consume.

Sumit DhawanAnd now channel program, enable the channel program.

John FurrierSo channel's going to be a big part of the strategy?

Sumit DhawanOf course. We are very close to bringing forward the simple offer broadly available to channel.

John FurrierSo the performance is good on the business. I know you're private. Can you share some momentum on the business side?

Sumit DhawanYeah, we've been private. We've been private since 2021. Thoma Bravo is our solo investor and sponsor as you call them.

John FurrierLooking for growth.

Sumit DhawanWith the business we have created, we believe good value in the business. At this point in time, a natural path for a company like ours will be to explore public markets and we'll do so in due course.

John FurrierYeah. Well, great to have you on theCUBE. Final couple minutes we have left. I really appreciate you coming into theCUBE for our special program. Customers, tell some customer stories why they're buying Proofpoint and expanding with you. What's the key theme you're seeing? Obviously, cybersecurity is a threat, but when they... It's easy, I'll say easy to sell cybersecurity because everyone wants to protect themselves, but adoption and usage is a sign. Take us through some of the customer stories where they're thriving with you guys.

Sumit DhawanYeah, I think, let me give you an example of a customer in Japan. I use this example because this is a classic case of a customer who has been using email security that was embedded in a network box, and I'm not going to say which vendor they're with, but network box, it was a feature. They were like, it was working and they said, "Hey, three years ago, all of a sudden it stopped working." Why? We worked with them. We looked at all the patterns and we saw what was happening. What was happening was of course these network security folks, email security have some degree of classic machine learning. It has to. But it's pattern-based. So what we discovered was that threat actors were essentially able to work around the patterns because they figured out what patterns the system is trained on and the network compliance is getting trained much slower.

How did they do it? Because they could write in Japanese. So they were using tooling. They were not native Japanese speakers, but because the threats were coming from outside of Japan, they were able to write... Language is no longer the barrier. Classic ML is no longer the barrier. And so they came to us. We did the evaluation, we went through a full switch that's very typical from a network security-based system to our cloud-based security system on email side. We did the switch. We showed them an efficacy improvements for these advanced threats of well over 80% of the stuff that was going through, completely getting blocked. Within months, we are able to make that switch. One more story I want to share, which is actually completely different.

It's two similar stories. EV manufacturer and pharmaceutical during COVID period when vaccines, formulas, R&D and R&D for EV, you may have seen things in news because of insiders being threat actors or state threat actors that were employed by mistake by certain well-known companies in these sectors. It's our technology that's actually able to smoke them out. We are the ones who are able to prevent these amazing stories of, "Hey, we get a call."