Bluevoyant wants to conquer Switzerland
The US cybersecurity specialist Bluevoyant is expanding in Europe and is relying on the help of the traditional channel. Markus Auer, Sales Director DACH Region, explains in an interview with "Swiss IT Reseller" to what extent Switzerland is an exception and what plans the company has for the local market.
Sales Director Dach
"Swiss IT Reseller": Bluevoyant has announced the expansion of the company in the DACH region. Why is this step being taken at this particular time and what are your expectations for the DACH market?
Markus Auer: Bluevoyant has been successful in the US market since 2017 and that's why we planned to expand to Europe in 2021. In doing so, we started with a small team in England and then presented plans to expand to the entire regions in Europe. So in the second half of 2021, several people were recruited in the different regions and then on January 1, 2022, operations were launched with local teams in the different regions in the DACH region, but also in France, Spain and Portugal, Benelux, Nordics and Eastern Europe. In the DACH market, we have now formed a team consisting of local sales resources, as well as myself as Regional Sales Director, who manages the Germany, Austria and Switzerland area as a whole. In addition, we have two technical resources, a channel manager, local marketing and event management, so we are actually very well positioned.
"Swiss IT Reseller": When you say local, does that mean for the DACH market that the people are based in Germany?
Markus Auer: That's right, the Bluevoyant team is located in Germany. In Switzerland, we cooperate with Elca Security as part of the newly founded joint venture Senthorus.
"Swiss IT Reseller": In this DACH constellation: What is the importance of the Swiss market? What makes Switzerland interesting for Bluevoyant?
Markus Auer: What makes Switzerland interesting is that there are many very well-known companies there that are potential customers for us. In terms of weighting, Switzerland is just as important for us as Germany. That is why we have invested in this joint venture with Elca. We don't have any products, but offer managed security services. And in this respect, the Swiss market and Swiss companies have special requirements, for example with regard to legal aspects or personal demands for data protection. It was therefore essential for us to enter into a cooperation with a local partner in order to meet these requirements. That's why we decided to do the joint venture with Elca Security. Elca as the largest independent IT provider with decades of experience combined with Bluevoyant's modern technologies in the area of Managed Security Services was the perfect package to start into the Swiss market.
"Swiss IT Reseller" Was it not an issue to come directly to Switzerland as a Bluevoyant yourself and work the local market in this way?
Markus Auer: We thought about it, but due to Elca's long-standing local presence in this area, it quickly became clear to us that we could quickly enter the Swiss market through a joint venture. This is Bluevoyant's only joint venture in Europe.
"Swiss IT Reseller" Why This?
Markus Auer: The Swiss market has stricter regulations than the other European markets in terms of data protection. And that means that we had to provide the services 100 percent from Switzerland, that not only does the customer's data not leave Switzerland, but also that only personnel from Switzerland have access to the data. And that's why we are currently setting up two local Security Operations Centers (SOC) together with Elca, one in Geneva and one in Lausanne. This ensures that 100 percent of our services are provided directly from Switzerland.
"Swiss IT Reseller" And what is your role as the person responsible for the DACH region?
Markus Auer: My job is to coordinate the whole thing. That means for Germany and Austria we act with local partners, but not within a joint venture. We will serve the Swiss market exclusively through Elca. My task here will be to work very closely with Elca and to act as the interface between Elca and Bluevoyant, to transfer knowledge about our services and to find business opportunities with the Elca team, and ultimately to advise customers on which of our services are best for which requirements.
"Swiss IT Reseller" So there are no plans to set up a classic channel in this country, but only in Germany and Austria?
Markus Auer: Correct, although I don't want to completely rule out a channel in Switzerland. Basically, however, it is our strategy that Elca is our primary partner. If other local partners show interest in cooperating with us, we can certainly discuss that together with Elca. But everything will go through Elca. In Germany and Austria, it's different; there, we will establish individual cooperations with partners and then build up business with them.
"Swiss IT Reseller" How has the DACH region been handled so far, or better, has it been handled at all?
Markus Auer: So far, we have not worked on the DACH region. We started in this region on January I, 2022. However, we have so far had two customers in Switzerland who were serviced by our team in Israel.
"Swiss IT Reseller" What is the response, respectively the interest of the DACH companies?
Markus Auer: Very big, the pipeline is filling up and I am considering hiring more sales resources. Considering that we have only been present in the region for a few months, our expectations have been exceeded. Of course, this also has to do with the fact that we offer services differently than others and also offer services that no one else has.
"Swiss IT Reseller" What does that mean in concrete terms?
Markus Auer: Bluevoyant offers various service lines. Our first service line is for the network. Here we offer traditional managed detection and response services, both for the endpoint and for security information and event management (SIEM) solutions. We detect and respond to various threats. In terms of technology, we support the entire Microsoft security portfolio such as Azure, Defender and Sentinel. Outside of Microsoft, Splunk is the second SIEM solution we support, and in terms of endpoint detection and response solutions, besides Microsoft Defender, it's Crowdstrike, Sentinelone, and Carbonblack. Outside of these technologies, we don't offer services because we see ourselves as a cloud sec. provider. The traditional approach of an MSSP when doing SIEM monitoring is that you have to provide them with the log data. That raises privacy issues because log data is very sensitive information. Cloud technology allows a very different approach here. Our SOC services are delivered 100 percent within the customer's environment. That means the customer doesn't have to come to us, but the SOC from Bluevoyant or Senthorus comes to the customer. In this way, no data leaves the customer's environment and the activities of our SOC are 100 percent transparent for the customer.
"Swiss IT Reseller" And what are the other two service lines?
Markus Auer: The other two service lines are outside the customer environment. One aspect is third party or supply chain security. Every company has partner companies with which it works very closely. The danger, of course, is that if there is a cyber risk at one of the partners, it will also filter through to the company itself. And that's why we offer third-party cyber risk management solutions here, with which we monitor the partner companies for our customers. We do that with publicly available information, which means we don't need the partner's consent. We detect assets of the partner company that are connected to the Internet and can deduce cyber risks such as unpatched systems or open ports. And we not only detect, but we solve these problems by working directly with the third parties as Bluevoyant. The third service line we call Digital Risk Protection (DRP) Services. These are services that protect the customer itself from cyber risks outside the perimeter. This includes various subcategories. One example is the detection of phishing websites. This service is primarily used by banks, as we not only detect the phishing websites, but also take them offline. Other services include social media impersonations, where cybercriminals act on behalf of companies and try to steal credentials, and data leakage detection. Here we intervene when sensitive information has already left the company. That means we examine the web, deepweb and darkweb for the company for information such as leaked credentials or confidential documents. We can detect such things and provide the company with the evidence and recommendations for action.
"Swiss IT Reseller" Are you primarily targeting large companies with these services?
Markus Auer: No, not at all, we have customers from small to very large. It's individual services like Digital Risk Protection or Phishing Website Detect that are mainly interesting for large financial companies and insurers and for any company with online business. In Managed Detection and Response Services, which is classic SOC services, we have customers with 100 employees and those with 250,000 employees. Small and medium-sized customers come to us because they have neither the know-how nor the resources to set up 24/7 monitoring themselves. Then we take care of it completely. But we also have companies as customers that already have a security team, but can only offer the monitoring service from 8 am to 5 pm. We then act as a co-managed SOC with the company and close this gap.
"Swiss IT Reseller" How many customers do you have in the DACH region at this point?
Markus Auer: I can't give exact figures for the DACH region, but globally we serve more than 700 companies. We have customers, but we've only been on the road for five months, so there aren't too many yet. That's why we try to work with local partners who act as trusted advisors for their customers. Because we operate in a very sensitive environment and Bluevoyant was not even known here until a few months ago. In other words, we try to gain trust through partnerships. If Elca tells its existing customers that it has evaluated Bluevoyant's services and found them to be good, which is why it has set up this joint venture, then it is much easier for us to gain the customer's trust from a technological perspective.
"Swiss IT Reseller" This gives you an easier game in Switzerland than in Germany and Austria, where the channel has to be built up first.
Markus Auer: Yes, you could say that. Senthorus was launched on January 1, 2022. We are now trying to find partners in the other countries.
"Swiss IT Reseller" What do you look for in a partner?
Markus Auer: Our partner strategy outside Switzerland is not to find as many partners as possible, but to find the right partners for us. There are partners who already offer managed services in the IT area, but not yet managed security services. And you don't build such a service overnight. We seek cooperation here by telling such partners that we can complement their existing managed services business with security services. We also talk to existing MSSPs that already have security services and see whether they are missing certain service lines that we could offer.
"Swiss IT Reseller" And where will Bluevoyant be in the DACH region in a year's time?
Markus Auer: We have set ourselves high goals, but I can't give you any figures. When I see how other regions are growing, we want to achieve this rapid growth here as well. In one year, I see the local DACH team at least doubling. In Switzerland, we work together with Elca, but nevertheless I will consider whether it makes sense to place a local Bluevoyant resource that can work even more closely with Elca and also act on its own to find business opportunities.