Interview: John McCormack, Forcepoint

Written by

Around 11 months on from the acquisition of Websense by defense contractor Raytheon, I had the chance to talk to the CEO of the newly formed entity of that company – Forcepoint.

John McCormack served as CEO of Websense following the retirement of Gene Hodges, and was vice president of engineering for Symantec’s client security group, responsible for Symantec anti-virus products and served as general manager of the Secure Managed Networks Business Unit at Cisco. His arrival into Websense was ten years ago, and McCormack acknowledged that Websense was a strong brand and after the $1.9 billion Raytheon acquisition, the new name made sense.

“We were able to be involved and acquired Stonesoft from Intel Security as well, and just to make it interesting with a carve out from Intel and from Raytheon, we put it together in a new company,” he said.

“It needed to be done as the venture is going to take a few years, but we wanted to make a point on why we need to exist in an overcrowded security space and wanted to have a new name to represent this bold vision we have laid out and quite frankly, while it was a heck of a lot of work, the feedback is universally positive on the name.”

McCormack was keen to point out that it needs to tell people about solutions, and it is focused on the solutions to the problems. “We are not out there fearmongering, we are trying to drive a set of solutions to the issues," he said.

I asked him about the addition of next-generation firewall vendor Stonesoft, who had gone through an acquisition in 2013 by McAfee, and later became a part of the Intel Security brand. McCormack said that “Intel didn’t sell the asset off because things were going well”, and it has moved people over, reinstating the brand in Helsinki.

He said: “People in Finland believed in it, and they built a brand where you were not just buying a box, you were buying a part of the family and that is a powerful thing. I was amazed in the culture and made an executive decision to bring back Stonesoft and get the old sign from storage and put it back up and said ‘Stonesoft is back in business’; there were tears in people’s eyes.”

The brand that is Forcepoint was formally announced in January. I wanted to understand what the offering was, and what Forcepoint was trying to address? McCormack said that the “tectonic” shift is that the days of stacking servers, networks and applications is coming to an end, and the product offering is moving to service architecture and cloud computing platforms.

He related to Salesforce announcing two nine figure ($100 million+) deals, and asked which was the last software company to do a nine figure deal?

“If you don’t think cloud computing is not here, think of the repercussions of that in this industry, it is profound,” he said.

“In that world of cloud computing, how do we do security with the perimeter? You’ve got to help customers move to that world for agility and competence and a set of capabilities that they don’t have. We want to be the company that helps customers move to the new world and also manage the old world, because what is true in this industry is how do you even pick [the right technology].”

McCormack claimed that if you “look in the eyes of a CISO and you see fatigue” this is due to time spent trying to keep disparate things running, and Forcepoint’s role is to help companies move to cloud computing and cannot get in front of the problem, and he said that it is untenable to keep stacking point products on top of each other and expect customers to integrate and deal with disparate technology.

“So we are going to drive a platform position that will take a lot of investment to deliver capabilities to make a meaningful difference to these problems, as they will exist tomorrow and five years from now, but we want to make a difference and be a company to help to make a change in the direction. That is a big charter and a big ambition and that is what we stand for.”

For the future, he was clear about the fact that this is a long-term project, but for now it is about delivering new solutions to deal with the insider threat, and solutions for securing a company’s cloud.

“We have ambitious plans on how to merge the Sidewinder and Stonesoft technologies together, and add those advanced services that Websense had available for its platform to bring into the intelligence system that we run (Threatseeker) and continue to deliver on what we did at Websense, he said. “It’s all about execution, and we have the financial profile to do this.”

What’s hot on Infosecurity Magazine?