Skip to main content
    Back to Podcasts

    OT and IoT Ecosystem Security Trends for AI Enterprises

    BM
    Barry MainzForescout Technologies Inc. — Chief Executive Officer
    0 views
    Share:

    In this crucial discussion, Sugata Sanyal, Founder & CEO of ZINFI, sits down with Barry Mainz, CEO of Forescout Technologies, to dissect the Next Frontier of OT/IoT Ecosystem: AI & Cybersecurity. Barry Mainz highlights how the threat landscape has dramatically shifted, noting that the exposure of Critical Infrastructure Protection is growing exponentially due to legacy vulnerabilities in OT devices. The conversation introduces how Forescout is adapting its Forescout Security platform and evolving its Channel Partner Strategy to meet the new demands in sectors such as manufacturing and oil & gas. Mainz also offers deep insights into shifting C-level priorities, where Cybersecurity Metrics like ARR and GDR now dominate. The discussion concludes with insights on the ROI of AI and the next major threats: Quantum Computing and Agentic AI. This is a must-listen for understanding the intersection of digital transformation and physical world security.

    TL;DR

    Forescout CEO Barry Mainz explores the evolution of cybersecurity from simple network access control to sophisticated OT/IoT ecosystem protection. The discussion covers how corporate culture drives innovation, the impact of AI on threat landscapes, and the critical importance of being a 'best learner' in a rapidly changing global security environment.

    "In a fast-moving industry like cybersecurity, you are either getting better or getting worse; there is no staying the same, and the best learners always outperform the smartest people."

    — Barry Mainz

    What We Discussed

    The Evolution of Network Access Control

    Forescout began as a pioneer in Network Access Control (NAC) over two decades ago. Initially, the focus was simple: verifying user compliance before allowing a network connection. However, as the digital landscape changed, the company platform expanded into a Network Operations Security Center that manages complex environments for the world's largest organizations. This evolution reflects the broader shift in the tech industry from simple gatekeeping to continuous monitoring and visibility across all connected assets.

    • Forescout has maintained a presence in the tech market for over 25 years.
    • The company reached a major turning point 12 years ago when network compliance became a top priority for businesses.
    • Transitioning from a public to a private equity model allowed for deeper strategic shifts in the product roadmap.
    • The platform now supports massive private and public companies by providing comprehensive network security.
    • Modern security requires moving beyond checking users to managing a vast ecosystem of devices.
    • The current goal is to provide a central hub for network operations and security management.
    • Staying relevant for decades requires a constant reinvention of core technologies and services.

    Securing the IoT and OT Frontier

    The rise of Internet of Things (IoT) and Operational Technology (OT) has fundamentally changed the security perimeter. These devices often lack the security features found in traditional computers, making them prime targets for hackers. Forescout has moved to address these worrisome issues by aligning its growth with these secular trends. Organizations must now account for everything from smart building sensors to industrial machinery on their networks to prevent unauthorized access.

    • The growth of IOT and OT devices has significantly increased the risks faced by modern enterprises.
    • Securing operational technology is now just as critical as securing traditional IT infrastructure.
    • Many IoT devices are headless assets that cannot run traditional antivirus or security agents.
    • Forescout's growth is directly tied to the secular trend of hyper-connected physical devices.
    • Visibility is the first step in protecting a network from vulnerable IoT endpoints.
    • Large organizations require a unified platform to see and control these diverse device types.
    • The complexity of these environments is a primary driver behind the rapid growth of the security sector.

    Culture as a Competitive Advantage

    In a fast-moving field like cybersecurity, a company's culture determines its longevity. Barry Mainz explains that culture is not just a buzzword; it is a blueprint for operation and problem-solving. At Forescout, the culture emphasizes that it is okay to be wrong as long as you are the best learner in the room. This mindset fosters innovation and allows the company to adapt when technological 'lightning' strikes the market again.

    • A successful company culture must be embedded in daily routines and guiding principles.
    • Being a best learner is more valuable than being the smartest person in the room.
    • Companies must accept that they are either getting better or getting worse at all times.
    • A culture of adaptability allows a 25-year-old company to behave like a nimble startup.
    • The 'new car smell' of a company's culture often fades after six months without active maintenance.
    • Corporate values should align with the next journey the company plans to take.
    • Solving complex problems requires a baseline of strong morals and high personal standards.

    The Power of Velocity and Execution

    Strategy is nothing without the ability to execute quickly. Mainz highlights the value of a B+ plan with high velocity over a perfect A+ plan that takes too long to launch. In the world of nation-state threats and AI-driven attacks, the ability to tweak and tune a strategy in real-time is vital. This focus on speed and agility ensures that security providers can keep pace with global adversaries who are constantly changing their tactics.

    • Execution velocity is often more important than having a perfect initial strategy.
    • A B+ plan allows for real-time adjustments based on market feedback and emerging threats.
    • Waiting for perfection can lead to stagnation in a rapidly evolving tech landscape.
    • The ability to tune services on the fly is a key component of modern network defense.
    • Security teams must move at the speed of the attackers to be effective.
    • Strategic guiding principles help teams maintain focus while moving at high speeds.
    • Continuous improvement is the only way to stay ahead of sophisticated cyber threats.

    Frequently Asked Questions

    Forescout has evolved from a network access control company into a holistic network operations security center. They focus on securing the largest public and private organizations by managing the risks associated with IoT and OT devices.

    Culture serves as the blueprint for how a company operates and solves problems. A culture that embraces change and learning allows a company to survive for decades while catching new 'lightning in a bottle' as technology shifts.

    Security has moved beyond just checking if a user is compliant before they connect to a network. It now involves managing massive ecosystems of connected devices that don't always use traditional operating systems.

    Secular trends are long-term market movements, such as the explosion of IoT devices and the rise of AI. Aligning a company's growth with these trends ensures relevance in a shifting global market.

    It means prioritizing the ability to absorb new information and pivot quickly over relying on existing expertise. This mindset is essential in cybersecurity where threats and technologies like AI change almost daily.

    These devices often lack standard security agents and are difficult to monitor using traditional methods. Their proliferation expands the attack surface, making it harder for organizations to maintain complete visibility.

    He believes a B+ plan with a focus on 'velocity' allows a team to tweak and tune their strategy along the way. Waiting for a perfect A+ plan often results in missed opportunities and slower responses to market changes.

    Yes, it is one of the most complex and fastest-growing areas in tech due to global diversity and nation-state involvement. The constant introduction of new technologies like AI ensures that security must also continually evolve.

    For Forescout, moving from the public market to private equity about five years ago allowed them to refocus their strategy. This shift helped them align with new trends and transition into a broader security platform.

    The company uses a 'comply then connect' philosophy to verify the security posture of a device. This ensures that only authorized and secure devices gain access to sensitive corporate resources.

    Key Takeaways

    Security FocusShift from basic compliance to advanced network operations security.
    Culture PriorityPrioritize continuous learning over knowing all answers.
    Security PerimeterSecure the new, large perimeter created by IoT and OT devices.
    Execution SpeedDeploy a good plan quickly rather than a perfect plan slowly.
    Company SurvivalCultivate adaptability as the most critical survival trait.
    Global SecurityAlign global trends with platform growth to secure enterprises.
    Threat ResponseUse strategic culture as a guide for complex nation-state threats.
    Ecosystem Analysis