Paul AndersenPaul Andersen is the Director of Marketing at Array Networks. He has over 15 years’ experience in networking, and has served in various marketing capacities for Cisco Systems, Tasman Networks and Sun Microsystems. Mr. Andersen holds a Bachelor’s Degree in Marketing from San Jose State University.

What does your role as Sr. Director of Marketing at Array Networks entail on a day-to-day basis?

Number one is managing the activities of the team, keeping everybody coordinated and pulling in the same direction. I judge the portfolio of sales and partner enablement and lead-generation activities, and work with the team to gauge effectiveness and course correct as needed.

The remainder of my time is split between PR and analyst relations, working with the sales team and upper management for alignment, customer and partner engagement, and strategic planning for future product and marketing direction.

After a stint as marketing manager at Array Networks from August 2004 to August 2008, you left to work at Cisco Systems in a number of capacities. What led you to return to Array Networks early in 2011?

A colleague and mentor recruited me with the prospect of building and running the marketing department at Array. Moving from an individual contributor role in my first go-around, to shaping my own team and strategies in a director level position. My decision to accept was based on wanting to have a more direct connection between my activities and the impact on the business. Cisco provided many opportunities and is a great organization; however, at Array the connection between marketing activities and revenues is a direct line.

CCNA Training – Resources (Intense)

What do you find most enjoyable about your job, and what is the greatest cause of frustration?

The most enjoyable aspect is discovering a marketing activity or messaging that resonates with prospects and moves the needle in terms of pipeline. This is when the marketing team and the sales team high-fives and you feel like you’re doing your job. That and working with satisfied customers on marketing activities and seeing a new partner ramp and start making money.

Frustration is largely due to goals outweighing our capacity to execute. We are a small team, but a good team, oftentimes we have to back-burner some things we really want to do, or accept the fact that some things will take longer than we’d like.

Your company offers solutions that can help improve application availability, performance and security–optimizing traffic from any cloud or data center. For prospective customers who are concerned about preventing Heartbleed, man-in-the-middle, Shellshocked and other recent Open SSL-related vulnerabilities, how can a proprietary SSL solution help?

There are a few things to consider here. The root of the issue is the OpenSSL technology that many vendors use as a component of their products. OpenSSL is open in more ways than one. It contains and exposes many functionalities because it is designed to be leveraged by a broad cross section of organizations; this translates to a greater number of potential attack vectors. In addition, due to more frequent releases for this open source technology, there is far greater complexity in diagnosing and remediating vulnerabilities when they do occur.

Originally, Array Networks created a proprietary SSL stack for the purposes of performance. Our application delivery controllers (ADC) and secure access gateways (SSL VPN) needed to support the needs of the biggest enterprises and online Web portals. To get the levels of performance and scalability we needed in handling secure traffic, we needed a stripped-down SSL stack built to optimize performance. Because Array’s SSL stack is not publicly available, and includes very few potential attack vectors, the likelihood of exposure to vulnerabilities is greatly reduced.

What unique value proposition does your company offer that should compel would-be customers to choose Array Networks rather than another product/service provider?

We like to say that our solutions are simple yet scalable, powerful yet cost-effective. What this means is, there are plenty of medium enterprises that have more robust requirements for reliability, scalability and advanced features, but at the same time, may not have specialized IT teams or unlimited budgets.

Array is ideal for these organizations because we deliver a product that is as robust as some of our larger competitors, but our management experience is one that can be learned by any member of the IT department and our cost is often close to half the cost of alternative solutions.

From a technology perspective, Array is introducing some very unique solutions in the area of virtualization. Our new virtualized appliances are delivering the agility of cloud and virtualization with the performance of dedicated appliances, giving enterprises and cloud providers the best of both worlds.

In your opinion, are companies generally aware of the cyber security threats that are ever present these days?

In many ways, no. A couple of things I’m seeing. There is an over-reliance on vendors these days. This goes for networking, but also security as well. Too much trust or responsibility placed into the hands of vendors creates a situation where IT may not have a fundamental understanding of their security posture or where their vulnerabilities lie. Breaches become a game of finger pointing between vendors, with IT caught in the middle.

Another thing, is there is a bit of uniformity cropping up around certain vendors and deployment models. Hackers understand that if they can penetrate a certain product or deployment model, it will likely work on a number of other institutions that have implements similar architectures at the recommendation of the same group of vendors. Thinking differently, and choosing best-of-breed vendors is a great way to make your architecture just different enough to buy yourself time in the event of a new wave of attacks.

How can companies go about building a corporate culture that includes cybersecurity awareness, and who should lead the charge?

Probably one of the hardest things to account for is pilot error. Social engineering can undo much of the great work put into cybersecurity. While there needs to be some real consequences for users with poor habits, what should not be punished or discouraged is the ability for employees to ask questions with respect to security and/or come forward if mistakes have been made. Striking the appropriate balance and creating a security minded culture must start with management, leading through example with their actions.

What common mistakes do businesses make that could leave them vulnerable to being targeted by cyber criminals?

There are many. Giving in to the demands of the organization, lowering security standards in order to increase productivity or lessen complaints from management or various departments. Being remiss in managing access rights for workers, partners and customers that are no longer with the organization. Providing access rights to individuals, without proper vetting. Allowing unfettered use of cloud services and allowing the proliferation of shadow IT; the ability for corporate data to escape the organization and have no awareness that it has happened.

Are there trends in the cybersecurity space that, while not on the radar in a big way right now, could present major problems down the road?

SSL and encryption are becoming more and more ubiquitous. For instance, Google is giving preferred rankings to HTTPS sites and applications. As more and more traffic is encrypted, less and less traditional security solutions are able to look into the traffic and do their jobs. There will be an increasing need for solutions that can encrypt and decrypt traffic at scale in order for security solutions to “spot check” traffic.

What sort of advice would you give to a college or university student who wants to get into the IT/IS space post-graduation?

Begin cultivating a sense of what areas of IT or security interest you. The earlier you begin charting your own course the better. Increase the chances of finding an opportunity that you are both good at and passionate about by networking and immersing yourself with experienced, like-minded professionals.