HP Readies Security MSP Program, Inks Big Deal With CSC

Top executives in Hewlett-Packard's security business have launched a multimillion dollar channel sales offensive with a soon to be released managed security services program that has already attracted a $15 million investment from systems integration giant Computer Sciences Corp.

In an exclusive interview with CRN, the company's top channel executives said the new MSP channel program for HP's ArcSight security, information and event management appliances and its Fortify security software business will be formally launched in the next six months. HP says it already has about 55 MSPs that are interested in partnering on the security subscription-based offering including $16 billion services behemoth CSC.

The channel restructuring and MSP program launch is being overseen by two executives with a long history in the security industry: Rick Hanson, vice president of global sales and field operations at HP Enterprise Security, and Eli J. Kalil, vice president of HP Enterprise Security global sales channels. The two men, both former executives at RSA, now the security division of EMC, were brought in by HP in mid-2012 to overhaul its partner program, which they say had been stymied by various acquisitions over the years.

[Related: 2013 Partner Programs Guide: Security Vendors ]

Kalil said he and Hanson are passionate about building out strong relationships with managed security service providers, where the industry is seeing much of the growth. "We believe MSPs and especially security MSPs are primed to deliver our security in subscription-based model to small and medium enterprises," Kalil said.

The duo's initial move was to implement an aggressive new pro-channel compensation model for security software that went into effect last Nov. 1. The change not only pays HP's 420 security software direct sales reps 110 percent for all sales that go through HP solution providers but also gets those direct sales reps more quickly to quota and compensation accelerators.

"It was total channel conflict last year before we made the change," said Hanson. "It was a big investment we put out there monetarily to do this. But when you are kicking off and want to put adrenaline in the channel program, this is what you have to do."

Sam Visner, vice president and general manager of cybersecurity at Falls Church, Va.-based managed services provider CSC, said the company believes in HP and its vision around threat detection and intelligence gathering via its ArcSight SIEM appliances. HP not only provides technology to CSC but also gives the firm access to development and support teams, Visner said.

"It provides an excellent environment for event correlation and analysis," Visner said. "The company has shown it is putting research and development resources into its products to sustain a modern capability."

CSC is both deploying ArcSight for individual customers and using the SIEM in its own architecture and infrastructure in its security operations center. ArcSight integration with CSC's homegrown tools and connectors to third-party products gives CSC added flexibility, Visner said.

"Sometimes the market wants to manage security in-house, but we are approaching them to get them to let us architect, engineer and integrate their security operations center and cyber infrastructure," he said. "There's a lot of homemade solutions, but the foundation of that architecture is the standard SIEM."

NEXT: Former Symantec Executive Heading Security Unit Changes

The need to strengthen HP's partner program around its security units was identified by Art Gilliland, a former Symantec executive who took the position of senior vice president and general manager of Enterprise Security Products in July. HP executives said that neither the Fortify application security unit nor its ArcSight network security appliance unit has a channel program behind it, forcing HP to rely on direct sales and support teams for growth and services.

HP's Hanson and Kalil each have less than a year on the job at HP and were brought in by Gilliland to build a robust channel program. In addition to the generous incentive program, the company stopped hiring direct-sales reps for the organization and instead invested in people to support the channel organization, Hanson said. Every sales rep is now evaluated against how many indirect sales are brought in via channel partners and HP's two-tier distribution program.

"The goal is to become a billion dollar software industry player," Kalil said. "We are building value with our partners in a very methodological a way."

Currently revenue for HP's software business is slightly under $700 million.

Instead of signing up six distributors and thousands of resellers, the company is attempting to recruit partners that can be certified on ArcSight and Fortify software and make a commitment to sell and maintain the software and appliances. In order to be admitted into the program, new partners must have a security practice, sell complimentary product lines and have certified security professionals on staff.

"Setting tenants that partners must meet makes our program a bigger value to be part of," Hanson said. "There's a bar to get in, and they are proud to be part of it, and that should help make the investment pay off."

The overhauled channel program begins with HP's two-tier distribution system, which 95 percent of resellers will use for procurement, Kalil said. Tarrytown, N.Y.-based Westcon Group is the company's largest global distributor. The team maintaining HP's relationship with systems integrators is also being bolstered.

The final part of the new program is focused on large account resellers such as Vernon Hills, Ill.-based CDW, where HP can domestically build out its large account reseller program.

Hanson, who has been in security since the early 1990s, worked with Kalil for 14 years at RSA. Hanson said he learned how to build a channel, putting in the intricate pieces needed to foster sales growth through partners.

"We're creating a channel culture in a place that was once a direct culture," Hanson said. "With a company as big as HP, we had to have collaboration from the CEO all the way down to the street to make it work, and it's all pretty exciting."

HP partners are welcoming all the changes made in recent months. The announcement of the departure of Executive Chairman Ray Lane, who supported former CEO Leo Apotheker and the acquisition of Autonomy, is being seen as a sign that the organization is resolute on strategy changes.

Partners very likely would be able to capitalize on the increased interest in security technologies, but the program needs to provide enough support, said Winston Kriger, a longtime HP 3000 mainframe programmer and president of Austin, Texas-based consultancy Cactus Technology, an HP partner. Kriger said healthcare organizations are trying to protect sensitive data and applications, driven mainly by HIPAA compliance.

"Customers are worried about meeting industry standards or they're trying to protect their reputation," Kriger said. "More clients are recognizing that in many cases the law requires that sensitive data be secured."

PUBLISHED APRIL 19, 2013