Paul Fisher met up with the co-founder and CEO of Trend Micro, Eva Chen during a recent visit to London. A wide ranging discussion touched on financials, industry moves and trends, and the opportunities provided by the emerging markets of India and China.
SC Magazine I'd like to start by asking if the Q3 2007 figures were better or worse than you might have hoped?
Eva Chen It was better than what we projected but I always think we can do better.
SC Was this due to particular conditions? The security industry is probably tougher than maybe it was 12 or 18 months ago –is the performance a reflection on that?
EC Not really. Last quarter our growth was 24 per cent - pretty good. The industry average is not that high. We have the enterprise, the small to medium business and consumer business all growing very well.
SC Do you see more interest now from smaller businesses?
EC Yes and especially now that spam is a problem for them. They realise that in Asia, especially in Japan, the bigger companies will require their [smaller] vendors to comply with certain compliance standards like JSOX; otherwise they won't do business with them. In Japan we are seeing that the big customers will request, or even help their suppliers to make sure they are compliant for security. JSOX is a little bit different to Sarbanes-Oxley; there is a lot more emphasis on subsidiaries. The concept is the same but the emphasis is different.
SC The Cisco alliance -- is this purely a partnership, or is it something that we should see more of in the future?
EC Partnerships have always been part of our philosophy and our belief that security and networking have to go together. That's why we emphasise our alliances with Cisco. It's a good match.
SC Is it a concern that when you work with companies like Cisco, and maybe IBM and other giants that they may think, “well, thanks very much, we'll have that” -- they absorb your technology and come out with their own anti-malware solutions?
EC There's always that fear but we have to stay ahead - we need to. Trend Micro's philosophy is about staying focused and nimble -- something bigger companies and integrated suites cannot do. Two years ago you never heard anything about bots, but now you do, every day. And two years ago you never heard about web threats that mutate -- today you do.
SC People have been talking recently about China and India as the next big markets for info security. Is that something that you would agree with?
EC They're the fastest growing but there's some way to go before they become the biggest markets.
In India, we have been working with a lot of the outsourcing companies that have effectively become the IT departments of their clients. And the financial sectors of Beijing and Shanghai, with an obvious interest in security are big drivers.
SC Is it tough working in the Chinese market?
EC Yes, there are a lot of non-business issues you need to deal with, and different user behaviours. For example, selling software in China is very difficult, not just because of piracy problems - there's no channel that sells software, and therefore no channel for support.
So you need to build that infrastructure yourself. We've been in China for several years and we're probably the first profitable software company in China. We sell a lot of our appliances, because the Chinese like to have something solid in their hands that they can sell. Our InterScan web and gateway appliances are doing very well in China.
We also have a relationship with the biggest ISP in China similar to that with MSN and Hotmail protecting 300 million mailboxes in China. We also work with Shanghai Telecom delivering security outsourcing services to its customers.
Smaller companies in China don't know how to deal with security and don't want to. The people they trust most are private/public companies like Shanghai Telecom. Those types of companies are becoming very important partners in China.
SC Do you think you have a geographical advantage over some of the European or American companies, or does it make little difference?
EC Obviously we do have a language advantage because a lot of our engineers speak Chinese and the support is much easier. And because of the geography we were early entrants to the market.
I established a subsidiary in Beijing in 1991. We opened an office at the Beijing dancing school, because at that time there were no office buildings, so you had to go to the University and rent a classroom as your office. At that time my engineers loved to travel there because of all those dancing girls.
SC You're famous for being quite hands-on, or you were?
EC For better or worse, yes
SC You designed the virus wall in your house, is that right?
EC Yes, I was the inventor of the Internet InterScan virus wall and then later on the network virus wall. Even now it's like that -- whenever we have an idea that we want to work on. I live in Pasadena and it's a nice place, people like to visit, so I just assemble a group of people that live in my house. We work in my formal dining room as the initial prototype table. We call on our experts and build what we call a Version 1.0 development team. We assemble them together and come up with the first prototype. It's fun and also the most effective way to come up with a prototype.
SC Sometimes it's actually quite confusing to find what product is good for which type of threat and more particularly, what solution is right for a particular type of business. Do you think that in the industry everyone should do a bit more about trying to educate? A lot of enterprises obviously have big IT departments and they understand, but the smaller businesses don't, and they could end up buying the wrong thing for the wrong threats.
EC Actually Trend Micro's philosophy has always been channel focused, especially for the small business. If they try to buy everything themselves the reseller will act like the small business IT manager, so last quarter we launched something called Worry Free Remote Manager for the channel partner, that is we have the product suite Worry Free that the small business can use.
But not only that, we provide a tool for the reseller or the boss to be able to remotely monitor and manage their product for their end user, including all the updates, all the product updates, and all the new features they need to have.
The reseller can always do that for them. I do believe that the industry, not just the vendor, including the partner, the channels, need to provide that kind of service for the user, and it's my view that it's impossible for any vendor to provide everything and provide the services.
So for the small business the only one-stop solution is the reseller. Even Microsoft cannot provide everything. The channel is the only way for the small business.
SC Is it difficult to find the truth about the global threat level?
EC The problem is getting worse. Although you don't hear about virus outbreaks, actually there's more infection. A lot of user's machines have hacker tools installed that they don't know about. But we rarely go out and hype threats. A lot of this is not only true survey data, or like our House Call statistic, recently we've seen dramatic increases in the percentage of PCs that are scanned by House Call services and we found at least one or more viruses or Trojans in their computer.
SC You are, I think, the only woman CEO of an infosec company. Do you think the industry would benefit from a few more women?
EC I think so, sure.
SC Why is IT in general so very male dominated? What's wrong with the business that it doesn't attract more women?
EC I actually don't know why. If you trace back to your education, probably very few women graduated from computer science or from mathematical engineering, a much lower percentage, so that percentage carried on to the career in the industry.
I really think it's a pity because security is something that you need to understand the psychology of, and women are very good psychologists. You need to understand the hacker's psychology and imagine and think how would they work.
If there were more women in this security business, we might provide a better overall view of the world.