Welcome to another episode of ExtraMile by HiTechNectar, an in-depth interview series featuring insights from industry trendsetters, discussing the latest in technology, cybersecurity, marketing, and more.
In this episode, we are excited to host Mr. Sumedh Thakar, the President and CEO of Qualys, a pioneer in cloud-based security and compliance solutions.
With over 21 years of experience at Qualys, Sumedh has been instrumental in the company’s growth and innovation in cybersecurity. He highlights his journey from engineer to CEO, discusses the evolving landscape of cybersecurity, and shares how Qualys continues to lead the market with cutting-edge solutions.
Join us for an enlightening conversation on the future of cybersecurity and the importance of robust security frameworks in today’s digital world.
Hello Sumedh! Greetings for the day!
Q1. You joined Qualys in 2003 as the VP of Engineering, rose to Chief Product Officer, and today, you’re the President and CEO. How has your journey within the company evolved, and what key milestones have you achieved in driving Qualys’ growth?
Ans. My Qualys journey has been a transformative experience. I’ve been with the company for over 20 years, starting as a software engineer and growing into product management, support, and operations roles before stepping into the CEO position three years ago. Like many long-term employees here, I’ve had a personally fulfilling journey shaped by opportunities to take on significant responsibilities, regardless of tenure or title.
Philippe, our founder, instilled a culture where potential mattered more than position. He empowered individuals who demonstrated the capability and desire to make an impact, which helped shape some of the great leaders we have today. I’ve had the unique experience of doing nearly every job at Qualys, and that’s been an incredible learning journey, which I believe is invaluable in my role as CEO. Stepping into this role has offered a completely new perspective on running a global, public company, building on the principles of innovation and empowerment that have defined my career at Qualys.
I have a deep passion for product and consider myself an engineer at heart. Over the years, I’ve had the opportunity to personally work on and expand Qualys’ platform capabilities, driving innovations like our end-to-end security solution, VMDR (Vulnerability Management, Detection and Response) with integrated patch and cybersecurity asset management. This focus on product excellence has been a cornerstone of our growth strategy from day one. Our unwavering commitment to innovation and customer satisfaction has been the driving force behind Qualys’ success.
It was through listening to our customers’ needs that we came up with our latest innovation. We just launched the Risk Operations Center (ROC), redefining cyber risk operations for organizations by unifying diverse security solutions for prioritization and actionable remediation. As the attack surface expands, many of our customers have added additional security tooling to their environments, which makes managing their overall business risk much more challenging. The ROC is designed to streamline and ease that process. This isn’t just a new cybersecurity tooling; the ROC is a transformative way of thinking about risk to your business.
Q2. 2024 is Qualys’ 25th anniversary. What changes and transformations have you witnessed in the field of cybersecurity and what is your vision for Qualys staying ahead of these trends in the next 25 years?
Ans. The cybersecurity landscape has matured dramatically over the past two decades. We’ve witnessed the rise of cloud computing, IoT, mobile technologies, and AI, each bringing new challenges and opportunities. Qualys has consistently adapted to these changes by investing in research and development, building strategic partnerships, and expanding our product portfolio. In the past 12 months, we deployed over 78 million patches, significantly reducing attackers’ access to critical digital assets. We’ve provided our customers with aggregated risk factors from 73,000 vulnerability signatures and over 25 sources of threat intel, achieving an 85%+ reduction in critical vulnerabilities.
In the past year alone, we’ve made significant strides in both cloud security and AI security, two key areas where businesses are investing tremendously. As organizations have increasingly integrated AI and large language models (LLMs) into their operations, we realized that we needed to secure this burgeoning new technology. Our new solution, TotalAI, specifically addresses the Open Worldwide Application Security Project (OWASP) top 10 most critical risks for LLM applications, so companies can securely leverage the benefits of AI while upholding stringent security standards.
After 25 years, we’re more committed than ever to helping companies measure, communicate, and eliminate cyber risk. Our commitment to innovation has enabled us to stay ahead of the curve and will allow us to continue delivering comprehensive security solutions into the next 25 years and beyond, ensuring our customers remain protected no matter what lies ahead.
Q3. Qualys has a subscriber base of over 10,000 and currently serves the majority of the Forbes Global 50. How do you ensure customer satisfaction while consistently delivering cutting-edge services to your clients?
Ans. Our customer-first philosophy is at the core of everything we do. With over 10,000 subscribers and a strong presence in the Forbes Global 50, we understand the critical role we play in our customers’ security posture.
We’ve built long-term partnerships with some of the world’s biggest and most trusted brands by fostering strong relationships, actively listening to their feedback, and consistently delivering value through our solutions. These partnerships are more than transactional; they are the cornerstone of our success. Our customers are not only users of our software—they are collaborators in our journey. Many of them have been with us for 10, 15, or even 20 years, providing invaluable support and insights that have shaped what Qualys is today.
Ultimately, our role is to enable our customers to focus on their core business objectives while we help reduce their cyber risk. And our commitment to research and development ensures that we stay ahead of the curve, providing our clients with the most advanced cybersecurity tools and services.
Q4. AI is often seen as a vulnerable component in technology due to data exposure and increasing data breaches. How did Qualys come up with the idea of leveraging AI to standardize cybersecurity practices and introduce Qualys TotalAI?
Ans. The rapid advancement and adoption of AI, particularly large language models (LLMs), has created immense potential while introducing significant security risks. Many organizations struggle to manage these risks due to a lack of visibility into AI systems, their vulnerabilities, and associated compliance challenges. Recognizing this critical gap, Qualys developed TotalAI, a solution designed to protect AI workloads and ensure secure deployment within the broader enterprise environment.
TotalAI advances the Qualys Enterprise TruRisk Platform, focusing on de-risking generative AI and LLM usage. The solution provides a holistic approach by automating AI asset discovery, conducting vulnerability assessments, and identifying risks such as data leaks, injection attacks, and model theft. Its point-and-shoot simplicity enables businesses to secure their AI investments confidently while comprehensive risk assessments certify AI systems for production use.
As part of the ROC framework, TotalAI integrates AI security into enterprise risk management. By aligning AI protection with broader security and compliance strategies, Qualys empowers organizations to mitigate emerging threats, while still facilitating innovation and preserving trust.
Q5. Qualys has received numerous recognitions, including being ranked #1 in Vulnerability Management and leading the Worldwide Vulnerability Assessment market. What strategies and innovations have contributed to its sustained success and industry leadership?
Ans. Our ongoing success and leadership in the industry reflect our strong dedication to innovation and customer satisfaction. By anticipating market trends and evolving customer needs, we’ve consistently delivered groundbreaking solutions that address the most pressing cybersecurity challenges. When other vulnerability management companies were focusing on identifying threats, we disrupted the industry by pioneering integrated patch management in our platform to help customers eliminate those threats. We are once again innovating with the ROC, delivered by Qualys Enterprise TruRisk Management, recognizing that organizations do not need more dashboards, but an easy, streamlined way to view risk to their entire enterprise in a holistic, prioritized way.
Our talented team of cybersecurity experts, coupled with strong partnerships, has been instrumental in driving these innovations and ensuring our continued leadership in the market.
Explore Our Other Insightful Interview:
How Docutain is Advancing Document Management: A Conversation with Marvin Frankenfeld
