Throughout the Sphere 2024 event in Helsinki, WithSecure worked to paint a clearer picture of its path in enterprise security, with a focus on restoring trust in the mid-market with a standardized suite of cloud security solutions and services.
At the start of his opening remarks, Antti Koskela, WithSecure's interim CEO, says he wanted to do something different with the company's events, which is embodied in its tagline “No Common Security Conference.”
Explaining this in a conversation with ITPro, he explained that he wanted the WithSecure event to stand out from the crowd with a more clear focus on the big picture of cybersecurity. This was evident from the beginning of Sphere 2024, as thought leaders from outside the organization dominated the keyword pool.
The term “shared security” has come under some scrutiny in the past for lacking a clear definition. But at Sphere 2024, the company has relied on this as a symbol of its collaborative approach with its partners and customers. Through its announcements at the event, WithSecure laid out its strategy and emphasized the opportunities it can capitalize on along the way — a far cry from the company's lack of direction just two years ago.
Shared security as a unique selling point
The key product launches at the event added context to the term, all of which fall within the company's cloud-leading Elements Cloud platform. Each is framed in terms of how it fits into this vision of collaboration between WithSecure, its partners, and the end user.
Koskela explains how Elements Cloud embodies their shared security goals with a collaborative, modular security platform targeting mid-sized enterprises. He believes this approach sets WithSecure's offerings apart from some of its larger competitors.
“Often, in security, in the big company playbook, you buy tools and hire teams that work 24/7, and then you have a huge security operations center. So the minimum is usually seven people and the cost ranges from That's between $700,000 to $1,000,000 just for the cost of people, and these medium-sized companies don't have that kind of money.
In contrast, Koskela explains that WithSecure is targeting a model where these mid-sized organizations have access to their shared security services as standard capabilities as part of Elements Cloud, while still being able to offer the software as a standalone solution for those who don't. You do not need additional support.
“The key word is modularity, so we modify our model according to the way our partner wants to work,” he tells ITPro. “Some of our partners are just ‘managed service providers’ (MSPs), which are security providers and don’t need anything from us, they just take the software – and that’s perfectly fine.”
Koskela compares this approach to that of WithSecure's biggest competitors, which he says makes customers pay for a complex web of products that they lack the staff to properly utilize.
“[Organizations]in the middle market usually have one IT person looking after them,” he points out, adding, “When you buy big volume licenses… you're on your own and you end up buying a lot for services…
“Because once the license guy sells it, you never see it again, and then you need to call a service partner to actually run the (Security Operations Center) (SOC) for you, and that's going to cost you.”
Going forward, WithSecure will position itself as a more flexible enterprise security option for mid-sized businesses, Koskela says. Its modular approach and ongoing support will be available either internally or through partners.
In that sense, WithSecure's efforts to articulate where it sees the future of the business have been largely successful. The strategy itself looks to position the company well within the security market, given the ongoing issues small businesses face in managing a complex attack surface in an increasingly hostile threat landscape.
The company's other segments — WithSecure Consulting and Cloud Protection for Salesforce, remaining from the split with F-Secure in 2022 — are separate from its Elements strategy. Koskela adds that WithSecure will continue to look for strategic options in this area and does not rule out the possibility of divestment in the future.
A limited approach to design for generative artificial intelligence
The biggest announcement of Sphere 2024 was the official launch of WithSecure's Luminen generative AI platform, which Koskela says will be a key part of the company's mid-market appeal.
Luminen will be natively integrated into Elements Cloud and promises to bring an intuitive human user experience to security dashboards, enhancing situational awareness through natural language explanations of security events.
This sounds very similar to many other AI games we've seen in the security industry over the past few years, like Copilot for Security or Gemini in Security Command Center. But WithSecure's approach aims to largely avoid the AI hype and make direct comparisons with ultra-scalable AI tools, with an emphasis on cost-effective value.
Carefully calling it a generative AI “experiment,” Koskela explains that WithSecure doesn’t want to be seen as an addition to the pile of other security AI assistants in an already crowded market. Luminen aims to provide a more integrated experience without the security risks associated with chatbots.
To achieve this, WithSecure says it will “take ownership of the prompt,” with Luminen preventing users from entering custom prompts to reduce the risk of hallucinations. Instead, customers choose claims that are generated internally and rooted in their enterprise data.
This not only removes the opportunity for malicious actors to jailbreak the system using quick engineering techniques, but also ensures that Luminen's capabilities are only enhanced when they are truly needed.
The rush to get into the generative AI boom has led to a number of products arriving on the market without a clear business use case, and Koskela said he doesn't want Luminen to fall into the same trap, citing sustainability concerns associated with generative AI. Artificial intelligence and its intensive data requirements.
It's a refreshing approach in an incredibly saturated space, reflecting a cautious attitude toward new technologies that lack nuanced value propositions. WithSecure is clearly looking to address its customers' concerns when it comes to the security or energy impact of generative AI, having made sure to limit Luminen to mission-critical and valuable tasks.
This was repeated throughout Sphere 2024, as WithSecure executives worked to avoid vague promises about what might be possible in the future.
WithSecure's thoughtful approach to entering the generative AI market reflects new clarity around its corporate security strategy. With Elements Cloud targeting mid-sized enterprises with a flexible ecosystem of cloud security software and services and a live generative AI platform aimed at simplifying security management, WithSecure has made significant progress in demonstrating a viable strategy to compete in the enterprise security space.
