Cloud Security , Security Operations
AWS Snags Skyhigh's Gee Rittenhouse to Run Security Business
Ex-Forcepoint CRO John DiLullo to Lead STG-Owned Skyhigh Security on Interim BasisAmazon Web Services hired the former leader of Skyhigh Security and Cisco's security business to help organizations protect their data and applications in the cloud.
See Also: runZero Recognized as a Customers' Choice in 2024 Gartner® Peer Insights™ Report for CAASM
The Seattle-based based public cloud powerhouse brought Gee Rittenhouse onboard after he spent more than two years as CEO of San Jose, California-based security service edge vendor Skyhigh, where he helped the Symphony Technology Group-owned company separate from the Trellix endpoint security business and forge its own brand. Prior to that, Rittenhouse spent more than three years leading Cisco's cybersecurity unit.
"AWS is renowned for its commitment to providing industry-leading cloud security, and together with our partners, I'm looking forward to building on this incredible foundation and solving our customer's hardest security problems," Rittenhouse wrote Monday on LinkedIn.
STG Operating Executive John DiLullo has assumed Rittenhouse's responsibilities at Skyhigh on an interim basis while the company completes its search for a new CEO, a spokesperson said. DiLullo spent 22 months as chief revenue officer of Francisco Partners-owned Forcepoint and served as CEO of Lastline Security and LiveVox before they were acquired by VMware and Nice Systems, respectively (see: Skyhigh Security CEO on Taking a Data-First Approach to SSE).
"I'm looking forward to building on this incredible foundation."
– Gee Rittenhouse, vice president of enterprise security, Amazon Web Services
The last day for Rittenhouse at Skyhigh was Feb. 29, and DiLullo officially started at the company the following day. The only executives listed on Skyhigh Security's website are Chief Customer Officer Abhay Solapurkar, CFO Anthony Sjostrom, CIO Siva Chidambaram and Chief Human Resources Officer Kristen Wynne. AWS didn't immediately respond to an Information Security Media Group request for comment.
"After an incredible two-year journey as CEO of Skyhigh Security, today I'm stepping down," Rittenhouse wrote on LinkedIn on Monday. "I'm immensely proud of what we were able to accomplish together, from launching the company to producing an industry-leading security platform."
How AWS' Security Business Compares to Rivals
AWS' security practice has flown under the radar in comparison to competitors Microsoft and Google, but the company has been more open in recent months about how it protects the public cloud. The firm sends takedown requests to the administrators of servers that host active malicious programs in an hour without any human involvement and turns virtual servers into hacking lures once clients are off them.
The Washington Post reported in September that Amazon's honey pots can be configured to look as if they are hosting variations of programs known to be under attack at any given time. Amazon helped mitigate the Volt Typhoon attacks on critical infrastructure that Microsoft spotted and attributed to China, as well as the router compromises blamed on the elite Russian government hacking squad Sandworm.
"We have a net footprint larger than any other cloud provider," Amazon Chief Security Officer Steve Schmidt told The Washington Post in September. “There have been several situations where we have produced the pivotal component in a CISA advisory.”
Security tools from AWS include Inspector, which scans Amazon EC2 instances and container images for software vulnerabilities and unintended network exposures, and GuardDuty, which monitors AWS accounts and workloads for malicious activity and delivers findings for visibility and remediation. Plus, AWS Security Hub provides a view of a customer's security status by tapping into AWS and third parties.
"Two of the best AWS security features are their excellent implementation of security groups (firewalls) and granular IAM," Securosis CEO Rich Mogull told CSO in 2022. "AWS is usually the best place to start, where you run into the fewest security issues.”
How Skyhigh Security Fared Under Gee Rittenhouse
At Skyhigh Security, Rittenhouse eschewed a network-centric approach to security service edge and instead focused on applying consistent policies around how data is treated across its ZTNA, SWG and CASB offerings. Rittenhouse said Skyhigh focused on safeguarding data as it migrates from a centralized data center to cloud platforms and the shift by users from working on corporate-owned to unmanaged devices (see: How to Protect Data as Cloud Migration Accelerates).
The Skyhigh Security brand debuted in March 2022, and the company was recognized by Gartner later that year as a leader in security service edge alongside Netskope and Zscaler. But Palo Alto Networks replaced Skyhigh atop Gartner's security service edge leaderboard in 2023, and Skyhigh joined Forcepoint and Lookout in the visionaries category as its execution ability declined.
Gartner said Skyhigh's presence in the market and channel program were weaker than competitors, adding that the company hadn't demonstrated significant advancement in its portfolio. On the other hand, Gartner lauded Skyhigh for excellent data security capabilities, a robust and mature set of security controls, a large catalog of risk-rated SaaS apps, and for adding SaaS security posture management.
"Skyhigh Security today is not represented on many Gartner client RFPs and shortlists despite the feature set of the solution," Gartner Senior Director Analyst Charlie Winckless wrote in April 2023. "The split of business from McAfee Enterprise into and between Skyhigh Security and Trellix has disrupted Skyhigh's sales motion and has had an impact on its growth."
Skyhigh's headcount has fallen to 611 employees, down nearly 6% from 647 workers last year, according to IT-Harvest. About 45% of Skyhigh's staff is located in India, and 27% are in the U.S., 10% in Germany, 6% in the U.K. and the rest spread across Australia, Japan and France. Skyhigh generated $159.6 million in revenue over the past year, and sales are slated to grow by 10% over the next quarter, IT-Harvest found.