Barry Mainz, a cybersecurity veteran with over 20 years of experience, revealed insights on the evolving cyber threat landscape and the growing importance of OT security. He reported that attacks targeting mobile devices, AI-driven exploits, and emerging post-quantum cryptography risks are reshaping security priorities.

You’ve held leadership roles across multiple technology companies. What attracted you to cybersecurity, and specifically to Forescout?

I have been working in security for approximately 20 years, spanning both functional security and cybersecurity domains. Early in my career at Wind River, which was later acquired by Intel, I focused on embedded IoT and OT software, helping build secure platforms that made it more difficult to design insecure systems. This experience demonstrated how foundational security must be when dealing with connected devices.

When I transitioned into cybersecurity more broadly, I identified a significant gap: organizations lacked visibility into all devices on their networks, particularly non-traditional IoT and OT devices that cannot be secured through traditional agent-based approaches. Forescout addressed this challenge effectively.

Today, we secure hospitals, airports, energy grids, and financial institutions, essentially the critical infrastructure that affects millions of lives. This real-world impact and sense of purpose attracted me to Forescout and continue to drive my commitment to delivering enhanced solutions for our customers.

Forescout was founded in 2000. What key milestones have led to its current global presence?

Forescout’s evolution can be divided into three major phases.

The first phase focused on network access control. In the early 2000s, mobile devices were proliferating rapidly, the traditional network perimeter was dissolving, and companies required methods to control network access. Forescout provided the foundation for organizations to enforce compliance and reduce risk at the point of entry.

The second phase centered on asset visibility. As IoT and OT devices entered networks, many could not support agents, devices such as factory controllers, surveillance cameras, and medical equipment. Organizations needed visibility into these assets to understand associated risks. Forescout delivered this capability, fundamentally changing the security landscape.

The third phase, which represents our current focus, involves AI-driven risk insights. Customers require more than visibility; they need context, prioritization, and automation. AI enables us to provide actionable intelligence, from identifying vulnerabilities to preparing for post-quantum encryption challenges. This evolution has enabled us to maintain relevance and expand globally.

AI is often considered a buzzword. How is Forescout genuinely leveraging AI in cybersecurity?

For us, AI represents practical problem-solving rather than marketing hype.

One application is compliance reporting. Traditionally, compliance audits require hundreds of staff hours annually. Through AI, we can generate reports automatically, validate data, and recommend remediation, significantly reducing time investment and minimizing errors.

Another application involves post-quantum readiness. While quantum computing is still emerging, its arrival will render current encryption methods obsolete. We recently launched Forescout’s Quantum-Safe Security Assurance strategy for identifying, assessing, and addressing post-quantum cryptography security gaps across IT, OT, and IoT environments. We have been granted a patent for our solution that continuously analyzes device encryption to identify post-quantum vulnerabilities.

Critical infrastructure is highly sensitive. How does Forescout secure it in a unique manner?

Critical infrastructure presents a dual challenge: organizational silos and legacy assets. OT engineers and IT teams often operate with different priorities and communication styles, yet both require visibility and control. Forescout bridges these organizational divides, providing a unified platform to identify every asset, assess associated risks, and enforce policies across IT, OT, and IoT environments.

For example, a Chief Information Security Officer managing both IT servers and refinery controllers can now compare risks comprehensively and make informed decisions. This unified perspective reduces complexity, accelerates response times, and strengthens overall organizational resilience.

We are not merely monitoring systems; we are helping secure the infrastructure that maintains essential services.

How does Forescout handle air-gapped and on-premises environments for government and military applications?

We maintain what I describe as an ambidextrous approach. Whether the environment is cloud-native, fully on-premises, or entirely air-gapped, we adapt to customer requirements.

In military or intelligence scenarios, air-gapping is non-negotiable. Our platform operates effectively in these conditions without compromising functionality. This flexibility represents a significant differentiator because universal security solutions are inadequate for critical missions.

To address these specific environments, we developed a Flyaway Kit that provides comprehensive cybersecurity in air-gapped, remote, and isolated environments across Cyber-Physical Systems, OT, IT, IoT, and unmanaged devices.

Oil, gas, and utilities are critical sectors. How does Forescout support them?

Oil, gas, and utilities present unique challenges because they combine decades-old OT equipment with modern IT systems. Organizations in these sectors operate drilling rigs and SCADA controllers alongside cloud-based analytics and remote monitoring systems. This convergence creates both opportunities and risks.

Forescout provides real-time visibility across the entire ecosystem. We assist companies in identifying vulnerabilities, enforcing access policies, and detecting anomalous behavior before it escalates into a crisis.

Currently, 30% of the world’s top 30 oil and gas companies rely on Forescout. The stakes are exceptionally high because downtime extends beyond financial losses to potential disruptions in national energy supply and safety hazards. This sector remains a core focus for our organization.

What unique security challenges exist in critical infrastructure?

The primary challenge involves legacy systems. Many critical systems in airports, power plants, and water facilities were not designed for internet connectivity. When these systems are connected, they often lack the resilience of modern IT infrastructure.

Consider an airport environment: automated landing lights enhance operational efficiency, but inadequate security could enable attackers to cause interference. These systems require careful securing, monitoring, and updating because failure extends beyond inconvenience to potentially catastrophic consequences.

The challenge lies in modernization without operational disruption, which requires comprehensive visibility and layered defense strategies.

Looking ahead, what concerns you most in cybersecurity?

Four primary concerns:

1. Quantum computing – It will compromise traditional encryption faster than organizations are prepared to address.
2. Generative AI – Attackers can now create sophisticated campaigns that appear authentic.
3. Platform monoculture – When organizations rely heavily on identical systems, a single exploit can cascade globally.
4. Aging infrastructure – Extended reliance on outdated systems increases organizational exposure.

Cybersecurity represents a continuous race, and attackers are accelerating their efforts. Our responsibility is to anticipate threats, prepare defenses, and maintain strategic advantage.

How does Forescout differentiate itself from competitors?

Many security companies require customers to adopt their complete ecosystem. We do not follow this approach. We excel in heterogeneous environments, integrating with Cisco, Palo Alto Networks, Juniper, Arista, and other platforms.

This flexibility means customers avoid comprehensive network overhauls. Instead, we provide visibility and control layers that enhance existing infrastructure security. Every deployment is customized because each customer’s environment presents unique requirements.

How does Forescout remain relevant in today’s cybersecurity landscape?

Relevance stems from adaptability. Our platform addresses IT, OT, IoT, cloud, on-premises, and air-gapped systems through a single interface. We integrate capabilities rather than creating silos.

The combination of visibility, classification, risk assessment, and automated control enables customers to respond quickly and strategically to threats regardless of origin. This comprehensive approach maintains our relevance as the threat landscape evolves.

Where do you see the biggest growth opportunities globally and in the Middle East?

The Middle East presents significant opportunities currently because governments, oil and gas companies, utilities, and hospitality providers are investing substantially in cybersecurity with sophisticated approaches. Strong demand combined with talented local teams makes this region one of our fastest-growing markets.

Globally, North America, Europe, and Japan remain core markets. While each region presents unique challenges, organizations universally recognize that cybersecurity has evolved from a cost center to a business enabler.

If you had to summarize Forescout’s vision in one statement, what would it be?

We protect the critical systems that enable modern life.

Whether ensuring hospital operations, securing oil pipelines, or maintaining airport safety, our work directly impacts daily life. This represents the essence of our mission.

Smart cities are expanding in the Middle East. How do you balance innovation with security in such complex, interconnected environments?

Smart cities represent ambitious projects that connect utilities, transportation, and public safety systems. This complexity and connectivity create both innovation opportunities and security risks.

At Forescout, we apply lessons learned from securing large-scale, high-security global networks. For example, we have assisted logistics companies in securing millions of devices across distributed environments. The same approach visibility, segmentation, and monitoring at scale applies directly to smart cities.

The key involves embedding security from the initial planning phase rather than treating it as an afterthought. This approach enables sustainable innovation.

AI is rapidly transforming cybersecurity. Does it increase threat complexity, or does it benefit companies like Forescout?

Currently, AI provides greater advantages to attackers than defenders. Generative AI enables personalized, sophisticated attacks at scale, including phishing emails that appear completely authentic.

However, significant opportunities exist for defenders. AI can analyze data at scale, detect anomalies in real time, and automate response actions. We are in the early stages of this development, and attackers currently maintain advantages. However, responsible AI deployment by defenders will rapidly close this gap.

Any closing thoughts on the intersection of innovation and cybersecurity?

Innovation and cybersecurity are inseparable. Sustainable smart cities, connected infrastructure, and digital transformation require strong security foundations.

At Forescout, our mission focuses on three elements: visibility, control, and actionable insights. By providing these capabilities, we enable organizations to innovate confidently while maintaining critical infrastructure security. Security should not impede progress; it should provide the foundation for trust and resilience in our digital world.

Related post

View all