Sophos’s Oscar Chavez-Arrieta Builds Teams to Expand in Latin America

Oscar Chavez-Arrieta leads Sophos’s cybersecurity expansion in Latin America by doing what he does best: building teams

When Oscar Chavez-Arrieta was appointed as Sophos’s vice president of sales for Latin America in 2016, the Peruvian-born executive brought to the company more than twenty-two years of experience in sales and marketing, and more importantly, what he considers his best skill—team building.

“Employees are any company’s best asset,” he says. “That’s why I am focused on recruiting the very best—people with a wealth of experience, a solid reputation, a proven-channels orientation, and a passion for what they do. Together, we’ll take Sophos to a new level.”

Chavez-Arrieta has a proven track record of starting new investments and driving high-growth businesses, and now, he leads the security software company’s expansion in the Latin American market. In January 2016, he started almost from scratch. Now, there are twenty-six offices; by next year, the number will double.

“In Sophos Latin America, we are building a mix of new and seasoned talented leaders who were successful in their former roles, and perhaps didn’t have the opportunity to continue growing in their former companies,” Chavez-Arrieta says. “There is a line of people who currently work for our competitors but would like to become part of this new project and leadership style.” 

Among the new talent that he has brought in as part of his new Latin America leadership team are Denise Pascual from Dell as marketing manager, Maria Claudia Ardila from Symantec  as program manager, Claudia Vizcarra from Symantec as sales director for multicountries Latin Americas region, Hugo Avendaño from KSPY as general manager in Mexico, and Marcos Tabajara from Intel as general manager in Brazil.

When Chavez-Arrieta thinks about team, thinks in terms of partnerships and alliances. He just signed two key distribution regional contracts—one with Ingram Micro, the largest global technology distributor of IT products and services, and another with Nexsys, the most important distributor of software solutions in Latin America—as part of his strategy of simplify, focus, and build relevance in the Latin America industry.

His main goal is to make Sophos the number one firm delivering complete IT security to both small and large enterprises in Latin America. He wants Sophos to be the go-to channel for growing business, and he plans for Sophos to be one of the top three biggest security vendors in Latin America in the next three years.

“I’m convinced that we will make it happen, because security excellence is at our core. Sophos is the only market leader in both endpoint protection and unified threat management. Plus, it’s simple to use,” he explains. “We are the only security vendor in the entire market that integrates everything from endpoint security, to mobile, networking, wireless, email encryption, etc., and the only player delivering a single cloud-based management console for its entire product portfolio.”

Channeling a Strategy

Chavez-Arrieta buys in to the company’s channel strategy to achieve his goal.  “The channel model is the best; actually, and the only one I believe in,” he says.

Sophos sells to the distributors, who sell to the local channels and resellers in the respective regions, he explains. These local channels, in turn, sell Sophos’s products to the final client.

“We trust in the engine of our distributors and channels to cover the territories from a sales perspective and a first-level support perspective,” Chavez-Arrieta says. “Our local and regional teams support 100 percent of our channels and alliances ecosystem with demand generation, enablement, and customer engagement where needed.”

He adds that Sophos’s mission and commitment to its partners is based on three pillars: Channel Simplification, Channel Profitability, and Channel Excellence. Chavez-Arrieta points out that the company doesn’t sell through channels but rather with channels. Sophos is based on synchronized security software, which is driven by channels. Channels serve as security integrators, he explains.

“What attracted me to Sophos in the first place was the fact that it allows channels to offer their own security services to the end-customer through only one platform: our company,” he says. “We are truly respectful of the services our partners are offering, their knowledge, and their investments. It is our goal to influence them to use our synchronized solutions as part of their own service portfolios. Consequently, our success as a company is congruent with the success of our partners and channels.”

Combating Cybercrime

Cybercrime is a global problem, according to Chavez-Arrieta. It has become a big business that has transitioned from simple individual “hackers” to very well-organized criminal organizations with profit-and-loss management, business goals, and structure strategies. These “businesses” can sell criminal services to anyone.

Some of the more traditional security companies—starving for results in stock growth—are not focusing on developing the right products to counter this fast-growing criminal industry.

“We saw in the last few months, important IT names selling [their] security areas to independent and unexperienced capital groups,” he says. “Others were getting rid of ‘nonprofitable’ lines of products inside their security portfolio and one specifically—which from my perspective is the most dangerous one—was not updating its products, allowing the customer think that they are protected when they are not.”

From Chavez-Arrieta’s point of view, this type of behavior on the part of some security vendors is irresponsible and shows a lack of respect in their channel ecosystems. He sees the stubborn orientation of these enterprises as a fantastic opportunity for Sophos. As these are getting exposed, now is the company’s chance to be recognized in Latin America as the one security company who attacks cybercrime the right way—a company who empowers its partners to deliver local services to buy and sell security options in an inclusive way, he says.

“Sophos just launched a topicalized ‘Partner Program’ and a revolutionary ‘Managed Service Provider [MSP] Program,’ where our MSP partners will be able to sell on-premise or on-demand—renting the product and administrating the security solution jointly with Sophos,” Chavez-Arrieta explains.

According to him, this new model  will allow any company of any size to access the best possible security options according their current needs.

“How many small and medium companies do not have, can’t afford, or don’t need a [chief information security officer]?” Chavez-Arrieta asks. “Why do they not buy a simple, price-accessible, and ad hoc protection service from our MSPs to be 100 percent protected. They’ll only have to pay by what they are using every month. Why not allow big system integrators to buy and sell exactly what their customer needs on a monthly basis?

“It’s a simple response: everyone can sell in monthly rates—but it’s something that our competitors do not want to go for.”

He believes that security will be an on-demand service in the future, but it will obligate Sophos competitors to migrate their capital to a monthly billing model such as OPEX that won’t let them arrive to their quarterly financial goals.

“Sophos Latin America’s focus is to attack the cybercrime in any flavor the customer needs,” he says. “Our business is driven by a long-term vision and local investments that will ensure our long-term presence and future success here.”

Advice to Young Executives

Chavez-Arrieta is enthusiastic to share his father’s words of wisdom to young executives just starting their careers.

“My dad used to say, el único lugar donde el éxito viene antes que el trabajo es el diccionario—the only place success comes before work is in the dictionary,” he says. “So I learned to work hard. There is no way around it.”

“Here is another piece of good advice that I got from my viejo,” he said. “He would tell me, ‘Mira, if you have a very high position in the company, remember that there are several hundred professionals with better degrees and more experience than you, ready to take the same position for less money. So, just be humble and always do your best.’”

Chavez-Arrieta recommends building a family where you work, and doing  what you enjoy. He also says that change is good—“when you feel that you are in your comfort zone, it is time to change, escape from the bad bosses because they exist. Never choose company names, choose proven leaders that will help you growth, learn from them, and always have fun.”   


7 Deadly cyber Sins

Sophos has identified the biggest cybersecurity threats in our digital world today.

  1. Mobile Negligence
    Your phone is not protected! Hackers increasingly steal data via mobile
  2. Mac Malice
    Macs can be infected just like PCs, and the threat is growing
  3. Unsecure Wi-Fi
    Wi-Fi hotspots can provide full access to your corporate network
  4. Un-encrypted E-mail
    Anyone can access e-mail to steal sensitive data, facilitate identity theft
  5. Faulty Firewall
    If it can’t keep up   or is too complex, you’re not getting full protection
  6. Un-encrypted Files
    Customers will flee if you’re not securing sensitive company data
  7. Delinquent Web Filtering
    Hackers compromise legitimate websites that escape web filtering