Andy Zollo, who led the Imperva business in EMEA, relocated to Singapore in October to be Senior Vice President of Sales for the combined Imperva and Thales CPL businesses in the APJ region. With a wealth of experience in sales leadership and business transformation, Andy is set to play a vital role in driving our ongoing success and growth in this dynamic market.
We recently caught up with Andy to learn more about his background and what inspired his move to Asia.
What excites you the most about your move from UK to Singapore?
First off, the energy of the city is just incredible. It’s such a vibrant place, and I love how it feels alive with all the hustle and bustle. Singapore has a diverse mix of cultures, and I think that will bring a fresh perspective both personally and professionally.
And let’s talk about the food! I’m told the cuisine in Singapore is incredible. I’ve heard so much about dishes like Hainanese chicken rice, Laksa, and chili crab, and I’m ready to dig in!
Although I was born in the UK and grew up in southern England, my heritage and DNA are 100% Mediterranean. That’s why I really appreciate Singapore’s Mediterranean-like warmth – the sunny weather here feels much more like home!
How do you see your experience in Europe influencing your approach in the APJ region?
Asia is incredibly diverse, with each country offering distinct cultures, languages, and business practices. This requires a mindset of empathy and adaptability rather than a ‘one-size-fits-all’ approach. For example, how we approach business in Australia differs from how we engage in Singapore or India.
Respecting these differences is crucial for success in the APJ region. My goal is to deepen and expand the strong relationships we have built across the region, guiding the team to greater heights through focused cross-selling and upselling of CPL and Imperva products, while also introducing an innovative suite of Identity Access Management solutions.
What are some of the biggest opportunities and challenges you see in the APJ market right now?
APJ is a region of dynamic opportunities, especially in high-growth markets like Indonesia and India, which will be key areas for us to focus on and capitalize upon. Meanwhile, mature markets like Singapore offer strong potential if we can align with key trends and pinpoint where our solutions add the most value.
Of course, there are challenges too – China, for example, poses unique difficulties due to trade restrictions and broader geopolitical dynamics, which make it harder to conduct business smoothly.
To succeed in such a diverse region, we must approach each market strategically. For example, we may need to shift talent and resources where they’re most needed, or over-invest in certain countries while maintaining steady operations in others.
One of the biggest opportunities I see lies in helping our customers keep pace with the region’s complex and evolving regulatory landscape. Unlike Europe, which has a unified data protection framework in the GDPR, APAC has a diverse range of data protection laws, each with unique requirements and degrees of restriction. This creates both challenges and opportunities as we support our customers in understanding and adapting to these varied regulations—balancing risk mitigation with building trust and fostering innovation.
The region’s rapid digital transformation, driven by emerging technologies and an unprecedented volume of data collection, adds another layer of complexity. New data protection regulations require businesses to reassess their strategies, and we can play a critical role in helping customers align their compliance efforts with their growth goals.
How do you envision the role of cybersecurity evolving in the region over the next few years?
Cybersecurity is a global priority, with challenges beyond APJ that impact every region.
We’re seeing AI used both to strengthen defenses and to carry out more sophisticated attacks. This presents a double-edged sword: on the one hand, we have new tools to enhance and secure our networks, but on the other, we’re up against increasingly sophisticated threats, including those driven by automated bots. Our goal is to stay ahead of these developments to continue delivering solutions that protect our customers’ most critical data.
In APJ, there’s a strong push towards increased compliance. Markets like India introduced new regulations last year, and this shift is an opportunity to support our customers and partners in understanding compliance—not just as a requirement but as a crucial part of securing their business. Compliance shouldn’t just be seen as a checkbox; it’s about securing what’s truly critical to the company.
One key message we’re driving home is that not all data is equal. We help customers identify and prioritize what’s mission-critical to protect, such as payroll data, versus less sensitive information like a work phone number. I’m a strong advocate for data visibility; if you don’t know where your risks are, you can’t prioritize or protect effectively. Giving our customers visibility into their data enables them to make informed, proactive decisions rather than relying on hope.
Our role is to help customers adopt a more strategic, informed approach to cybersecurity – understanding their unique risks, staying compliant, and protecting what matters most.
Two predictions for 2025.
As we look towards 2025, the global geopolitical landscape is not expected to get easier and will continue to pose significant challenges. For instance, countries will likely experience ongoing attacks on critical infrastructure, resulting in heightened vulnerabilities. This means organizations across sectors, particularly in energy, healthcare, and finance, will face increased pressure to secure their systems against sophisticated threats.
Moreover, as energy prices remain high, businesses must find ways to cut costs. However, this cost-cutting must not come at the expense of cybersecurity investments. The operational costs of running data centers are expected to rise, prompting companies to reassess their technology infrastructure and spending. Consequently, a culture of business prudence will persist, emphasizing the need for strategic investments in cybersecurity solutions that ensure efficiency and protection.
The transition to the cloud will continue in 2025, driven by the need for scalability, flexibility, and efficiency in business operations. However, organizations must understand that the responsibility for protecting data in the cloud rests squarely with them, not with third-party cloud service providers.
While these providers implement their own security measures, the ultimate accountability for safeguarding sensitive information lies with the organizations that store their data on the cloud. This means that businesses must adopt comprehensive data protection strategies that include encryption, access controls, and compliance with relevant data protection regulations.
As companies recognize this responsibility, we will see an increased focus on data governance and enhanced cybersecurity training for employees. By doing so, organizations can effectively mitigate risks associated with data breaches and ensure their data remains secure, even when housed in a cloud environment.
What’s one thing people might be surprised to learn about you?
One thing that might surprise people is that I learned to fly a glider before driving a car. I’ve always had a passion for aviation, and flying gave me a unique perspective on control and focus.
Do you have any go-to activities or routines that help you settle into a new place?
One of my favorite ways to settle in is by listening to music. The first thing I do when I arrive is set up my stereo—I brought mine from the UK. Once that’s up and running, I can kick back and enjoy some electronic music (which I’m not ashamed to admit I love).
The post Meet Andy Zollo, SVP of APJ Sales appeared first on Blog.
