When it comes to cybersecurity, the race to adopt AI, automate security operations, and fortify defences often overlooks one basic but vital truth: "You can't secure what you can't see."
Those are the words of Michael Fisher, Regional Vice President for Asia Pacific and Japan at Garland Technology, who believes that amid soaring threats to critical infrastructure, the unglamorous world of network visibility deserves far more attention.
"We're not a flashy tech company," Fisher said during an exclusive interview.
"What we do is simple, we provide 100% packet fidelity. No blind spots, no dropped packets. That's foundational to any security architecture."
Fisher, six months into his role at Garland, has a long history in the cybersecurity space, with previous stints at Palo Alto Networks and Tanium.
His perspective is shaped by decades of work in systems integration and vendor ecosystems.
Critical infrastructure has increasingly found itself in the crosshairs of cybercriminals - with sectors such as healthcare, defence, utilities and transport facing unique risks due to their ageing, agentless operational technology (OT).
"When people hear 'critical infrastructure', they think power or water," he explained. "But it's broader - it's anything that, if disrupted, would impact the public. Airports, banking systems, railway signalling - the consequences can be significant."
Yet many of these systems weren't built with IT principles in mind. They operate in harsh conditions and on long cycles, meaning patching and upgrades aren't always feasible. "You can't just reset a server in a power substation," Fisher said. "Outages are tightly scheduled, if allowed at all."
One of the biggest challenges Fisher sees is the cultural and operational divide between OT and IT teams - what he described as "two different team colors in different corners."
"OT teams are focused on uptime. They're risk averse, and for good reason - they're responsible for keeping trains on time or machinery operational," he said. "On the other hand, IT is pushing hard into next-gen tools, AI and automation."
That divide creates blind spots, especially when cybersecurity tools can't 'see' into isolated OT environments. "Different organizations have different levels of maturity in how well their IT and OT teams collaborate. But if they don't work together, the customer ultimately suffers," Fisher added.
Garland's solution lies in hardware: network TAPs, data diodes and packet brokers.
These devices act as bridges between isolated OT environments and broader security operations.
"TAPs are simple. They're a bump in the wire, no IP address, no MAC address. Not hackable. They just make sure your cybersecurity tools can actually see the traffic," Fisher explained. "Data diodes do the same, but in one direction only - you can't send data back. That makes them ideal for sensitive or high-risk segments."
In places like oil rigs or energy substations, these solutions allow safe monitoring without disrupting mission-critical systems.
"It's about ensuring upstream tools - your firewalls, your detection systems - can see what's happening downstream, even in isolated environments."
Fisher sees the Asia Pacific region as especially dynamic, with regulatory momentum building in several countries.
"Markets like Australia, Singapore, India, Malaysia and Japan are introducing mandates for critical infrastructure protection. That's a big tailwind for us," he said.
He credits this push for bringing visibility into the spotlight.
"In some cases, governments are offering incentives or frameworks to help organizations meet compliance. So instead of the stick, it's the carrot."
Yet despite the advances, Fisher said many mid-sized enterprises still struggle to adopt visibility technologies - which is where managed security service providers (MSSPs) can step in.
"Some MSSPs already deploy Garland technology on the customer premises to complete that last mile. They might offer a proprietary SOC (Security Operations Centre) service, but they rely on our hardware to feed reliable data into it," he said.
Fisher is clear about Garland's role: they don't aim to compete with mainstream cybersecurity vendors but rather enable them.
"No one wakes up wanting a data diode," he admitted. "But they do want better ROI from their detection tools. They want to know they've got full visibility across the network."
The company's no-subscription, capex-first model also appeals to OT-heavy industries with long investment cycles and limited appetite for software maintenance or patching.
"A lot of our hardware is purpose-built for harsh environments. It's designed to last. That resonates in OT spaces where equipment has a 10 or 15-year lifespan," he added.
Fisher leads Garland's APJ operations remotely from Melbourne but is set to relocate to Southeast Asia next year to be closer to the action.
"It's a big region, and the market is moving fast," he said. "We've got over 300 customers here already, and demand is only growing."
Partnerships are central to Garland's strategy. "We're channel-first, always. Whether it's partners helping us with federal agencies in Vietnam or working with our ecosystem technology partners in Australia, we rely on strong local partners," he said.
His team wears "many hats" across sales, channel enablement, architecture and customer support. "We're a small team, but we punch above our weight. That's what makes it fun," he said.
While he doesn't expect major breakthroughs in diode or TAP technology, Fisher hopes awareness around visibility continues to grow - especially as AI adoption accelerates.
"In three years, I'd love to see visibility treated as the non-negotiable starting point for cybersecurity, not an afterthought," he said.
"We're already seeing that shift."
His final message is simple: "It's not scare mongering - it's just reality. These systems were built differently. But with the right visibility, you can make sure your cybersecurity tools do what they're supposed to do."
If the inline security tool goes off-line, the TAP will bypass the tool and automatically keep the link flowing. The Bypass TAP does this by sending heartbeat packets to the inline security tool. As long as the inline security tool is on-line, the heartbeat packets will be returned to the TAP, and the link traffic will continue to flow through the inline security tool.
If the heartbeat packets are not returned to the TAP (indicating that the inline security tool has gone off-line), the TAP will automatically 'bypass' the inline security tool and keep the link traffic flowing. The TAP also removes the heartbeat packets before sending the network traffic back onto the critical link.
While the TAP is in bypass mode, it continues to send heartbeat packets out to the inline security tool so that once the tool is back on-line, it will begin returning the heartbeat packets back to the TAP indicating that the tool is ready to go back to work. The TAP will then direct the network traffic back through the inline security tool along with the heartbeat packets placing the tool back inline.
Some of you may have noticed a flaw in the logic behind this solution! You say, “What if the TAP should fail because it is also in-line? Then the link will also fail!” The TAP would now be considered a point of failure. That is a good catch – but in our blog on Bypass vs. Failsafe, I explained that if a TAP were to fail or lose power, it must provide failsafe protection to the link it is attached to. So our network TAP will go into Failsafe mode keeping the link flowing.
Single point of failure: a risk to an IT network if one part of the system brings down a larger part of the entire system.
Heartbeat packet: a soft detection technology that monitors the health of inline appliances. Read the heartbeat packet blog here.
Critical link: the connection between two or more network devices or appliances that if the connection fails then the network is disrupted.