Profile

Somewhere in a hospital, a water treatment plant, or a factory floor, there is a device that was installed before Wi-Fi existed and is now connected to the internet. Nobody at the organization can tell you who owns it, what software it runs, or whether it has ever received a security patch. Barry Mainz runs the company that finds it.

Forescout Technologies sees devices that everything else misses - OT systems, IoT sensors, medical equipment, industrial controllers - and then tells you exactly how exposed each one is. Mainz took the CEO role in January 2023, walked in with a thesis about converging IT, OT, and IoT security, and spent two years proving it with numbers.

20% New Recurring Bookings Growth (2024)
38% US DoD Business Growth YoY
48 Deals Over $1M Closed in 2024

The increase in threats to critical industries is making convergence real and that's driving our business.

- Barry Mainz, CEO, Forescout Technologies

From Sun Microsystems to Securing the Power Grid

Mainz did not come up through the security industry. He studied communications at San Francisco State University (1982-1987) and spent more than fifteen years in sales leadership - Sun Microsystems, Seagate Technology, Mercury Interactive. The pattern from those years is the same one that follows him everywhere: take a technically complex product and build the commercial motion around it.

Wind River Systems, where he became President, was Intel's embedded software business - the company whose operating system runs in everything from F-35 fighters to Mars rovers. Running that business means understanding infrastructure at a level most enterprise software executives never get close to. When Mainz talks about legacy OT systems "dating back two or three decades," he's not reading from a briefing note. He spent years building software for those exact systems.

MobileIron came next. He joined as CEO in 2016 during the era when "every employee's iPhone is now a security problem" was a fresh crisis. The mobile device management market was consolidating fast. Mainz came in after founder Bob Tinker and worked to stabilize and reposition the business. It was the first time he ran a publicly traded cybersecurity company - and the education showed.

⋅ ⋅ ⋅

The Malwarebytes Chapter: Building at Speed

After MobileIron, Mainz joined Malwarebytes as Chief Revenue Officer in December 2018 - a deliberate step back from the top role to build something different. Within two years, he'd delivered record growth across consumer and enterprise segments, and the company created the COO role specifically for him. First-ever COO in the company's history. That kind of thing does not happen without a specific track record, and his at Malwarebytes was clear: build the go-to-market motion, scale it fast, make the numbers look better than they did before you arrived.

Between Malwarebytes and Forescout, he spent time as an Operating Partner at Crosspoint Capital Partners, a private equity firm focused on cybersecurity. That vantage point - sitting inside the investment thesis for an entire sector - is probably why his Forescout strategy has the quality of someone who spent time thinking about what the market needed before accepting the job.

Hacktivism, Quantum Threats, and the Future of OT Security

YouTube • Barry Mainz, Forescout Technologies

IoT and OT Security Challenges - RSA Conference 2024

Techstrong TV • RSA Conference 2024

What Forescout Actually Does

Forescout started as a network access control company. That category - who gets on the network and on what terms - is genuinely foundational, but it was also being commoditized. Mainz walked in and reframed the whole thing around a more urgent question: not just who gets on the network, but what is already on it that you do not know about.

The distinction matters because of operational technology. Manufacturing plants, hospitals, utilities, and government facilities run systems built over decades - industrial controllers from Siemens, medical devices from companies that no longer exist, building management systems installed during the Clinton administration. These devices often cannot have agents installed on them. Traditional endpoint security is useless. Forescout's approach is agentless and network-based: it watches the traffic, fingerprints the devices, assesses the risk, and feeds that data into the security stack.

Organizations are spending millions on the latest visibility and detection technology and are still getting compromised. They don't need more visibility. They need actionable intelligence and control.

- Barry Mainz

Vedere Labs, Forescout's threat research unit - which Mainz actively champions and promotes - is the company's long-term credibility asset. When Vedere Labs publishes research showing a 136% surge in IoT device vulnerabilities, the data feeds directly back into the product. The research is not a marketing exercise. It is how the company stays ahead of the attack surface it's paid to protect.

The Federal Business, Grown on Zero Trust

In 2024, the US Department of Defense Comply-to-Connect (C2C) program became a meaningful revenue driver for Forescout. C2C is the DoD's implementation framework for Zero Trust - and Forescout became a key partner in it. The result: DoD business up 38% year-over-year, more than twenty new government agency customers, and a federal segment growing at record double-digit rates.

The federal growth is not coincidental. Zero Trust as a framework requires knowing what devices are on your network before you can apply "never trust, always verify" logic to any of them. Forescout's core capability is exactly that foundational step. Mainz saw this as the strategic entry point into federal government, and the 2024 numbers suggest the bet was right.

Key Achievements Under Mainz
  • Record double-digit growth in US Federal Government business in 2024
  • 20% increase in new recurring bookings; 48 deals over $1M in a single year
  • EMEA up 21%, Latin America up 44% - international expansion across two regions simultaneously
  • Second consecutive year of positive cash flow at Forescout
  • Launched Forescout AI for automated incident analysis and remediation guidance
  • Secured NIAP Common Criteria certification - the only specialized OT solution with this designation
  • Established strategic Microsoft partnership and expanded OT-ISAC and CISA threat-sharing
  • Appointed to BlackBerry Board of Directors (August 2025)
⋅ ⋅ ⋅

On AI in Security: Speed vs. Substance

Mainz holds a position on AI that is worth paying attention to, precisely because it resists the obvious narrative. Every cybersecurity company is racing to put "AI-powered" on the box. His view is more deliberate: AI is most useful as a tool for streamlining decision-making, not as a replacement for the hard-won architecture underneath.

AI can absolutely accelerate parts of development and cybersecurity. But that doesn't mean every company should confuse speed with substance. The real question for leaders is: where does AI add value, and where do experience, architecture, and hard-earned context still matter most?

Legacy OT systems - some dating back two or three decades - are increasingly connecting to the internet despite lacking defenses against modern cyber threats. Their online integration is rapidly expanding the attack surface.

Never trust, always verify - continuously. That is the critical mindset for modern security.

Customers are looking at us to report on their devices, what they are, and then the risk associated with them. Simply having visibility into the existence of assets isn't enough. What organizations need is asset intelligence.

The Career Arc in Full

1982 - 1987
BA Communications, San Francisco State University
1987 - early 2010s
15+ years in sales leadership: Sun Microsystems, Seagate Technology, Mercury Interactive, Makara (acquired by Red Hat)
2013 - 2016
President, Wind River Systems (Intel subsidiary) - embedded OS for critical infrastructure and defense
2016 - 2018
CEO & Board Member, MobileIron - led enterprise mobile device management during market consolidation
2018 - 2020
Chief Revenue Officer, Malwarebytes - drove record growth across consumer and enterprise
2020 - 2022
Chief Operating Officer, Malwarebytes - first-ever COO role at the company, created after his CRO success
2022
Operating Partner, Crosspoint Capital Partners - cybersecurity-focused private equity
Jan 2023 - Present
CEO & Board Member, Forescout Technologies - record growth in federal, EMEA, and LATAM
Aug 2025
Appointed to BlackBerry Board of Directors

Why This Company, This Moment

The case for Forescout's moment is specific. Regulatory pressure - new SEC cyber disclosure rules require public companies to document and report on device risks and incidents. Critical infrastructure protection increasingly a national security issue. OT and IT networks converging in every industrial sector. And an AI-driven acceleration of both attack sophistication and defensive tooling that makes the underlying question - what devices are on your network and how exposed are they - more urgent than ever.

Mainz arrived at Forescout having seen the infrastructure software industry from multiple angles: as a seller, as a CEO, as a builder of go-to-market engines, and as a PE-side investor who spent time thinking about sector-level dynamics. His bet is that the convergence of IT, OT, and IoT security is not a niche market play but a foundational platform opportunity - and that the company that owns device intelligence owns the first step of every security architecture decision that follows.

Whether or not that bet plays out at the size he's describing, it is already winning its first innings. The 2024 numbers are not accident - they are the output of a thesis, applied with operational discipline by someone who has done this before.