On changing cybersecurity landscape, what startups can do to secure themselves and advise on the career opportunities in the sector
Pankit Desai, Co-founder & CEO of Sequretek is an IT and cybersecurity industry seasoned professional and is currently an entrepreneur focused on building India’s first core security threat management platform. Sequretek is the fastest-growing Indian cybersecurity company with offices in Gurgaon, Bengaluru, and the US. It was launched to make cybersecurity accessible and affordable to mid-market companies through a combination of products, platforms, and services. Today, they serve over 130 customers across US, Europe and Asia and have 450 employees globally.
Please introduce yourself and tell us what you and your company does.
My name is Pankit Desai, Co-founder and CEO, Sequretek. I have over 25 years of experience, with over a decade in global management roles at organizations like Rolta (President), NTT Data (SVP), IBM (Country Manager).
Sequretek is a global cybersecurity company that works with a vision – to enable customers to grow without fear as their trusted advisor by simplifying security. Sequretek offers end-to-end security in the areas of enterprise threat monitoring, visibility, incident response (Percept XDR), device security (Percept EDR), identity & access governance (Percept IGA) through their own AI-driven Percept Cloud Security Platform (CSP).
In 2021, Percept CSP processed over a trillion events and prevented 50,000 attacks for its customers. The platform was featured by Gartner in its recent Tech Innovator report on “AI in Attack Detection”, Avasant in their latest RadarView on Cybersecurity (April 2022), and other industry analysts for Percept Platforms ability to handle security data from all environments, use AI for threat detection and mitigation.
You’ve had a long career as an IT and cyber security veteran. Can you tell us what changes you’ve seen in the cyber security landscape?
In the pre-pandemic (st)age, the organizations – no matter how big or small, predominantly worked in on-premises perimeter environments and peripheral devices. Security, therefore, was much easier as it is easy to protect what you can see, or directly manage.
With the advent of COVID, organizations were forced to adopt cloud and digital technologies to continue serving their customers. This adoption was to be done overnight, and consisted of multiple concerns around hybrid working models, and adding an extra layer of protection. According to a survey conducted by Cloudwards, over 94% of enterprises today use cloud services. There was no control that the enterprise had over its employees using unsecured networks but had to allow them to access their enterprise networks. Therefore, security now had to be rethinked differently, to cover all on-premises, cloud, and hybrid environments.
There’s another trend of supply chain attacks, where cyber attackers get to exploit multiple enterprises through a single cyber-attack. A few recent examples include SolarWinds and Twilio, which already had a large customer base which is known to be seriously impacted. As per an article by TechCrunch, the Twilio cyber-attack has breached over 130 organizations.
Around the technology evolution, the cybersecurity products and tools, which earlier were purely rule-based, are today leveraging Artificial Intelligence – Machine Learning along with Automation. In addition to the above, there is a lot of consolidation that we see today in the cybersecurity industry. Vendors are trying to provide a holistic view over enterprise security, a quick example is combining XDR and EDR technologies, advanced analytics in Identity Management products to analyze the user behavior anomalies.
What are the different kinds of attacks targeting enterprises and businesses?
The cyber security threat landscape has been proliferating at a rapid pace, with more stealth and sophistication. There has also been an increase in the number of breaches that are being reported in the recent past, across industry verticals like aviation, manufacturing, logistics, and pharmaceuticals unlike the traditional segments of BFSI (where money was the only objective of any attacker). We see over three-fold increase in the number of cyber-attacks, post pandemic. The threats too, have evolved drastically. We see enterprises being attacked through newer attack types like targeted phishing attacks, ransomware (encrypt as well as steal data), coin miners, trojans, zero-day threats and persistent threats. The attackers have also started to leverage AI-ML algorithms along with behavioral techniques to increase the overall ‘efficacy’ of the cyber-attack. More often, the attacks nowadays carry stamps of adversary nation state sponsored espionage and disruption over a long period of time.
Therefore, the enterprises today need to be super attentive and proactive in defending against these cyber threats.
What are the best practices organizations can follow to improve cybersecurity preparedness? Whether it’s a small business or a large organization, when should they be concerned about cyber security?
Everytime. There’s no specific time that a cyber-attacker will not target you. Enterprises, big or small, are always at risk. It is not about whether they will be attacked, rather it is about “when will they be attacked”. Enterprises may choose to either proactively implement solutions for a robust security posture, or to panic once they are attacked and invest crazy amounts to recover through an attack.
While there’s no one way to ensure complete protection against cyber threats. A few basic cybersecurity practices that organizations could follow, to ensure that it becomes difficult for any cyber attacker to compromise:
First and foremost, it is pivotal to patch the systems completely, and ensure that all the guidelines put forward by OEM are followed and systems are up to date.
Second, is to leverage next generation technologies like cutting-edge Endpoint Detection and Response (EDR) solutions (possibly with AI-ML capabilities) to provide real-time defense against advanced threats.
Third is to follow the basic thumb rule of not clicking on any “too good to be true” links and offers that come up, no matter how tempting they look. Basic user awareness is very important to cover this.
And most importantly, to monitor all your critical security devices (possibly opt-in for the latest XDR – Extended Detection and Response technology) on a 24*7 basis to trace any probable cyber-attack attempts that are being carried out at your enterprise, as well as ensure timely response to cyber incidents.
What are the mistakes that startups make from a security point of view and what steps can they take to resolve it?
I believe that phishing, ransomware, and weak passwords are some of the worst cyber threats. A minute mistake by an individual could directly impact the enterprise through a successful cyber-attack. Once attacked, the data is either sold out to a direct competition or else is released in the dark web, irrespective of the enterprise paying the ransom amount.
Startups have a tendency to focus primarily on their core product capabilities and the GTM strategy. Most startups often neglect the security aspects that are related to the product. The negligence not only impacts the sensitivity of the customers (which indeed is one of the most important goals for startups), but also directly impacts the viewpoint of the probable investors.
Moreover, it is disheartening to see startups as well as enterprises, seeing cyber-security as a cost center rather than a business enabler. Calculating RoI from the cybersecurity investments, is another activity that should be stopped. The failure to stop above two, can affect their brand, compliance, and loss of their critical assets alongside hampering business continuity.
The CEOs should start asking critical questions to their IT Teams around enterprise security readiness, and themselves should define what data is of the most value. Who better than a CEO to decide what is critical and what is not. A few questions could include:
Is our organization compliant?
Are the technologies being used optimally?
What is the organization’s Security Posture?
What critical business assets does the company need to secure?
Do you have any advice for people early in their careers or people that are considering going into cybersecurity?
Cybersecurity has been known to be very complex in nature to understand as well as to practice, though it has been one of the hottest career options in recent times. According to ISACA’s new survey report, State of Cybersecurity 2022: Global Update on Workforce Efforts, Resources and Cyber Operations, 60% of Indian organizations have unfilled cybersecurity positions and over 42% report their organization’s cybersecurity team to be understaffed. This challenge around the dearth of talent pool in cybersecurity, creates phenomenal opportunities for the aspiring candidates in the industry towards various roles like auditors, product developers, quality testers, governance-compliance, incident monitoring and reporting, incident analysis and response, product and technology support, and many more. I’d advise the aspirants to continue their incessant focus on technology, cloud and IoT, along with cybersecurity. Alongside cybersecurity, automation and artificial intelligence will be the key areas that the companies will soon start hunting candidates for.
