Interview

Archaic practices, skills shortage biggest gaps in security today: Rajnish Gupta, RSA

Rajnish Gupta, Regional Director, India & SAARC at RSA explains why identifying critical assets and assigning a risk score is imperative to new age cybersecurity.

The current state of cybersecurity makes it imperative to involve all stakeholders in defining critical assets. Throwing light on the current state of cybersecurity, and why it isn’t mature enough, Rajnish Gupta, Regional Director, India & SAARC at RSA explains why it’s necessary to break the silos that businesses and technology operate in.

Gupta emphasizes on why the best approach to security starts from identifying critical assets and assigning risk scores. Additionally, he talks about RSA’s revamped channel strategy, GTM for 2020, recent acquisitions and how they add to the much needed firepower in automatic threat detection and behavioral analytics.

Edited excerpts:

Why is the current state of cybersecurity not mature enough to prevent and respond to attacks in a timely manner?

Broadly speaking, we are still in the phase of moving from prevention to detection and creating a response mechanism. From our perspective, that journey is still being traversed.

People are still looking at traditional security, focusing on increasing spending and developing skills around traditional security. They haven't yet taken the leap towards new age security.

Secondly, there's a scarcity of resources - there's not enough skillset available to get to the required level. Thirdly, there's a gap between the technology stakeholders. We need to have business-driven security rather than technology-led security.

I would say these are the biggest gaps in the security space today. If we start relating business content to what we are trying to achieve through technology, it would help us get to the desired level.

The maturity has to percolate right to the board level in every industry and across all verticals. The board needs to start treating cyber risk as a business risk.

You had stated that one of the key trends for enterprise security is the ability to identify your critical assets and assign risk scores. Do you think present day CISOs are failing to identify critical assets?

We've seen that some sectors, like banking, are overseen by strong regulators which are focused on safeguarding customers' assets. So the BFSI space has been able to cover significant ground in this aspect.

However, some sectors are still laggards. They need to start identifying their critical assets and build security around that. To assign a risk score, it's important to include all the business stakeholders in the security program. We need to break the silos that technology and business operate in.

Once classification of the information is done, you get that information in a repository. We designed the RSA Archer Suite to help one navigate, assess risk and assign risk scores.

You can then continuously monitor the risk parameters and evaluate how they fare with respect to compliance or business goals. And it's not just for data within the organization. You can do your vendor risk management on this tool as well.

 

There's not enough skillset available to get to the required level. Also, there's a gap between the technology stakeholders. We need to have business-driven security rather than technology-led security

- Rajnish Gupta

Regional Director, India & SAARC, RSA

 

Rajarshi

 

Tell us about RSA's go to market strategy for 2020. What has changed in the company's channel partner strategy?

We are not changing anything since the strategy we adopted two years back. It's aligned to the industry and it's working really well.

We will continue focusing on the public sector and the government. The banking sector will be one of our primary targets, and also verticals which lay a lot of importance to protecting their crown jewels.

Hundred percent of our business is channel oriented. While we have limited people on the field, the bulk is covered by channels. We support them from a technology and channel standpoint.

In the next couple of years, we'll be focusing heavily on customers and markets we haven't reached yet. And this is where we see channels playing a huge role.

Our channel strategy revolves around getting new customers on board, and this is how channel partners will be stacked and compensated. This is the one big change in our channel strategy.

We acquired Fortscale to deliver a comprehensive User Entity Behavior Analytics (UEBA) solution. Fortscale provides fully automatic, unsupervised machine learning, detects unknown threats, and addresses malicious behavior in which exploits have received elevated permissions.

How does RSA ensure its channel partners are able to drive better conversations with CIOs and CISOs?

I believe that nothing works better than gaining on-field experience. Our Centre of Excellence and R&D centre in Bangalore conducts several technology workshops for the delivery and pre-sales team.

This gears them up to drive the next level of conversation and be more comfortable in implementing solutions they sell to our customers.

We have enabled one of our value-added re-seller partners for delivering RSA educational services. Earlier this was done by SMEs and trainers from either the US or from the APJ region. By having a partner based in India adds the flexibility with respect to cost optimization around the entire operation.

The acquisition of Fortscale has added considerable firepower to RSA's security offerings. Could you throw some light on the company's recent acquisitions and what it means for RSA's business?

Our conversation with CISOs revealed that the existing Security Information and Event management (SIEM) protocol does not do enough, and that they were looking at something called 'evolved SIEM'.

Now this resonates very well with the acquisitions we've made in the recent past. Five years back we brought in the capability of network visibility within the SIEM itself.

We acquired Fortscale to deliver a comprehensive User Entity Behavior Analytics (UEBA) solution. Fortscale provides fully automatic, unsupervised machine learning, detects unknown threats, and addresses malicious behavior in which exploits have received elevated permissions.

With the acquisition, RSA NetWitness facilitates the automatic identification of deviations from normal user behaviors to uncover risky and previously hard-to-detect threats.

The NetWitness orchestrator uses machine learning to suggest analyst assignments and identifies the best course of action for investigations.