From pioneering startups to his current role as CTO and VP of Networking and Security Engineering at Pure Storage, Dr Ratinder Paul Singh Ahuja’s journey is a testament to his relentless pursuit of safeguarding digital landscapes. Join us as we delve into his remarkable career trajectory and gain invaluable insights into the evolving realm of cybersecurity.
Tell us how you got into the field of technology and cybersecurity. What has your journey been like?
Starting with my networking and data communications doctorate, my journey has involved founding startups that addressed critical networking challenges. Industry leaders like Cisco and Extreme Networks recognised and acquired many of these.
As digital threats evolved from infrastructure attacks to information loss, so did my focus, leading me to target data loss prevention (DLP) by founding Reconnex Corp. McAfee, a leading cybersecurity company, acquired my DLP startup, where I served as CTO for Network Security.
Following this, I ventured into cloud security by founding ShieldX Networks, later acquired by Fortinet, aimed at enhancing cloud asset & risk discovery, automated security policy generation and elastically scaling security control deployments for cloud environments.
I joined Pure Storage in 2021, and I’ve been dedicated to enhancing the security posture of our products through DevSecOps principles and leveraging Generative AI to further secure development and deployment practices.
How has cybersecurity as a space changed and transformed in a post-pandemic world?
The pandemic has significantly accelerated digital transformation across sectors, expanding the cyber threat landscape. With the rise of remote work, there has been an increase in attack vectors, highlighting the importance of robust cybersecurity measures.
Organisations have had to rapidly adapt to protect their networks and data against sophisticated threats, including phishing, ransomware, and supply chain attacks. This period has underscored the necessity of resilient cybersecurity frameworks, comprehensive threat intelligence, and the importance of cybersecurity awareness among employees.
What has the impact of AI been in the cybersecurity space, and how can it help build better security systems?
AI has been a game-changer in the cybersecurity space. It has enhanced the ability to detect and respond to threats more efficiently and accurately. AI algorithms can analyze vast amounts of data to identify patterns indicative of cyber threats, significantly reducing the time to detect breaches.
Furthermore, AI-powered systems can learn from past incidents to predict and prevent future attacks. However, it’s also important to acknowledge that as AI tools become more sophisticated, they can also be used by adversaries to launch more complex attacks. Therefore, developing AI in cybersecurity is a double-edged sword, necessitating advanced defensive AI capabilities for better security systems.
What should organisations keep in mind in 2024 while looking at cybersecurity?
In 2024, organisations should prioritize a proactive and comprehensive approach to cybersecurity. This includes embracing a zero-trust architecture, ensuring continuous monitoring and updating of security systems, and investing in cybersecurity awareness training for all employees. With the evolving threat landscape, it’s crucial to stay informed about emerging threats and to integrate advanced technologies like AI and machine learning for threat detection and response. Additionally, organisations must ensure compliance with data protection regulations and consider cybersecurity integral to their business strategy. Organizations that run critical services such as the power grid and other utilities should expect increased attention from threat actors.
What, in your estimation, are the top five trends in cyber security space?
Here are five top trends and how to mitigate against them:
Geopolitical Risk Mitigation: Organizations should ensure increased visibility and governance of organizational locations and supply chain, audit cyber resilience, and utilize third-party risk management tools
GenAI Governance: It’s vital to define GenAI usage policies as well as provide end-user training, employ technical controls, and assess GenAI-enhanced security product benefits
Zero trust security architectures: Implement principles of least privilege across users, systems, networks, data and applications
Security Automation: Automate repetitive tasks to reduce human error and increase operational efficiency in security operations centres.
Ransomware Attacks: Organizations should focus on recovery and business continuity measures, ensure they can recover their data at speed and scale
