Companies are going through digital transformation to embed technology across business for agility, speed and improved value to their customers. Unfortunately, this also increases the cyber threats from bad actors, including cybercriminals, hacking groups, nation state actors etc. Therefore, cybersecurity has become essential.
This is an exclusive interview conducted by the Editor Team of CIO News with Sakthiswaran Rangaraju, Security Product Management Leader at Pure Storage.
The more diving deep in the era of digital transformation, the more our data is unsecured. Today cybercrimes are burgeoning at an exponential rate. According to the Statista report, in 2022, around four in ten internet users worldwide have experienced cybercrime. Based on a survey conducted between November and December 2022, internet users in India were most likely to have fallen victim to cybercrime, as nearly 70% of respondents claimed to have experienced cybercrime. From individuals to enterprises, everyone is getting affected and thus cybersecurity is essential.
One such cybercrime warrior in armor is Sakthiswaran Rangaraju, Security Product Management Leader at Pure Storage. Rangaraju is a skilled leader in cybersecurity and product management who has aided Fortune 500 firms in enhancing their cybersecurity posture, enhancing customer happiness, complying with regulations, and gaining a competitive edge while minimizing risks. In terms of cybersecurity, data privacy, risk management, internal audit, and compliance, he has more than 17 years of combined expertise. At Pure Storage, Rangaraju is currently in charge of the Security product management.
Rangaraju also currently serves as the President at the Institute of Internal Auditors, San Jose, California which has around ~700 members in Silicon Valley, IIA is an international professional association for the internal auditors. He also serves as secretary on Cyber Venture, another non-profit that brings venture capitalists, entrepreneurs and cybersecurity professionals together to solve complex cybersecurity challenges. He has also served as Board of Director at ISACA (formerly Information Systems Audit and Control Association) Silicon Valley chapter from 2018-2022. Rangaraju has received multiple awards for his contributions at the ISACA and the IIA. He has contributed to development of cybersecurity standards, frameworks and publications at ISACA, as well as serving as lead auditor on ISO27001 for NIST (The National Institute of Standards and Technology). He has also spoken at national conferences on topics such as Software supply chain risks, Open-source security, Privacy by design and Product security topics.
In a candid conversation with CIO News Rangaraju shared how the inception of his cybersecurity journey, “I have been fascinated by technology since my high school days. I started learning programming languages and built websites and apps during my spare time. After completing Engineering in Computer Science I joined Sify and later I joined PriceWaterhouseCoopers (PwC) and helped clients improve their security posture. I have been in the Cybersecurity space for more than 16 years.”
Today cybersecurity has become a must for businesses as they rely on technology to run their operations, which have grown more complicated as big data, the cloud, and other technologies have proliferated.
He added “Companies are going through digital transformation to embed technology across business for agility, speed and improved value to their customers. Unfortunately, this also increases the cyber threats from bad actors including cybercriminals, hacking groups, nation state actors etc.”
He shared that due to this, malicious actors are more likely to target sensitive information like financial data, intellectual property, or personal information in order to profit financially or to interfere with corporate operations. Equifax, Yahoo, Target, and other well-known companies have all experienced high profile cybersecurity incidents. Cyberattacks can be costly and irreparably harm a company’s reputation. Even smaller businesses including schools, hospitals, and small businesses are susceptible to these attacks, with ransomware attacks leading to data loss and harm to reputation.
Since cyber threats and attacks have become a global concern, enterprise board of directors are more concerned about cybersecurity than ever before, and expect executive leadership and internal audit to report on top risks. They are also interested in how these risks are managed, including preparedness to security incidents and business continuity plans.
Rangaraju explained, “Cybersecurity is no longer optional for companies. Most customers are only interested in procuring products or services from companies that take cybersecurity and privacy seriously. Enterprise customers conduct vendor assessments to evaluate the security posture covering aspects like identity and access management, vulnerability management, data security, encryption, business continuity plans etc. Further, customers are demanding security certifications such as ISO27001, SOC2, PCI-DSS, HIPAA, FedRAMP etc.
Secure products and services build trust and delight customers. Customers are often willing to pay a premium for security. Designing security in your products or services puts you in a unique and advantageous position to differentiate yourself from your competitors while reducing your cybersecurity risks. It is a win-win.”
To secure the businesses and maintain the security system irrespective of scale of business, Rangaraju advised that one should “Start with a cybersecurity gap assessment using a framework such as NIST to understand your current security posture and security gaps for remediation. Understand your nature of products/services, what information you collect, intellectual property and assets, and customer expectations. Consider publishing your security posture, privacy policy and compliance certifications on your website. Conduct an annual assessment of your security posture to ensure your controls are operating as intended. This should help you to start your security journey and reduce cyber risks,” he opined.
Also read: Ransomware attacks and its preventions
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics
