Interview with Avinash Advani, Founder and CEO at CyberKnight


Share

CyberKnight Technologies is a new venture in the Cyber-security area, our readers would like to know about your expertise and tailor-made solutions against cyber-threats.

Yes, CyberKnight is a relatively new venture on paper, but it is important to note that we are not new to the cybersecurity domain. In fact, the CyberKnight team come from a strong cybersecurity background, with each member having many years of experience in the area. It is this expertise that led us to launch CyberKnight with a go-to-market strategy built around the best-of-breed framework introduced by Forrester: Zero Trust Security.

Implementing Zero Trust Security helps customers enhance their security posture, make their defenses more robust, simplify incident response, all while maintaining compliance. By becoming the first VAD to focus on Zero Trust Security, we architected our product portfolio keeping each of the seven Zero Trust Security micro-perimeters in mind: Data, Workloads, Devices, Networks, People, Visibility & Analytics, Automation & Orchestration.

For each of these micro-perimeters, we identified market leading vendor technologies and brought them into our portfolio to create tailor-made solutions like Unified Threat Intelligence, Incident Response & Threat Hunting, Information Protection, Endpoint Protection, Mobile Security, Anti-Phishing & Anti-Spoofing, Security Awareness & Training, Cyber Exposure & Adversary Simulation, Remote Workforce & Security Operations.

With the kind of data explosion we are experiencing with time, businesses are more vulnerable and intrusions are quite common. What solutions would help them eradicate or keep threats at bay?

Yes, the data explosion created by digital transformation is moving the traditional perimeter and extending the attack surface. This requires intelligent security for complex hybrid environments in order to eliminate security gaps. Implementing a Zero Trust Security framework enables a mobile workforce, as well as, cloud adoption. It also protects data accessed by users, devices, applications no matter where they are located.

With our dependence increasing on mobile devices and mobile apps in this digital age, what solutions are available for screening or securing devices?

There are two fundamental elements of mobile security that need to be considered:

  1. Mobile Threat Defense
  2. Mobile App Security

The same way that customers are prioritizing EDR (endpoint detection & response) and EPP (endpoint protection & prevention) technologies for their endpoints to secure against zero-day attacks, mobile threat defense (MTD) is essential for users’ mobile devices to secure mobile endpoints from zero-day attacks. There are many attack paths on a mobile device that attackers are leveraging, and any user that has access to corporate email, corporate apps or corporate Wi-Fi with their mobile devices is a potential target.

Simultaneously, it is also critical to protect the company’s mobile apps, as well as, the corresponding backend servers. The apps are developed by an organization for its customers and/or its employees, but zero-day attacks can breach an app and thereby the backend servers, which in turn could lead to compromise of devices accessing the apps, or even lateral movement into the corporate perimeter.

How do you see the current cybersecurity distribution industry in the middle east and upcoming trends?

Cybersecurity distribution in the Middle East is a unique space to operate as it requires value to be added to vendors, partners and customers simultaneously. There are several distribution players in the market, but it is fragmented because some distributors work well with vendors, others with partners, and others with customers, but very few can add value across the chain. Over time this may lead to consolidation or even market exits.

Furthermore, as cybersecurity vendors move fully to SaaS and cloud offerings, traditional distribution models will no longer be enough. It will be essential to evolve in order to remain relevant by focusing on being an extension of the vendor team on-the-ground, empowerment of partners using differentiated solutions, and building advisory practices for customers that keep a finger on the pulse of the cybersecurity industry.

In the current global scenario where maximum workforce is working remotely, security risks can increase quite a bit. What preventive measures can be taken by organizations to stay away from the red zone?

We have a tailored solution for these unprecedented times called Zero Trust Remote Workforce. As COVID-19 does not have a cure yet (as of the date of this writing) like cyberattacks, these preventative measures are crucial:

  • Mobile Device Management & Security: Ensure continuous visibility and control over mobile devices to facilitate a zero-trust based and adaptive secure access to back end applications, services and content, residing in your data centers. Protect the mobile devices of your workforce with ML-based on device protection
  • Desktop Management & Security: Ensure continuous visibility about remote devices, installed applications, and potential vulnerability exposures. Leveraging next gen ML based detection and response capabilities, to protect against the most targeted and advanced attacks around the clock
  • Secure Data Security & Collaboration: Encrypt your sensitive data at rest and in motion and enable secure collaboration of your sensitive information upon your distributed workforce in a secure manner, based on an identity driven-, lease privilege- Zero Trust data access control
  • Remote Browser Isolation: Enable internet access to remote users by adopting remote browser isolation technology, that isolates remote users from interacting directly with the internet, and reduce browser exploitations and spear phishing attacks
  • Phishing Awareness & Protection: Email fraud is commonplace so automation of spoofing and phishing protection for remote employees and partners should be put in place. Simultaneously the remote workforce should be empowered to stop phishing attacks with the appropriate cyber-security awareness and training.

Leave a reply