In our uncertain and turbulent world, cyberattacks on private businesses are sadly a common tactic of hostile foreign regimes as well as criminal gangs. Cyberattacks and ransomware have crippled large multinational organizations and even governments. What does every company need to do to protect itself from a cyberattack?
In this series called “5 Things Every American Business Leader Should Do To Shield Themselves From A Cyberattack” we are talking to cybersecurity experts and chief information security officers who can share insights from their experience, with all of us.
As a part of this series, I had the pleasure of interviewing Lalit Ahluwalia.
A passionate cyber security leader, Lalit Ahluwalia is the CEO for Americas and leads Inspira’s global cybersecurity practice. He has a professional track record of successfully establishing cybersecurity programs and helping clients become cyber resilient in the face of a constantly evolving cyber threat landscape. Under his leadership, Inspira leverages automation, AI/ML and innovative methods to bring tailored next gen cybersecurity solutions for Inspira’s clients.
Thank you so much for joining us in this interview series! Before we dig in, our readers would like to get to know you. Can you tell us a bit about how you grew up?
Mysister and I were born and raised in a small town in India. We were a highly academic family, as both of my parents were professors, so there was a lot of emphasis on school, college and the like. This led me to pursue a degree in engineering, although in my youth, I always had ambitions of bringing law and order to society — sort of like a police officer. We were a middle-class family, very simple living, and that instilled in me the value of hard work and the drive to make a difference in people’s lives. With my degree, I saw the opportunity in cybersecurity to follow my dream to protect others, in this case from threat actors and cybercriminals.
Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.
My inspiration for becoming a cybersecurity professional stemmed from my childhood. As I mentioned earlier, growing up I had dreams of becoming a police officer. The concept of becoming an authoritative investigator — solving complex issues and thwarting malice — always appealed to me. Naturally, these aspirations lead me to cybersecurity, where I can help organizations strategize methods to protect their critical data.
Can you share the most interesting story that happened to you since you began this fascinating career?
Well, throughout my career, I was blessed to be associated with some of the greatest talent in cybersecurity. Growing up in the era of the internet boom was a fascinating shift to witness. At the time, nobody really had a strong focus on cybersecurity because its purpose wasn’t really understood. This is where we really learned the overall data and business flows in order to apply security to the entire ecosystem. Understanding why businesses did what they did was key to solving issues, and that’s what resulted in complete end to end security — so that was a very transformative portion of my career. This led to some extremely exciting projects over the years, like securing Obamacare’s environment, which I was very proud to be involved with as well. There are hundreds of breaches and complex issues that all have their own interesting aspects but making meaningful connections and creating a family of experts in the field is one of the best parts of my experience.
Which three character traits do you think were most instrumental to your success? Can you please share a story or example for each?
- Cybersecurity is a passion, not a job: I always tell people you can’t be in this field without passion for it. Passion overrides talent any day — natural talent can be a great starting point, but passion is what causes growth, and it never fades. Cybersecurity is not a static environment, it’s a very dynamic environment, and you need to have that internal drive to continue to grow and adapt with it.
- The ability to curate and organize high-performing teams: To build and maintain a packaged cybersecurity solution for customers, a team of experts in multiple fields is paramount. Cybersecurity talent is spread thin, and the market is overcrowded with point solutions — which can make building a cybersecurity stack difficult for consumers. Having a keen eye for individuals and technologies that will integrate well in the ecosystem is an absolute must for being successful in this field, both for building the stack and creating a team to make sure the system functions properly.
- High energy and creative thinking: Energy is infectious — it either inspires others around you or brings down the crowd. Maintaining high energy boosts the confidence of your team, which is critical when tasked with extremely difficult situations. Going hand and hand with that is out-of-the-box thinking. Being competitive and figuring out how your service or product can differentiate to better serve the community is a key pillar for driving change.
Are you working on any exciting new projects now? How do you think that will help people?
Our team is about to launch the automated, continuous, real-time Security Risk Assessment platform (iSMART2 Digital CyberX-in-the-Box) that will truly make Security Risk Assessments very objective and actionable generating the measurable KPIs/KRIs. We also recently announced the launch of the iSMART2 Vulnerability Management-in-the-Box. The unified SaaS platform provides vulnerability scanning and identification, prioritization, auto remediation and validation with end-to-end visibility, governance and analytics to optimize and automate application security risk posture. The goal of the solution is to accelerate enterprise risk reduction allowing organizations of any size to achieve their cybersecurity maturity goals.
For the benefit of our readers, can you briefly tell our readers why you are an authority about the topic of cybersecurity?
I have over 22 years of professional track record of successfully establishing Cyber Security Programs and helping clients be secure in the face of constantly evolving cyber threat landscape. I have served as CISO for several organizations and have led the North America Security practice for Accenture, Global Cybersecurity practice at Wipro, and diverse portfolio of security initiatives for Deloitte and PwC.
I was awarded the 40 Under 40 by Business Journals and CIO-CTO — Excellence in Cyber Security award by Dallas Magazine for my contributions to the field. I am also an active member of Forbes Technology Council and an active speaker and contributor to different cybersecurity forums and conferences like NGA, NASCIO, healthcare and digital cyber summits helping clients understand and develop enterprise cyber risk programs.
Ok super. Thank you for all that. Let’s now shift to the main focus of our interview. In order to ensure that we are all on the same page let’s begin with some simple definitions. Can you tell our readers about the different forms of cyber attacks that we need to be cognizant of?
There are countless types and variations of malware out there, but several have increased in prevalence this year, including:
Ransomware: locks users out of their system until a fee is paid or threatens to wipe the system entirely.
Distributed Denial of Service (DDOS): A DDoS, or distributed denial-of-service, attack is an attempt by a cybercriminal to flood a server with traffic to overwhelm its infrastructure. This causes a site to slow to a crawl or even crash so legitimate traffic won’t be able to reach the site.
Spear Phishing: “Spear phishing” is a type of phishing campaign that targets a specific person or group and often will include information known to be of interest to the target, such as current events or financial documents.
Spyware: Watches users in the background, gathering sensitive information.
Trojans: Malware disguised as a legitimate program until activated by the user, allowing hackers to obtain sensitive information.
Wiper malware: Aims to cause harm/permanent destruction to the victim’s system, sometimes rendering them completely inoperable.
Insider Threat: Insider threats occur when someone misuses access to negatively impact the organization.
Who has to be most concerned about a cyber attack? Is it primarily businesses or even private individuals?
Inspira’s platform is geared towards businesses of all sizes. Cyber-attacks are non-discriminating in their targets. Private individuals, businesses and anyone with an internet connection is at risk. Individuals need to make sure that all systems on their network are sufficiently covered at all times.
Who should be called first after one is aware that they are the victim of a cyber attack? The local police? The FBI? A cybersecurity expert?
Notifying your cybersecurity management team immediately, whether that is the CISO/security manager for an internal SOC team or the platform that an individual uses, should be the first action. Depending on the severity and nature of the attack, the security professional will be able to provide guidance and remediation steps. The top priority should be bringing the attack to the attention of a trained security expert so that the issue can be resolved as quickly as possible.
What are the most common data security and cybersecurity mistakes you have seen companies make that make them vulnerable to ransomware attacks?
One of the most common mistakes organizations make is relying solely on the technology to come and do the magic for you. You might have the tools, but without the knowledge for implementation or maintenance, you’ll miss the whole process. The human component is equally, if not more, important in the equation. The other big miss we see is not understanding the basic concepts of what you’re implementing, and why. I learned this from my father at an early age — as a math professor, he would tell me there are plenty of books about mathematics — but to truly excel, you need to simplify them and understand the basic concepts. Too many companies continue to implement more and more technologies into their stack without fully understanding what issues they are trying to solve, why they are trying to solve them, or even if they are an issue in the first place. Take a step back, break down the business outcomes you are seeking to achieve, and figure out what you need from there. Lastly, the gap between business operations and IT needs to be bridged. Too many organizations are missing that link and working in their own silos. To properly build solutions, you need to attain complete visibility across the entire business.
What would you recommend for the government or for tech leaders to do to help limit the frequency and severity of these attacks?
Well, there are obviously endless things that can be done to improve security posture — but focusing on the fundamentals is the best way to mitigate risks. No organization will ever have 100% perfect security positioning, right? That said, building a strong environment starting at the basics is the best first step. Don’t get bogged down with all of the fancy technologies on the market — understand what matters most to the business, what is the ecosystem to begin with? Identify what you are trying to build and protect, or what your desired business outcome is. From there, you can begin to figure out which technologies make the most sense to implement. You’ll never see the return on complex technologies if you have holes at the base.
Ok, thank you. Here is the main question of our interview. What are the “5 Things Every American Business Leader Should Do To Shield Themselves From A Cyberattack” and why?
- Bridge the gap between IT/Security and Business for better prioritization of Cyber Threats.
Ex. Businesses need to coordinate with security leaders within the organization on adopting the solutions that manage business / IT risk and time saving measures available. Reducing dwell time and giving analysts the tools they need to quickly identify threats and have a granular view of network activity is paramount to prevent breaches.
- Ensure technologies in your stack are easily integrated with other applications within your network and provide complete coverage.
Ex. The market is filled with point solutions to address particular aspects of cybersecurity. Organizations looking to partner with several vendors need to verify that these solutions integrate well with the other technologies in the network and provide total coverage to prevent exposure.
- Find a security solution or partner that is scalable for the future.
Ex. The threat landscape is constantly growing and evolving, and hopefully, so is your business. Verify that the solutions implemented, and partners signed, have the capacity to grow and adapt to future needs.
- Close the cyber-skills gap by utilizing managed services or packaged solutions.
Ex. For SMBs and other businesses that lack the resources and personnel to properly manage cybersecurity, managed services and/or packaged solutions can have a huge impact on increasing protection. These take the load off of organizations by allowing experts to identify which technologies should be incorporated into the stack and provide teams to manage the solution.
- Have a plan, and practice it.
Ex. No entity is 100% immune from a cyber-attack. How will you respond? Do you know who to call? Do you have backups prepared in an offsite location/network? Can you rebuild the data? These are all questions that businesses need to prepare for in the event of a breach. Having a plan in place to mitigate damage and time spent remediating is essential to avoid huge losses.
If you could inspire a movement that would bring the most amount of good to the most amount of people, what would that be? You never know what your idea can trigger.
Simplifying the cybersecurity market to achieve business outcomes will lead to improved cybersecurity posture across the world. Everything is interconnected — from the individual all the way up to the largest enterprises. You may think now, why does a breach at company XYZ matter to me, right? Well, sooner or later, it’ll be the individuals who are affected by these outcomes. We’re moving to a world filled with self-driving cars, space tourism, remote monitoring of healthcare systems — the list goes on. We need to ensure that our ecosystem as a whole is in the best positioning possible across the board as we enter this interconnected phase of society. Let’s look at an example. You may have top-tier protection and capability at the enterprise level, right? Well, take into consideration the small businesses that are handling products and other processes for this organization that don’t have the same level of protection. When these funneling organizations get compromised, the enterprise as a whole gets impacted significantly — ultimately hurting the individuals who may work for or consume the offerings from the main enterprise. There needs to be a revolution across the board to improve cybersecurity, and it needs to happen now before threat actors can impact potentially life-threatening technologies of tomorrow.
How can our readers further follow your work online?
Stay tuned for the latest news and announcements from Inspira by visiting our website (https://www.inspiraenterprise.com) , and check out other industry news and company updates by following our social channels, Twitter and LinkedIn.
This was very inspiring and informative. Thank you so much for the time you spent with this interview!