Appeared in cioaxis.com | 9 May 2022 by Rajarshi Bhattacharyya, Chairman and Managing Director
Lack of skilled professionals in the cybersecurity space has to be addressed immediately if organisations have to ensure effective cyber-risk management practices, says Rajarshi Bhattacharyya, Chairman and Managing Director, PITG, in an interaction with CIO AXIS.
CIO AXIS: Share a brief about PITG and what are your service offerings?
Raj: PITG began its operations in September 2020, with an aim to enable organisations to accelerate their digital transformation journeys and become future ready. Operating around Infrastructure and Applications, our services include, Advisory and Consulting, Design and Implementation, Operations, Solution Architecting, Audit and, Support and Maintenance.
PITG offers best-in-class services and solutions to support businesses to achieve higher standards in Cybersecurity and AIOps (Artificial Intelligence in IT Operations Management).
Our organisation serves across industry verticals, such as Government and PSUs, BFSI, Telecom, Manufacturing, Media & Entertainment, Healthcare and Education.
Within three months of our operations, PITG was recognised by the Ministry of Commerce and Industry, Government of India as a Start Up company working in IT Services and Product Development. Today, the organisation is ISO 27001:2013 certified as well.
CIO AXIS: Who are the founders/CXOs and what are their roles in the organisation?
Raj: The Founding team members are Rajarshi Bhattacharyya, Co-Founder & Managing Director, Arindam Mitra, Co-Founder & CTO, P V Vaidyanathan Co-Founder & CEO. They have held leadership positions in established Global and National organisations besides Start-ups, and bring in their expertise to their roles at PITG.
Rajarshi, also known as ‘Raj’ is responsible for configuring and implementation of processes in addition to handling marketing and brand-building at the organisation.
Arindam is the technical pillar at PITG and responsible for Application and Product Development, besides Service Delivery. Currently, his focus areas are Cybersecurity (IAM, SIEM,SOAR,PAM, UEBA, XDR and NGFW) and AIOps.
Popularly known as PV in the industry, Vaidyanathan is responsible for Sales and Business Development functions.
CIO AXIS: Describe your organisation’s USP that provides an edge over your competitors?
Raj: PITG is a One-Stop-Shop for Cybersecurity. We have comprehensive Technology expertise in Cybersecurity and AIOps which make us a unique organisation providing services and solutions for Securing the New Business Reality. As an organisation, we provide Advisory, Implementation and Maintenance services.
We take pride in providing Accelerated Implementation and Integration along with Custom Development across Multiple OEMs. This enables organisations to accelerate their Cyber Resilience and secure the evolving business paradigm.
Our customer-centric approach is weaved into the fabric of the organisation across all business units. Our teams consistently work to deliver positive experiences across the entire customer life-cycle and beyond.
CIO AXIS: Which cyber security solutions are in demand across enterprises, today?
Raj: With cyber-threats increasing in frequency and sophistication, it can cause severe setbacks and damage to the organisations under attacks. It is crucial for both large enterprises as well as SMBs to implement appropriate cyber security solutions to combat threats and ensure business continuity.
Security Information and Event Management (SIEM) solution delivers high value by identifying and categorising incidents and events from different sources by analysing the activities. It delivers real-time visibility across the organisation’s IT infrastructure and security systems.
SOAR or Security Orchestration, Automation and Response is a technology stack designed to support organisations to streamline security operations in threat management, incident response and security operations automation.
Identity and Access Management (IAM) solutions help in creating, managing and deleting identities by providing role-based access. They control which user or entity gets access to what information based on least privilege and zero trust. Privilege Access Management (PAM) solutions or tools help businesses to ensure secure privilege access to critical assets and also in meeting compliance requirements by monitoring and managing privileged accounts and users.
User Entity Behaviour Analytics (UEBA) leverage Machine Learning (ML) to identify patterns in typical user behaviour to protect against external attacks as well as internal threats.
CIO AXIS: What are the current trends in cybersecurity across industries?
Raj: As organisations are taking the path of digital transformation to remain competitive, this process is also at the same time expanding the threat landscape. Businesses are striving to improve their security postures and there are many trends in cybersecurity across industries.
Cyberattacks are getting more frequent and sophisticated with cyber-criminals using AI (Artificial Intelligence), ML and other technologies to launch attacks. Security professionals are adopting mesh architecture which is based on the philosophy of the Zero-Trust Network, where each device is independently secured in its own perimeter.
AI-enabled security could become mandatory as they are able to detect small traces of attacks before any damage is created through pattern recognition and are cost-effective. AI systems provides information about new threats and strategies and their prevention as well.
Intelligent Automation, which is the integration of several sophisticated AI methodologies, ML and RPA (Robotic Process Automation), will gain more importance in the coming days.
As cybersecurity is becoming a business function, Identity Access Management (IAM) and Identity Governance and Administration (IGA) solutions will play key roles in the cybersecurity strategy.
Advanced SIEM, SOAR, UEBA and IAM solutions will increasingly become popular as businesses will be able to meet the growing demand for interoperable technology across digital ecosystems with them.
However, the lack of skilled professionals in the cybersecurity space has to be addressed immediately if organisations have to ensure effective cyber-risk management practices.
CIO AXIS: Next-Gen Security Operations Centre (SOC) is the future of Security Operations. What are the key elements of the Next-Gen SOC?
Raj: The unprecedented hybrid work models, rise in digital transformation and demand for multi-cloud architecture are driving organisations away from traditional SOCs. Legacy tools are fast getting replaced, like the legacy SIEM solution, which is unable to address the modern day sophisticated cyber-attacks, compelling organisations to opt for Next-Gen SIEM. These new age tools are able to collect, analyse and manage data from across sources – cloud, network and on-premise. Advanced SIEM tools have big-data architecture for scaling data and leverage advanced data-source algorithms.
Alert handling is powered by advanced tools that leverage AI/ML technologies to address the alert fatigue of SOC analysts.
Modern day SOCs have next-gen SIEM, open architecture with UEBA and SOAR capabilities. Processes are automated to improve threat intelligence operations and incident response.
CIO AXIS: Share details about your organisation’s growth plans over the next three years?
Raj: PITG aims to expand globally. We are in a continuous hiring process to provide services to the ever-increasing customer base. Going by the way the market is growing we expect to grow 3 times in terms of our revenue.
CIO AXIS: What does a successful cybersecurity program include and how are organisations benefiting from it?
Raj: Cybersecurity is today among the top business priorities as corporate leaders have begun to understand its importance.
Every organisation, should subscribe to ‘security first’ culture. An initial yet thorough assessment of the current state of security posture will help to address all security gaps. A strong security baseline should be established with critical assets identified.
Develop and implement a robust cybersecurity strategy and put a risk management plan in place. Ensure threats are detected and investigated regularly with continuous monitoring maintained. These services can be outsourced too.
It is important to ensure all plans and policies are in alignment with the organisation’s risk and compliance framework. All information about compliance standards and guidelines, such as disaster recovery, asset inventory, internet usage policy, network diagrams and incident logs, among others, have to be documented.
All team members in cybersecurity and other business units have to be provided with adequate, relevant and ongoing training to support continuous improvement.
Efficacy of the program has to be evaluated on a regular basis and updated with new measures put in place.
The stronger the cybersecurity program is, greater are the business benefits for the organisation. First and foremost, the brand image gets a boost, as a deeper customer trust is built. The cyber incidents will be reduced, leading to increase in speed to market and profitability.