Keeping in mind the cybersecurity enthusiasts, a guest lecture was arranged on 16th December 2020 where the speaker talked about ‘Cybersecurity Evolution and GTM Models’. The speaker Mr. Srinivas Mukkamala is the Co-founder and CEO of RiskSense Inc., USA. Apart from having worked at ISRO as an Engineer, he has over 15 years of experience in researching and developing security technologies. He has also worked on Malware Analytics, Breach Exposure Management, Web Application Security, and Enterprise Risk Protection. He was one of the lead researchers for Computational Agents of Cyber Terrorism against the US.
Mr. Mukkamala began the lecture with a quote from Mark Andreessen that says ‘Software is eating the world, in all sectors’. He stressed the fact that for every software company, less than 3% of the annual expenses go on physical infrastructure whereas 97% of the annual expense goes on people and software development. This means that we should worry about how data should be managed and run. After all, the companies with the most data are the richest. He also put forth an analogy i.e. if data is the new oil, then leaks are the new spill. He went on to explain how misinformation, data leaks, and breaches are causing havoc.
The speaker moved on to introduce the software movement in numbers. He said that there are 100 million repositories on GitHub, 40 million developers worldwide, and 2 million organizations. With such big numbers, the chances of attacks are greater. If the software is not built right, attackers can take advantage of it. The speaker showed a few news headlines which indicated that important people like CEOs and Senior Management Executives were either fired, forced to resign, or fined when a massive breach or attack took place. He also spoke about various ransomware attacks on healthcare companies/hospitals. He highlighted that patients have been denied healthcare which caused deaths since the doctors could not access the patient information due to the system shut-down.
Mr. Mukkamala said that over 7000 data breaches were reported in the year 2019 and that IT companies were the most attacked. He also said that cybersecurity mentions have peaked since 2016. The three main causes of security issues are misconfigurations, missing patches, and coding errors. He added that software is the no. 1 attack vector that leads to data breaches. He also decoded the attack genome and elaborated on the 6 steps of Risk Prioritization. He also showed the anatomy of WannaCry ransomware.
Later on, Mr. Mukkamala spoke about his organization’s vulnerability intelligence steps and its processes. He then listed out the approach RiskSense has taken for cybersecurity. He also mentioned his Security Team’s North Start and its data-defined, data-driven approach. He later on named the Application Security Tools necessary for the security. In the final lap, he explained how to initiate a continuous cyber risk management program. He also took the audience through ongoing security assessment and penetration testing. Later on, he explained how to build the SaaS go-to marketing strategy.
The lecture ended with a Question-&-Answer session wherein the speaker answered all the questions of the students in greater detail. All things considered, it was an educational session and the students could enhance their knowledge through it.