VentureBeat Q&A: How Airgap CEO Ritesh Agrawal created an innovative cybersecurity startup

VentureBeat sat down (nearly) final week with Ritesh Agrawal, CEO and cofounder of Airgap Networks, to realize insights into how he and his staff are creating one of the crucial progressive startups within the cybersecurity business.

Agrawal leads a staff of consultants who’ve constructed profitable infrastructure merchandise for the service, industrial and enterprise sectors. He has over 20 years of expertise in networking, safety and cloud options. Underneath Agrawal’s management Airgap Networks has achieved a number of milestones, together with profitable three prestigious World InfoSec Awards on the RSA Convention in 2023.

The next is an edited excerpt from VentureBeat’s interview with Ritesh Agrawal: 

VentureBeat: Are you able to inform us about your background and the way you bought concerned within the cybersecurity business?  

Ritesh Agrawal: I’ve a background main the Juniper Community Safety enterprise, the place I primarily centered on Telcos and enormous enterprises. I acknowledged the business was dropping the cybersecurity battle, with safety infrastructure spend rising every year, but breaches and damages persevering with to rise. Realizing the necessity for a extra sustainable answer, I noticed a possibility to use VC-led innovation to the business.

And that all the time begins with a transformational structure, not only a new function set. We noticed the effectiveness of the cell/telco structure in stopping malware from spreading chilly even when a tool is contaminated and at a fraction of the price of enterprise choices. The identify “Airgap” comes from our ambition to supply this similar degree of good isolation, safety and cost-effectiveness for all enterprises throughout IT and OT.

VB: As CEO of Airgap, what insights have you ever discovered in regards to the cybersecurity business? 

Agrawal: First, the risk panorama is extremely dynamic, so solely the nimblest organizations will adapt and thrive. This is the reason you see so many profitable startups in cybersecurity — it’s laborious for bigger organizations to innovate as quick as attackers can, and clients can’t afford to fall behind.

For instance, Airgap has six important patents with extra [pending] approval, and we simply received three main innovation awards at RSAC, as our clients depend on us to maintain them forward of adjustments within the risk panorama.

Second, to intention excessive. This can be a busy house with plenty of competing options, so incremental innovation and have sprucing aren’t going to displace any incumbents. I’ve all the time believed that as a startup you need to ship a completely new structure, not only a product, otherwise you shouldn’t launch.

Lastly, to attempt to internalize that each community safety staff is basically stretched on time and price range proper now. They want fast, simple wins that don’t require new abilities. Simplification and speedy time-to-value is a enterprise gamechanger. Don’t automate advanced safety processes — eradicate them with a greater structure. At Airgap, for instance, we didn’t merely make conventional community segmentation plumbing “simpler,” it’s simply gone.

VB: How do you see the risk panorama evolving over the following a number of years?

Agrawal: Assaults are about to change into much more refined. For instance, social engineering assaults utilizing a mixture of AI and the wealth of on-line details about us and our employers will punish networks that lack robust authentication and identification controls.

State actors and crime-as-a-service are doubtless going to play a bigger position, and meaning extra assaults that aren’t about ransomware however as an alternative trigger important harm to core networks and property.

It’s half of a bigger pattern that I consider alerts the top of perimeter-based safety considering, and in some ways the top of the getting older core community structure itself. And why clients akin to Flex, Tillys and Kingston Applied sciences are actively adopting Airgap as their defensible structure for business-critical infrastructure.

VB: What ought to cybersecurity leaders do to get forward of this curve?  

Agrawal: First, acknowledge the necessity to prioritize defending business-critical networks, property and identities with a defensible community structure. Everybody has their very own distinctive “crown jewels.” They drive the enterprise and operational processes that should keep secured, even when breaches are occurring elsewhere within the community. And that’s Airgap.

Perimeter-based firewall structure isn’t sufficient, and I’m blissful to debate any firewall vendor on this. Everyone seems to be spending extra and getting breached extra; that’s not what profitable seems to be like.

Second, aggressively drive belief and assault floor out of your community. Set up zero-trust segmentation between your business-critical infrastructure and your customary company IT community, in addition to for all units inside shared networks, to verify threats can’t unfold. And shut the hole between identification and endpoint safety with a devoted safe entry answer, as conventional VPN options don’t eradicate the legacy trusted connections that attackers know the best way to breach.

And you may’t safe what you don’t find out about or can’t discover, so leverage network-centric asset discovery and intelligence like Airgap that’s designed for low latency and no community congestion.

And third, prioritize cybersecurity options that don’t require coronary heart surgical procedure to your working community. Apply this litmus check to each safety answer vendor: Inform me what adjustments to my community, tech stack or infrastructure do I’ve to make? How a lot coaching do I would like? How lengthy will it take? Airgap deploys in hours, which is nice for time-to-value, however extra importantly it does this as a result of the contact to the working community is so mild. Any answer that forces tools upgrades, community readdressing, ACL/NAC adjustments or community downtime longer than a couple of microseconds ought to severely be averted.

VB: Why are OT networks a selected focus for attackers, and what particular precautions ought to OT community house owners take?

Agrawal: OT networks weren’t initially designed for safety, however as an alternative for pace and scale. OT networks have lengthy life cycles, are patched sometimes, and are considerably accessed by suppliers and distant assist technicians. They usually have approach too many units sharing the identical community phase. They’re full of previous Home windows servers and headless units, so all of the agent-based options designed for company IT networks simply plain don’t work. It’s like a safety Swiss cheese however for a lot of OT networks it may be extra holes than cheese.

The very very first thing I like to recommend for OT community house owners is to create a devoted layer of visibility and management (we name it an Airgap) between your company IT community and your core/OT community. The Airgap Zero Belief Firewall, or ZTFW, prevents any threats from spreading from IT down into the core community, and vice versa, in order that security of operations might be maintained even when greater community layers are compromised.

Airgap ZTFW depends on three important capabilities to securing this devoted layer. The primary is agentless segmentation, as a result of previous Home windows servers and headless machines are widespread. The second is safe entry with full MFA (multifactor authentication) on your distant engineers and technicians, as a result of VPNs belief approach an excessive amount of. And the third is network-based asset intelligence with correct, real-time stock, as a result of OT networks are very dynamic.

VB: As soon as an enterprise totally segments and secures entry to its community, how does asset intelligence assist hold it secure?

Agrawal: Staying safe and in compliance on Day 2 and past is a significant downside going through the business. Earlier than Airgap started delivering same-day segmentation, enterprises would put in six months or extra of laborious work to stock and phase their community, solely to look at it begin to unravel once more the very subsequent day.

First, take into account that actual networks are extremely dynamic. Whether or not the adjustments are from acquisitions, new campuses, refreshes or simply cell tools transferring between flooring, most enterprises haven’t any clear thought what they’ve or the place it’s. All the things begins with real-time accuracy, and meaning the community. 

Prioritize options that leverage community context and community habits evaluation whereas guaranteeing low latency and no community congestion, which have been key design targets for Airgap with our ZTFW. Insist on having programs that may present full visibility of each site visitors circulate, together with lateral flows. Don’t accept programs which have intensive packet inspection and polling, as they will simply congest overloaded networks.

VB: Airgap simply introduced ThreatGPT, a ChatGPT integration with the Airgap Zero Belief Firewall. What does this do for patrons, and the place do you assume AI-assisted cybersecurity goes?

Agrawal: We’re tremendous enthusiastic about ThreatGPT. As a result of we set up full microsegmentation, we’ve a wealth of details about the community, property and site visitors historical past accessible. As a result of ThreatGPT is totally built-in into the core of the ZTFW structure, you need to use all accessible knowledge to coach the fashions, and I consider we’re first to market with this.

ThreatGPT, based mostly on the GPT-3.5 structure, provides clients the data-mining intelligence of AI coupled with a straightforward, pure language interface. It’s fairly jaw-dropping; it should ferret out dangers wherever in your community by simply typing in easy questions.

For the long run, I see AI extra as driving human productiveness and never as an alternative choice to human intelligence. I’m happy Airgap is main the market right here — it’s a game-changer when it comes to threat administration.