‘If you had 5,000 employees, now you have to protect 5,000 offices’

29 Jan 2021

Juta Gurinaviciute. Image: NordVPN Teams

NordVPN Teams’ CTO Juta Gurinaviciute discusses how the pandemic and remote working have shifted the cybersecurity landscape.

Juta Gurinaviciute is an IT professional with more than 20 years of experience in cybersecurity and systems engineering. Currently, she is chief technology officer at NordVPN Teams, a cloud-based virtual private network service for businesses.

Prior to NordVPN she held senior system engineer positions at Telia Company and Barclays Bank. Here, she talks about how the cybersecurity landscape has changed in the last year and what CTOs need to focus on.

‘Instead of protecting the company perimeter, now the biggest headache is the protection of the end user’

Describe your role and your responsibilities in driving tech strategy.

As the chief technology officer at NordVPN Teams, I’m responsible for aligning our customers’ needs and product strategy in line with the most advanced innovations. Both threat landscape and cybersecurity are changing rapidly, so every CTO must think in terms of tomorrow. It’s no longer enough to face the challenges of today. It’s essential in my role to think about what the future brings and I’m trying to make sure it’s about the possibilities rather than the drawbacks.

Our product helps enterprises to set up a secure remote work environment, and with the pandemic of 2020 it has proven its worth. However, it seems that this new type of semi-remote workplace is here to stay, and we’re making efforts to make it even more protected and efficient.

Are you spearheading any major product or IT initiatives you can tell us about?

When companies worked only within a secured HQ office perimeter, all the network traffic was being inspected by a common security stack. This structure was not designed to support remote work, but today the requirements for corporate networks have changed dramatically. The majority of companies have moved to home offices, and instead of protecting the company perimeter, now the biggest headache is the protection of the end user.

With increasing remote workload, it is no longer sufficient to talk about ‘secure connection to the office’ with VPN encryption. We’re now speaking about making every remote workstation a part of the ‘office’, so if you had 5,000 employees, now you have 5,000 offices to take care of.

With split tunnelling, we ensure that employees use different network traffic for public browsing and corporate needs, and zero-trust network access helps enterprises to limit their users’ access to the corporate network for particular tasks and for a limited time only.

How big is your team?

NordVPN Teams consists of 90 people working with different aspects of our product. As we’re building the most up-to-date security products, we fully rely on them and do not outsource any operations.

The tech team consists of DevOps, site reliability engineering, R&D and quality assurance. Product development teams are somewhat in the middle. We work closely together with the sales, marketing and other teams to make our product recognised and easy to use.

What are your thoughts on digital transformation and how are you addressing it?

Digital transformation is often associated with big ideas, innovators and pioneer technologies. However, as the pandemic has shown, it’s the most apparent on an everyday level. The changes in digital are primarily the shifts in how people work, rest and communicate. Technology interplays with the needs of the people, and visionaries turn this interaction into progress.

The transformation is no longer in the hands of the CTOs, IT professionals and innovators – it is everyone’s interest, and digital literacy is a necessity, not a commodity. This rule applies to the whole company, as every department works with sensitive data, be it marketers, sales people or designers. They all need to know cybersecurity 101 and to practise it in their everyday operations.

What big tech trends do you believe are changing the world and your industry specifically?

With the exception of the pandemic, the world is becoming more dynamic and mobile. For enterprises, this means the decentralisation and de-perimeterisation of business processes, both in terms of workplace location and data administration. It increases reliance on cloud infrastructure, because employees have to securely access crucial data wherever they are.

Cybersecurity comes into play here, but the traditional methods might prove insufficient. Security service providers are moving towards a secure access service edge framework in order to enable quick cloud adoption and to provide both users and devices with secure connection to data, applications and services around the globe.

In terms of security, what are your thoughts on how we can better protect data?

I think it’s essential to think about security from the user’s perspective, instead of solely relying on technological advancements. Sure, with the advent of AI and its implementation, both threats and remedies will reach new heights, but human psychology adapts gradually. Even today, social engineering attacks are among the most common cyber threats, and there’s no other protection but awareness. To better protect data, companies have to nurture their cybersecurity culture.

Employees’ awareness strengthens the weakest links in the cybersecurity perimeter, as the technological side of the matter is constantly overseen by IT professionals.

Want stories like this and more direct to your inbox? Sign up for Tech Trends, Silicon Republic’s weekly digest of need-to-know tech news.