Why cyber education needs a mobile-centric approach

19 Mar 2021

Image: Safe Security

Safe Security’s Vidit Baxi talks about recent trends in the cybersecurity industry and why infosec education needs a refresh.

Vidit Baxi is the co-founder and chief information security officer at Safe Security, a cybersecurity and digital business risk company.

In his role, Baxi leads Safe Security’s customer success efforts globally, supervises multiple product functions, and ensures the organisation follows the necessary cybersecurity guidelines and compliances. He has been featured in Fortune India’s 40 under 40 list twice.

‘Conventional point-in-time solutions are no longer sufficient to secure businesses at a time when cyberattacks are getting more sophisticated’

Describe your responsibilities in driving tech strategy.

Being a cybersecurity product company, we are extremely focused on ensuring the security of our product SAFE (Security Assessment Framework for an Enterprise) and strengthening its underlying IT ecosystem. I play a central role in enabling this and ensuring that we are adopting the right technologies to accelerate product delivery.

How big is your team?

Safe Security has more than 210 employees, 90pc of whom contribute to product engineering and support. Personally, I lead a team of more than 60 people across the various business functions I lead.

What are your thoughts on digital transformation and how are you addressing it?

Disruptive technologies are constantly entering the workplace, and as organisations continue to base their business models on technology, digital transformation becomes a necessity.

The pace of digital transformation has been further accelerated by the Covid-19 pandemic, but it has also resulted in countless unaddressed entry points for hackers to exploit. The conversation needs to shift to secure digital transformation and it is extremely pertinent to today’s business scenario.

At Safe Security, we adopted technology in our core business functions from our first day of operations. This significantly helped us eradicate multiple challenges that other companies faced during the pandemic, like drive our business, continue employee engagement and drive our projects further in the pipeline despite the mandated lockdown and restrictions.

On the cybersecurity front, we rely on our own product SAFE to keep us secure. It enables us to predict cyber breaches through vulnerabilities in each line of business, cloud instances, employees, applications, data centres, devices, IP addresses, ‘crown jewels’ and more. In essence, it helps us better manage cyber risk across people, processes, technology and third-party.

What big tech trends do you believe are changing the world and your industry specifically?

Artificial intelligence, machine learning, data science and big data analytics continue to be the big buzz words in the industry. These technologies have been around for years now, but today businesses are using them in much more advanced ways.

Especially in cybersecurity, there are multiple use cases and applications.

While piecemeal solutions have been around for decades, businesses are now looking for more data-driven and comprehensive solutions that are not just real-time and unified, but also devoid of the usual subjective jargon that has traditionally clouded cybersecurity.

Conventional point-in-time solutions are no longer sufficient to secure businesses at a time when cyberattacks are getting more sophisticated. The need in our industry is to shift towards a real-time, proactive and predictive approach.

In terms of security, what are your thoughts on how we can better protect data?

With incidents such as the Cambridge Analytica event becoming global news, the onus is shifting from big corporations and governments keeping data safely to consumers sharing access to their data responsibly. End users should be aware of what and where their sensitive information is and understand the consequences of data breaches.

However, for a mobile-first generation, traditional desktop-based cybersecurity training and awareness doesn’t help. This needs a significant change as we progress into 2021 and beyond. There needs to be a mobile-centric approach to individual cyber education.

It should not only inform users of when and where data is leaked, but also teach them how to prevent being exploited through data breaches, refresh their awareness around digital platforms and social media security, and take them through steps they can take to harden the security configuration of their devices. We all need to work towards re-engineering our cyber consciousness to be safe in the digital era.

That said, from the enterprise point of view, those end users are also employees, and since most hacks happen as a result of human error, the people handling business data need to embrace the big shift towards a more informed cyber presence.

Enterprises should be prepared for holistic change in their cybersecurity strategy to view from top down, exactly who and where vulnerabilities stem from. Such practices will encourage transparency and bring security teams, customers, boards and other stakeholders together on the same page.

Want stories like this and more direct to your inbox? Sign up for Tech Trends, Silicon Republic’s weekly digest of need-to-know tech news.