Ajay Gupta, Country Manager for SAARC at Netskope Discusses Cybersecurity as a Career, ZTNA, and Designing an Enterprise Browser for Full Visibility

We interviewed Ajay Gupta, Country Manager for SAARC at Netskope, who reflected on the start of his journey with the ‘dot-com bubble,’ and venturing into cyberspace which seemed like a high-growth industry.

Sharing his belief in AI being a cornerstone of modern security, Gupta referred to it as man’s best ally to combat emerging threats in the present and the future. Highlighting the zero-trust model, he addressed the principle of least privilege access to curb further damage in case an employee’s credentials are compromised.

He also explored the limitations of IT admins in enforcing least privilege access in the absence of comprehensive risk telemetry and enhanced visibility and offered solutions in doing so.

Read on to learn what Ajay Gupta shared about workplace trends regarding unmanaged devices and how important it is to inculcate healthy habits to cope with the cybersecurity workload.

1. Please walk us through your journey to cybersecurity. How has your career shaped over the years?

I started my career in the networking space. It was the peak of the dot-com bubble, and along with the rise of digital services, I could see the emergence of cybersecurity as an issue organisations with an online presence needed to start addressing seriously. 

I started aiming for a job in this field because I knew cybersecurity was only going to become more important in the future, and I thought it was an opportunity to combine a career in a high-growth industry, with some sense of purpose in helping organisations to fight actual cyber criminals.

After more than fifteen years in the industry, I took the decision to join Netskope back in 2018 as I thought they were bringing a new and interesting vision in the space, reimagining the way network and security should be architected to solve the perennial trade-offs between security and user experience.  

2. Considering the increased popularity and threat arising from Artificial Intelligence, what is your observation about integrating AI solutions to combat threats as compared to traditional methods?

AI is already a cornerstone of modern security, and some of the brightest minds in machine learning - including our own Netskope AI Labs - have been contributing to building powerful tools for more than a decade. It has helped to automate threat detection, and well-trained algorithms are now also operating in prevention and response. 

AI solutions in security are also supporting security operations centres (SOCs) in key areas such as network visibility and security, cloud security, and more, and from my perspective is our best ally to combat emerging threats now and in the future, including those involving AI itself. 

3. What is your observation about the use of different access management policies and frameworks in maintaining cloud security? How can policies be tailored based on digital identities and roles to improve security posture?

From my perspective, the most relevant access management framework is a zero-trust model. The idea is to restrict users’ access to only the company resources they need to do their work to follow the principle of least privilege, thus limiting attackers’ ability to navigate systems if they manage to steal an employee’s credentials.

Modern ZTNAs allow granular customisation of access policies for each digital identity, user or role, including for access to cloud applications.

The security benefits of zero trust models are significant, but there are also a lot of operational efficiencies to be found in the integrations and consolidation that zero trust projects involve.

Because zero trust is most effective when access decisions are continually reviewed based on a user’s activity, app, device, and network, a good zero-trust architecture pulls data from a range of sources and this is why a zero-trust approach is also leading to vendor consolidation and the adoption of platforms. Vendor consolidation and a platform approach bring significant cost and resource benefits, so there are wins to be found everywhere. 

4. Please elaborate on how Netskope reduces risk by decoding cloud, genAI, and SaaS user and entity activity via the context-aware Zero-Trust Engine.

Without enhanced visibility across a number of context-specific variables, IT admins are severely restricted in effectively enforcing least privilege access. The Zero Trust Engine is a foundational component of the Netskope One platform, and it plays a pivotal role in gathering comprehensive risk telemetry and delivering contextual awareness to enable adaptive, least-privileged access to users, devices, applications, and data. 

Essentially it decodes and decrypts traffic in real-time and continuously gathers risk telemetry about users, devices, applications, and data, all without impacting the performance of the overall transaction. It then uses this wealth of information to deliver granular policy controls, minimising the likelihood of risk exposures, while ensuring a fast and reliable user experience.

So irrespective of the traffic’s destination, whether that is SaaS applications, genAI applications, or public cloud workloads, Netskope consumes this telemetry and defines the most relevant policies, taking into account the aforementioned context.

5. How is the Netskope One Enterprise Browser set to secure user data? What are its main benefits and features?

Enterprise Browser has been designed as an answer to the risks posed by the use of unmanaged devices in the workplace, the numbers of which continue to grow.

Workplace trends are evolving in a way that justifies the use of unmanaged devices, from employees who desire flexibility in using both their work and personal devices for work to allowing the growing cohort of temporary and fractional workers to use their own devices when they collaborate with different organisations.

The problem is that security teams do not have visibility and control over those devices, and we designed Enterprise Browser to fix this. 

In this day and age, most company systems, resources, and applications are accessible through internet browsers, which creates an opportunity to mirror an organisation’s security and data protection policies within this environment. We essentially created our own browser, with Netskope’s security embedded in it, that organisations can remotely deploy to any unmanaged device.

The idea is to funnel all activity and traffic related to the organisation, and all access to company systems and resources through this browser, over which security has full visibility and control. 

6. Cybersecurity requires professionals to remain hyperfocussed throughout the workday. Being a leader in cybersecurity, how do you refresh your mind and start afresh every day?

The cyber security industry certainly demands sharp focus and unwavering vigilance. While I’m not directly dealing with the level of pressure security teams directly fronting cyber threats may do, I do have a busy schedule as a business leader in the industry that requires some self-awareness and care to cope with the workload. 

Over the years, I have adopted some healthy habits. I do take time for regular mindful breaks throughout the day, stepping away from my desk, even if just for a short stroll or moment of deep breathing to clear the mental fog. 

I think habits outside of the workday are as important as those you develop at work, and something as simple as prioritising quality sleep can do wonders for mental sharpness. After a long day, we tend to extend our personal time late into the night, but a shorter evening after work and a better night's sleep in my opinion have more benefits. 

Finally, I think developing hobbies is really healthy, and if this is a physical activity, you can kill two birds with one stone, as it not only keeps you healthy, but also is the best remedy to quickly switching your mental focus to something else, and leaving a long and stressful day behind us. On a personal level, gardening and yoga are helping me achieve this.