Vectra is one of the biggest companies when it comes to AI-based network detection and response solution for cloud, Saas, data center, and enterprise infrastructure. They use AI to sort through the threats and protect people from cyberattacks.
Hitesh Sheth is the company's president and CEO, and he's been with Vectra from the start, helping build up the company and molding it to become what it is today. Before coming to Vectra, he worked at companies like Aruba Networks, Juniper Networks, Cisco, and Oracle.
Giving us insight into Vectra and its tools, the current threatscape, and the things we can do to keep personal and company data safe, Hitesh Sheth agreed to an interview with TechNadu. Continue reading to find out what he had to say.
TechNadu: Artificial Intelligence (AI) is part of most security solutions now. Vectra is well known in the industry for its use of AI. How exactly are you implementing AI in your tools?
Hitesh Sheth: At Vectra, we provide innovative AI-powered cybersecurity solutions to enterprises around the world. Vectra uses AI to hunt for hidden cyber threats that have defeated traditional security measures and are active inside enterprise networks and cloud computing environments.
The sheer volume and frequency of cyberattacks make it impossible for security analysts to use manual threat analysis to keep up with the rapidly changing threat landscape. AI innovations now make it possible to automate previously-manual security operations.
The benefits of automation that we provide are significant for security operations teams, and include:
TechNadu: Tell us more about Cognito and how it works?
Hitesh Sheth: Designed by a team of leading data scientists and threat researchers, the Cognito platform represents the rich, security-enriched data output of a holistic approach to security. The platform captures network metadata at scale, enriching it with machine learning-derived security information, and flexibly applying it across Cognito products.
Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream sends security-enriched metadata to data lakes and SIEMs. Cognito Recall is a cloud-based application to store and investigate threats in enriched metadata. Cognito Detect uses AI to reveal and prioritize hidden and unknown attackers at speed.
Vectra Cognito is agnostic of device, operating system and users, and can monitor any entity communicating across enterprise networks or in the cloud. We like to think of Vectra Cognito as a cybersecurity analyst in software.
TechNadu: You have a great life story, growing up in Kenya, receiving a Computer Science degree in Texas, and then moving up through the ranks at large tech companies such as Oracle and Cisco Systems. What attracted you to take on the CEO role at Vectra?
Hitesh Sheth: I wanted to build a security company from the ground up, where we would not only build a groundbreaking security platform that results in a great business but also build an enduring legacy of a great culture.
TechNadu: What is an achievement you're most proud of at Vectra? What about your career in the tech world?
Hitesh Sheth: The easy answer to the first question is our technology and how it is transforming security for our customers. But the better answer is the consistently high percentage of customers who renew with us. This ultimately is a reflection of our platform and our customer-first mindset. From a career standpoint, the answer is simple – starting and building Vectra into a market-leading security vendor.
TechNadu: Many people are working from home nowadays. What should employees and companies do to keep things safe?
Hitesh Sheth: Companies must strategically cultivate cyber resiliency in the face of mobile assets and mobile users, a porous perimeter, and protective controls that will fail silently without warning – they need visibility to detect and respond to adversaries before lasting damage has been done and also preserve the safety of their enterprise users, systems, and data. Traditionally, this visibility has focused on human threat hunters in corporate networks, but increasingly, it is important for companies to understand that the complete view of their network must include SaaS and cloud workloads, and must be conducted at a scale that requires AI-based capabilities to augment and enable their staff.
Modern security capabilities that emphasize visibility go a long way to improving safety – we all owe it to our employees and customers to be intentional about their safety and get this right.
TechNadu: Are we seeing more carelessness or more incidents due to employees working from home, perhaps using home devices?
Hitesh Sheth: Remote workers are farther removed from traditional enterprise security and less likely to be working in well-managed, secured environments even, as they’re more likely to be consuming SaaS and cloud services outside of the purview of traditional enterprise security visibility. Not only does that equate to being at greater risk of compromise, but, for many organizations, that compromise may go undetected. Home devices can factor into this, but more often, it’s simply that organizations have invested in protecting assets inside of a perimeter, and as that model becomes increasingly antiquated, the byproduct is increased risks.
Organizations don’t have to offer blanket acceptance of these risks, however – modern security strategies offer unified coverage of traditional, mobile, and cloud assets and give network defenders an opportunity to get ahead of attackers before it’s too late.
TechNadu: What does today’s threat map look like? Are things being complicated by the pandemic?
Hitesh Sheth: Increasingly, the threat map of today is one where adversaries combine both cloud and traditional attacks to progress towards their objectives, threading between targets that live within traditional corporate networks and targets that reside off-network, or in the cloud. The end result is that attacks progress wherever and however is most conducive to the objectives of an adversary.
This is a complicating factor of the pandemic, which has accelerated SaaS adoption and evicted traditional assets into remote workspaces. But we expect the trend to continue, irrespective of the pandemic, as it should – cloud adoption has proven to be immensely transformative and beneficial for the enterprise.
TechNadu: Many people are using VPNs as an extra layer of security. How efficient is this, and is this something you’d advise people to do if possible?
Hitesh Sheth:Â VPNs may offer security and a means to extend the life of traditional enterprise security controls by driving traffic back towards the corporate network but may do so at the expense of user experience, particularly when the applications used by remote staff are sensitive to performance and latency. Most forward-looking organizations are increasingly severing the VPN and adopting SaaS in conjunction with Zero-Trust Network Access methods and technologies.
This is an important shift because Zero-Trust reinforces one of our philosophies at Vectra – too much trust is given to assets that have access to networks whose preventative controls will fail, and organizations must build resiliency against those failures. The concepts of Zero-Trust are part of the solution to that problem.
TechNadu: What's the best security advice you have for people?
Hitesh Sheth: Assuming this is directed at people in the IT departments in the enterprise, I would tell them to protect their inside, where whatever that matters resides. This is no different than the human body. It’s astonishing how many people (including vendors) think that protecting the edge/perimeter is enough. It’s like thinking sunscreen is going to save your body.