“Human Firewall” is the first step towards organizational security

Vivek Srivastava, Country Manager for India & SAARC at Fortinet, highlights the critical importance of cybersecurity and the potential of AI to counter AI threats. He emphasized the need for a cybersecurity-aware culture and robust cybersecurity governance.

Vivek Srivastatva,
Country Manager, India & SAARC, Fortinet

As the world rapidly advances towards AI, industry experts are voicing concerns about its impact on enterprise security. Fortinet, a leading cybersecurity company, is continuously collaborating with brands like IBM and Samsung to offer innovative services such as firewalls, endpoint security, and intrusion detection systems. 

In a recent conversation with CIO&Leader, Vivek Srivastava, Country Manager for India & SAARC at Fortinet, highlighted the critical importance of cybersecurity and the potential of AI to counter AI threats. He emphasized the need for a cybersecurity-aware culture and robust cybersecurity governance.

Vivek Srivastava, with 23 years of experience in technology and cybersecurity, has successfully scaled start-ups and small businesses to multi-million-dollar enterprises, managing businesses over $50 million. Having led numerous significant projects for enterprises, service providers, and government entities in India and the SAARC region, Vivek believes cybersecurity is essential for the survival and success of digital enterprises.

CIO&Leader: Could you elaborate on the role of artificial intelligence (AI) in enhancing cybersecurity measures across various sectors? How is AI being leveraged to mitigate cyber threats effectively?

Vivek Srivastava: Artificial intelligence is playing an increasingly critical role in enhancing cybersecurity across various sectors by enabling more sophisticated threat detection and response mechanisms. AI algorithms excel at analyzing vast datasets in real-time, which allows for the rapid and accurate detection of potential threats. This capability extends to intelligent monitoring, where AI automates the observation of system logs and network traffic, proactively identifying any anomalies that may indicate a breach. Moreover, AI leverages predictive analytics to utilize historical data in predicting and preventing potential security incidents before they occur. Its capacity for automated responses not only provides immediate alerts but also suggests remediation strategies, thereby optimizing incident management.

At Fortinet, we harness AI’s potential to revolutionize cybersecurity. We’ve developed over 40 AI-powered solutions that enhance our ability to identify and neutralize threats swiftly—from taking days to less than an hour. Our AI-driven systems conduct context-aware analysis and offer targeted remediation guidance, which markedly reduces investigation and response times. This advanced technology supports security operations teams in achieving faster detection and responses, enhancing their overall security posture.

As we move forward into 2024 and beyond, AI’s role in cybersecurity is set to become even more transformative, particularly in the integration within physical security systems. Expect AI to drive proactive threat detection, intelligent monitoring, and adaptive security responses, with Fortinet leading the way in these innovations.

CIO&Leader: Addressing human error is crucial in minimizing cybersecurity risks. From your perspective, what strategies or best practices can organizations adopt to reduce instances of human error in cybersecurity?

Vivek Srivastava: Addressing human error is a pivotal aspect of minimizing cybersecurity risks, as anyone within an organization can inadvertently become a vector for cyber threats. Whether it’s through falling prey to phishing or social engineering attacks, misconfiguring systems, failing to apply security patches, or introducing vulnerabilities in code, the human factor often plays a critical role in security breaches.

Our research at Fortinet, detailed in the 2023 Security Awareness and Training report, underscores this point. It revealed that 81% of organizations experienced malware, phishing, and password attacks last year that specifically targeted individual users. Moreover, over 90% of

leaders agree that enhancing cybersecurity awareness among employees significantly contributes to reducing attack incidences. Regular and comprehensive training on common cyber threats and adversary tactics is crucial to construct a robust “human firewall” that can prevent initial breaches.

Cultivating a cybersecurity-aware culture within an organization requires time and commitment at every level. By ensuring that all employees are actively involved and aware of their roles in safeguarding the organization, we can foster a proactive approach to risk mitigation and incident response. Effective training empowers employees to take action against potential threats, thereby enhancing the organization’s overall cyber resilience and establishing a solid first line of defense against cyberattacks.

CIO&Leader: What is your evaluation of the present status of cybersecurity legislation and regulation, and how effective do you find it in responding to the dynamic challenges posed by the evolving cyber threat landscape?

Vivek Srivastava: The laws governing cybersecurity must be designed to be proportional to the threats, reflecting the growing concerns around cyber risks. Laws like the Data Protection Bill and breach disclosure mandates have made it evident that cybersecurity transcends IT and touches on broader organizational accountability.

With regulators intensifying compliance demands, it’s imperative for organizations to implement robust cyber-risk and cybersecurity governance frameworks. This responsibility extends to the board level, where there is a crucial need to understand and monitor potential cyber threats that could impact the organization. It’s essential for those in governance roles to ensure that comprehensive strategies, policies, and procedures are in place to effectively mitigate these risks.

Moreover, there must be a robust incident response plan ready to activate in the event of a security breach, aimed at minimizing the impact. Additionally, organizations are required to maintain systems capable of detecting, investigating, and eradicating any intrusions, ensuring adherence to contractual, legal, and regulatory obligations. This comprehensive approach is critical in responding to the dynamic challenges posed by the evolving cyber threat landscape.

CIO&Leader: Looking ahead, what emerging cyber threats do you foresee impacting organizations in the near future?

Vivek Srivastava: The increasing weaponization of generative AI by cybercriminals allows them to increase their attacks, from circumventing social engineering detection to replicating human behaviours more convincingly. Ransomware attacks remain prevalent, with adversaries utilizing sophisticated techniques like double extortion. They are targeting essential infrastructures and demanding substantial ransoms. Moreover, some ransomware campaigns are becoming more targeted and hands-on, allowing cybercriminals to customize their approach, avoid detection, and enhance the success of their operations. Advanced Persistent Threat (APT) groups are refining their tactics, techniques, and procedures (TTPs), often outpacing traditional security solutions that rely on outdated analytics.

Regarding Operational Technology (OT), threats are escalating beyond mere data encryption. Attackers are increasingly engaging in extortion-driven supply chain attacks, aiming to disrupt critical services and organizations. Additionally, the widespread adoption of Internet of Things (IoT) devices introduces significant vulnerabilities due to often insufficient security measures. These devices are becoming prime targets for exploitation.

CIO&Leader: In light of the rapidly evolving cybersecurity landscape, how do you perceive the current challenges and opportunities for enterprises?

Vivek Srivastava: As companies digitize and integrate their Information Technology (IT) and Operational Technology (OT) networks, the complexity of protecting these interconnected systems from cyberattacks increases. Additionally, the widespread adoption of hybrid work and proliferation of devices has led some organizations to lag in maintaining software and system patching, further expanding the attack surface.

To stay ahead of these cyber threats, enterprises must invest in advanced security technologies. Essential tools such as next-generation firewalls, intrusion detection and prevention systems, endpoint protection, and Security Information and Event Management (SIEM) solutions are crucial. However, their effectiveness hinges on their integration into a platform that enhances responsiveness, reduces vendor sprawl, and improves visibility and control through centralized management.

This holistic approach should also accommodate solutions like Secure Access Service Edge (SASE), which are critical for securing the expanding network edge and remote work environments. Moreover, the inclusion of Artificial Intelligence (AI) and Machine Learning (ML) within these platforms is essential to accelerate threat detection, analysis, and response across distributed networks.

CIO&Leader: What strategies and best practices do you recommend for protection against cyber threats?

Vivek Srivastava: To effectively combat cyber threats, adopting a strategic combination of detection, remediation, and automation is key. Investing in advanced detection technologies like Endpoint Detection and Response (EDR), Network Detection and Response (NDR), and User and Entity Behavior Analytics (UEBA) is crucial. Seamless Integration of security tools and systems is essential for a comprehensive view of the security landscape, enhancing detection and response capabilities. 

Continuous training is vital for reducing risks from phishing attacks and other cyber threats.

Proactive training has helped reduce such risks by 84% in some cases, highlighting the importance of ongoing education. Partnering with Managed Security Service Providers (MSSPs) offers additional expertise and ensures continuous monitoring, allowing internal teams to focus on strategic initiatives.

Share on