Divvya: Let’s set the stage by getting to know your professional backstory. Let’s begin with some general questions. Tell me about your professional journey as a technical leader and how it has shaped your career goals.
Mr. Marutheesh Babu: My career as a technical leader has been quite an odyssey and incredibly rewarding. I started on this road seven years ago after getting my degree in Information Technology. Though I took a hiatus from technology for five years during my early professional life, post the break, as I got back in the game, there was no looking back from making significant contributions to the industry. Since the inception of my tenure in this industry, I have seen both innovative developments in technology and the emergence of unheard cyber threats, especially during the pandemic.
Divvya: With seven years of industry experience under your belt, can you describe the typical growth trajectory for individuals in this field, both in terms of percentages and general progression?
Mr. Marutheesh Babu: Well, by 2025, India’s Cyber Security Market is projected to grow by $35 Billion, which means millions of jobs generated.
Let’s not forget that we are in the era of brilliant ‘Make In India’ startups delivering innovative technologies. Needless to say, these startups will create a demand for skilled professionals.
Divvya: In your experience, what are the pros and cons of being in a position of technical leadership?
Mr. Marutheesh Babu: Great question! Well, as you may already know, the rise of India’s technology sector has created a wealth of chances for the country’s technical elite to contribute to ground-breaking research and development. It’s not exactly possible to list down all the pros and cons, however, I’m going to share a broad overview:
Here are some Pros:
- Thriving Tech Industry: India’s tech sector is booming, creating several openings for highly skilled professionals to contribute to innovative projects and research.
- Talent Pool: India’s enormous technical talent pool allows technical leaders and businesses to develop diverse and capable teams.
- Global Recognition: Indian technology leaders have achieved a global reputation for their expertise, providing prospects for international collaboration and career progression.
- Cost Efficiency: Our affordable cost structure makes it a popular outsourcing and solution destination, giving technical leaders and executives a competitive edge.
A few of the cons or challenges from my perspective would be:
- Intense Competition: India’s tech business is highly competitive, with many qualified professionals competing for top positions, making it challenging to stand out.
- Talent Retention: Indian leaders struggle to retain top technical talent due to increasing demand.
- Regulatory Environment: Adapting to changing regulations and policies can pose challenges for technical leaders, requiring them to stay updated and compliant.
Divvya: In your opinion, does the security of Operational Technology (OT) systems present any unique difficulties from the perspective of technical leaders?
Mr. Marutheesh Babu: Indeed, the security of OT systems is not without its difficulties. One of the biggest obstacles in the OT world is the prevalence of outdated, often decade-old, legacy systems. There are integration and upkeep challenges with these older systems. However, introducing modern technology like Windows and Apple systems has helped us overcome these obstacles. Moreover, the automation of some systems has contributed to increased safety in the OT setting.
Divvya: According to you, how can businesses like yours guarantee the security of their OT systems while maintaining availability and reliability?
Mr. Marutheesh Babu: Our expertise in IT and OT security gives us an edge over our contemporaries. We can successfully deliver comprehensive solutions to address OT security challenges with a focused approach to providing complete visibility of the infrastructure. Let me give you an example. For instance, in a manufacturing setting such as the pharmaceutical business, we make sure that all the OT and data systems, as well as the IT systems, smart lighting, and smart camera systems, are visible to everyone. Our comprehensive solutions aid in the monitoring, detection, and tracking of OT devices, protocols, security flaws, and potential risks. A safe and trustworthy system is maintained by limiting access to devices both in the OT and IT spheres and only when they have been authorized to do so.
Divvya: Moving on to the next question, what are some of the key technologies and solutions used for securing OT environments?
Mr. Marutheesh Babu: We rely heavily on intrusion detection systems (IDSs), which play a pivotal role in the OT setting and are one of our core technologies. Since OT systems are so delicate, we place more emphasis on collecting and analyzing data than on preventing access to them. Our intrusion detection system is widely regarded as the best available. We also offer a simulator that can be used in both IT and OT settings to further tighten up security. Our products also include measures to safeguard data in transit over physical networks.
Divvya: Why is it important for organizations to prioritize OT security?
Mr. Marutheesh Babu: Due to the severity of the fallout from even a single OT security breach, businesses need to make this issue a top priority. Examples from history, such as the Mahabharata or World War I, show how quickly and dramatically events may change. A single breach in security can have far-reaching consequences for an organization. The widespread failure of an organization can be avoided through careful monitoring of events and the use of preventative measures to secure operations, data, and the environment.
Divvya: Could you explain the key components of a Security Operations Center (SOC), including SIEM, SOAR, NDR, and UEBA?
Mr. Marutheesh Babu: As we all know, a SOC combines people, processes, and technologies to provide proactive threat detection and incident response capabilities. Briefly stating, the key components of a SOC, including SIEM, SOAR, NDR, and UEBA are:
- SIEM analyzes event logs for potential security events, providing real-time insights and warnings.
- SOAR systems streamline security operations, automating processes and improving efficiency.
- NDR systems analyze real-time network traffic to detect and counter advanced threats, including breaches, exfiltration attempts, and lateral movement.
- UEBA detects abnormal behavior, identifies insider threats, and triggers alerts for potential security incidents using data analysis and machine learning.
But before incorporating sophisticated technologies, it’s important to establish the SOC’s major components. Firewall security prevents unauthorized access; thus, organizations must prioritize it. To protect the company’s internal network, laptops, workstations, and servers must be secured with the necessary security solution. Another important aspect is protecting company data, particularly email servers.
Divvya: What are some of the benefits of having a SOC, particularly in terms of improved threat detection and response times?
Mr. Marutheesh Babu: There are many upsides to implementing a SOC, however, the biggest deal is the improved ability to spot and counteract threats with enhanced threat detection and response capabilities. To monitor and respond to security incidents in real time, many organizations are installing SOCs to gain access to cutting-edge technologies and solutions. A human’s knowledge and intelligence are essential to the successful application of these solutions. The SOC team can proactively detect and eliminate threats by keeping a close eye on alerts and analyzing data from the infrastructure. Having a seamlessly operating SOC allows businesses to defend their data and infrastructure within minutes of discovering a danger.
Divvya: Tell us about some of the hurdles encountered by the technical teams while deploying a Security Operations Center (SOC).
Mr. Marutheesh Babu: You see, the greatest challenge resides in the procurement and maintenance of hardware. As you know, massive amounts of real-time data are generated by collecting and analyzing logs and data from numerous devices, therefore, consequently, acquiring and maintaining the essential hardware infrastructure presents a formidable obstacle.
In addition to this, assuring the availability of accurate and current conversion data is essential for security reasons. During the implementation of a SOC, these obstacles necessitate deliberation and cautious preparation.
