CXO of the week: Pankit Desai, Cofounder and CEO, Sequretek

Sequretek, a Mumbai-based cyber security company, which was started in 2013 by Pankit Desai and Anand Naik has become the fastest-growing Indian cyber security company in the Country with offices in Gurgaon, Bengaluru, Mumbai, and US.

Pankit Desai and Anand Naik, both IT and cyber security industry seasoned professionals, who have worked in senior leadership roles in top IT companies, started Sequretek with an aim to provide enterprise clients with an end-to-end simplified cybersecurity platform. Their products designed on AI platforms are capable of reacting to threats in near real-time. The endpoint security product -- EDPR -- is designed with an AI backbone and comes with several features of endpoint security products rolled into one thus helping enterprises cut down costs and complexity from their cyber security framework.

Sequretek is known among the circles to use unconventional ways to detect security breaches, using AI to spot an attack from miles away and stop it before it can cause any real damage.

Pankit Desai, Co-founder & CEO of Sequretek, a Mumbai-based cyber security company was launched in 2013 with an aim to provide enterprise clients with an end-to-end cyber security platform. Pankit, a veteran of the IT industry, brings 20+ years of hardcore technology and leadership experience from the information technology industry to lead Sequretek. Prior to Sequretek, he was with Rolta as the President of Business Operations. He has also served in a senior leadership capacity with NTT Data Inc, Intelligroup, Wipro, and IBM India.

Recently we have engaged in an interview with Pankit Desai, Cofounder and CEO, Sequretek. He talked about his business operations and what are the plans for future expansion and much more.

Introduction - (A brief non-promotional profile)

Sequretekis a global cybersecurity company that works with a mission "to empower our customer’s growth without fear as their trusted partner by simplifying security".

Sequretek’s AI-powered Percept Cloud Security Platform (CSP) based on the 24/7 Percept Threat Exposure Management offers end-to-end security to enterprises. The platform, every day, processes over a billion events, raises over thousand alerts, and prevents from over hundreds of cyber-attack attempts, for its enterprise customers across the globe. The platform is recognized by leading global research firms and a winner of many international and national awards and recognition.

Percept CSP ensures visibility, detection, correlation, identification, and response to any cyber threats and attacks.

What are some of the products and services that Sequretek offers in the cybersecurity market?

Sequretek’s AI-powered Percept Cloud Security Platform (CSP) based on the 24/7 Percept Threat Exposure Management offers end-to-end security in the areas of enterprise threat monitoring, visibility, incident response (Percept XDR), device security (Percept EDR), identity & access governance (Percept IGA). Percept CSP ensures visibility, detection, correlation, identification, and response to any cyber threats and attacks.

1) Percept Extended Detection and Response (“Percept XDR”): Percept XDR ensures end-to-end security, threat detection, and response while allowing enterprises to focus on their core business growth without the fear of compromise. Percept XDR helps to protect against phishing, ransomware, malware, vulnerability exploits, insider threats, web attacks, and many more advanced attacks.

Percept XDR features SOAR-based automated response in line with the MITRE ATT&CK framework. The reduced number of incidents that require manual intervention allows enterprise IT teams to focus on the core objectives.

2) Percept Identity Governance and Administration (“Percept IGA”): Percept IGA is the cloud-native offering for identity & access management of users. Percept IGA reduces access risks & ensures compliance to your regulatory requirements. It provides an easy-to-use, scalable and federated identity-based solution to meet end-to-end access governance and administration needs for organizations.

The product comes with in-built Federated Single Sign-On (SSO) and Multi-factor Authentication (MFA) capabilities.

3) Percept Endpoint Detection and Response (“Percept EDR”): An endpoint security product that ensures that no malicious files infect your endpoints using AI and ML, and self-updates to fix existing vulnerabilities. The product is Day 1 deployment ready along with 24x7 management and monitoring.

Percept EDR provides real-time defense against zero-day threats, advanced persistent threats, ransomware attacks, and any other malicious activities.

Beyond advanced threat protection, Percept EDR also integrates components such as device control, application whitelisting, and vulnerability management into a single product with a single dashboard view over your endpoint security.

What, as per you, are the five important things that Sequretek should be looking at today?

• The digital transformation that our customers and industry segments are embarking on, and the commensurate security risk that comes with it.
• Understanding the changing threat landscape and how to better respond to the same.
• Preparing our customers and our offerings for the upcoming regulatory compliance needs coming out from nations as well as industry bodies.
• Expanding our offering portfolio to stay relevant to our customers’ needs.
• Being an employer of choice, which would allow us to attract the best talent globally.

How are threat actors using AI to carry out a range of attacks?

As technology evolves, the nature of attacks has also evolved. AI technology has facilitated the emergence of new and sophisticated forms of criminal activities. Some prominent examples include:

Deepfake: AI-generated synthetic media, known as deep fakes, can manipulate images and videos to create realistic but fabricated content, leading to impersonation, misinformation, and defamation.

AI-enhanced cyber-attacks: AI algorithms can enhance the speed and precision of cyber-attacks, such as DDoS attacks, password cracking, and malware propagation, posing significant threats to individuals and organizations.

Automated social engineering: AI can simulate human-like interactions, enabling sophisticated social engineering attacks that deceive individuals into revealing sensitive information or performing unauthorized actions.

Data theft and privacy breaches: AI can be used to breach security systems, exploit vulnerabilities, and extract sensitive information from databases, resulting in severe consequences for individuals and organizations alike.

Malware attacks: AI can be used to develop malware that can adapt to changing circumstances and evade detection by security systems. For example, attackers can use AI to create polymorphic malware that changes its code each time it infects a new machine, making it more difficult to detect and remove.

While cybersecurity in general is sector agnostic, certain sectors are susceptible to AI-related risks and attacks.

Financial institutions: AI can be leveraged to bypass security measures, conduct financial fraud, engage in identity theft, and facilitate money laundering.

Healthcare: AI-driven attacks on healthcare systems can compromise patient data, disrupt critical infrastructure, and even pose risks to patient safety.

Transportation and logistics: AI can manipulate traffic systems, disrupt supply chains, and compromise autonomous vehicles, leading to potential safety hazards.

Government and defense: AI-based attacks targeting critical infrastructure and sensitive government systems pose significant national security risks.

How can artificial intelligence and machine learning help minimize the risks of cyber-attacks and improve enterprise security posture?

AI tool is widely used to mitigate crimes across sectors Here are a few ways in which it is put to use: 

Super quick processing of data (irrespective of the volume): The CISO can leverage the power of Cognitive AI to automatically investigate Indicators of compromise (IOC) and gain critical insights that can be seen by them on an interactive, real-time dashboard.

Identifying threats, known & unknown: The AI algorithms feature capabilities like self-analyzing attack behaviors and patterns, to detect and thwart advanced threats. CISOs can get contextual analytics & benchmarking that makes sense.

Lesser false positives and white noise: The AI algorithms offer better accuracy and reduce the number of false positives. It helps combat alert fatigue within security teams, reduces analyst workload, and saves valuable time – improved ‘Mean time to respond and resolve’.

AI aids accurate Detection and faster Response times: Technologies like SOAR (Security Orchestration Automation & Response) which are mapped to MITRE ATTACK framework that use TTPs (Tactics, Techniques, and Procedures); ‘Orchestrates, integrate and Automates hundreds of time-consuming, repetitive and complicated response actions, that previously required human intervention.

Business Continuity: The use of Autonomous AI-based Threat hunting capabilities prevents cyber-attacks and ensures business continuity.

How do Sequretek's AI-based security solutions differ from traditional cybersecurity solutions?

Percept XDR leverages cutting-edge technologies like Artificial Intelligence, Machine Learning, Deep Learning, Big Data Security Analytics, and Security Orchestration, Automation, Response (SOAR) for precise detection, comprehensive protection, and automated incident response. Sequretek’s Percept XDR is a part of Sequretek’s Percept Cloud Security Platform which is based on the latest 24/7 (Continuous) Threat Exposure Management framework and uses MITRE ATT&CK mapping for detection and response.

We moved away from the traditional rule-based threat detection to Artificial Intelligence-Machine Learning-based attack detection and incident response. The AI-ML-based threat detection and response offers better efficacy and faster response timelines. The false positives too are reduced drastically by leveraging the AI-ML technologies. In addition to the above, the big data security analytics in the Percept XDR enables the processing of huge chunks of data at faster speeds.

What changes is Sequretek bringing to the industry?

The security players can be broadly divided into 3 different buckets, one being the Cybersecurity Product companies (the ones who offer products), Managed Security Service Providers – MSSPs (that provide services on top of the cybersecurity products by other OEMs), and the Platform providers (who provide a platform to the security product companies, to develop their product on). The companies which provide security products, do not offer the other two, i.e., managed security services and have a 3rd party platform; likewise for MSSP players (do not have their own security products) and Platform providers (do not offer services / direct security products). It becomes difficult for the customers to manage multiple OEM products, services, and platforms as integrability, and predictability of the delivery is a major challenge.

Sequretek’s Artificial Intelligence (AI) based solutions ensure increased efficiency in threat detection as the element of human dependency to write rules to detect is eliminated. The algorithm self-analyzes and creates rules and identifies patterns that are malicious.

Furthermore, Sequretek has and will continue investing heavily in R&D to stay relevant to the market and have the capability to detect and respond against cyber threats (that keep evolving at a rapid pace). This year we announced a product for continuous vulnerability audits, assessments, and compliance. We will also be adding integrations with the IoT devices.

How does Sequretek's approach to cybersecurity reduce complexity and cost of ownership?

Sequretek works with a vision “to simply security by consolidating the technology landscape”.

Sequretek offers complete enterprise security only through a combination of 3 products vs. competition offering at least 12-15 different products for enterprise security. This significantly reduces the cost of procuring each of the products. Moreover, Sequretek products do not mandate certifications/expertise to manage them, they have a simplified UI for smooth management by IT executives! This enables an individual with basic IT skills to manage Sequretek products effectively.

In addition to the above, each of the Sequretek products is offered as a single subscription inclusive of all the modules in each of the categories.

Just to give an example, Sequretek’s Percept XDR enables capabilities like 24x7 security monitoring, incident response, threat hunting, global threat intelligence, automated response levering SOAR, big data security analytics, user & entity behavior analytics, and more. Whereas the competing products modularize each of the above capabilities and charge heavily for integrating the devices or log sources to the XDR products.

One license, which includes all the costs including management and integration, drastically reduces the total cost of ownership for the enterprises and one single dashboard simplifies security and allows enterprises to prioritize, predict and take action against the cyber-threats easily.

What are some limitations or challenges of using AI in cybersecurity?

To leverage AI in Cybersecurity, organizations require super-rich datasets, to train the algorithms. They need to ensure that the training datasets that domain experts procure; involve real-life attack scenarios, are pre-processed, and are engineered to reap better efficacies. The availability and security availability of the data is a major challenge for most of the companies leveraging AI as the AI projects need to be validated by availing authentication, access controls, and regular backups.

To address this challenge, we established our own in-house Malware Research Lab in 2014, which soon matured in 2017. We process and monitor hundreds of thousands of new global malware variants and thousands of unique variants daily which also contributes to the dataset which trains our AI algorithm. We also leverage 75+ independent open sources which are aggregated and normalized to provide real-time Central Threat Intelligence Feed (CTIF).