Explore the future of cloud security in the Asia Pacific Japan region with Prateek, discussing challenges, best practices, and SentinelOne’s role in AI-driven cybersecurity.
Could you please share some insights into your professional journey as APJ Field CISO Director at SentinelOne?
Prateek: The role of Field CISO is very interesting as it focuses on the value proposition of the security initiatives and deployments. This role helps me in cutting the prevailing noise in the industry because of the overwhelming number of jargon, overmarketing, and overpromises of the providers. At the same time, it helps the security leaders climb the maturity curve and define the security charter.
Can you provide an overview of the current cloud security landscape in the Asia Pacific Japan region and explain why it’s becoming an increasingly critical concern?
Prateek: The adoption of cloud technologies and platforms is only accelerating in the APJ region alongside the threat landscape, and the risks are increasing too. With businesses moving their critical business applications, data, and operations to the cloud, they are increasingly being targeted by threat actors as the organizations’ maturity level in cloud security is relatively lower than the traditional architecture. Additionally, the data protection and privacy laws in different countries and regions emphasize the need for cloud security.
According to you, what could be the key strategies and best practices that organizations should prioritize when securing their cloud platforms within the Asia Pacific Japan region?
Prateek: The first step is the realization that the approach to securing the cloud is different from the traditional approaches and understanding the shared responsibility model between the cloud service provider and the client. Cloud is not inherently secured but can be secured with the right policy, configurations, and controls. The journey to securing the cloud should start with Cloud Security Governance.
Can you identify specific challenges that organizations in the Asia Pacific Japan region typically encounter when it comes to maintaining the integrity and security of their cloud-stored data?
Prateek: Security in the cloud is more of an identity and access management issue. When the identities and access to cloud resources such as data storage are configured with secured configuration such as no public access to storage buckets, expiration of API tokens, etc, it will ensure the integrity and security of the data stored in the cloud.
What are the primary drivers behind the 30% increase in cloud-targeted cyber incidents in the ASEAN region. Are there any proactive measures that can be taken to save from such threats?
Prateek: Because of the sudden pivot to the cloud and rapid adoption of digitalization because of the COVID pandemic, the attack surface of the organization became endless and ever-expanding. This came off as an easy opportunity for the threat actors to capitalize on and exploit the vulnerabilities and security gaps to reach their objectives. These attacks on the cloud environment could have been prevented by implementing cyber hygiene measures such as secure configurations, identity and access management, privilege access management, vulnerability management, patching, etc.
Which emerging trends or technological advancements do you anticipate will have a substantial impact on cloud security within the Asia Pacific Japan region in the near future?
Prateek: The adoption of cloud computing and services for both critical and non-critical business applications, use of edge computing, and automation of the workflow will increase the business’s reliance on the cloud. This digital progression will make the attack surface endless. Hence, cloud security would have to be taken far more seriously.
In your opinion, what could be the concrete steps for creating and implementing a cloud-specific incident response plan?
Prateek: Cloud Incident Response (IR) today needs to grapple with a radically different set of challenges, including data volume, accessibility, and the speed at which threats can multiply within cloud architectures. The interplay of various components, such as virtualization, storage, workloads, and cloud management software, intensifies the complexity of securing cloud environments.
That being said, Cloud IR cannot be done in isolation of the company’s overall incident response activities and business continuity plans. When possible, cloud security tools should use the same SOC, SOAR, and communication tools currently being used to secure other company elements. Using the same infrastructure ensures that suspicious and threatening cloud activities receive an immediate and appropriate response.
How do you envision SentinelOne in the next upcoming 5 years?
Prateek: SentinelOne helps organizations secure from tomorrow’s threats today by taking an approach of AI+ Data + People. These three components are vital for providing effective cybersecurity. AI helps organizations cut the noise and identify the needle in the haystack, stitching the data points, and also helps scale humans, data analytics on the security data collected from various attack surfaces to identify the patterns and analyze the attacks and people to identify the root cause of the attack whether it’s the policy design, culture, operations, etc and work to fix it.
With your extensive experience, what advice do you have for APAC organizations looking to strengthen cloud security amid evolving threats?
Prateek: The first step is to understand the Cloud Shared Responsibility model and design controls according to the attack surfaces the organization is responsible for. The organization should focus on cyber hygiene and implementing real-time visibility of cloud environments for threat prevention, detection, and response. These simple measures will elevate the cloud security posture of the business.
APJ Field CISO Director at SentinelOne
Prateek is a Cyber Security professional with expertise in domains such as Security Operations, Vulnerability Management, Penetration Testing, Endpoint Security (EPP/EDR), Digital Forensics and Incident Response, etc. He advises cybersecurity vendors on their Product Messaging and Positioning, Go To Market strategy, Licensing, Product Strategy.
He holds an MBA in Information Security Management from Symbiosis Centre for Information Technology. Prior to MBA he has worked with Accenture Services Pvt. Ltd. where he was working as the lead of Technology and Workforce Enablement for over two years, this role acted as a stepping stone in his career. He also holds B.E. in Electronics and Telecommunication from the University of Pune.
He is also a firm believer in community development and learning.