Digital transformation has fundamentally altered how companies function and provide value to customers. This transformation enables organisations to do away with manual operations, provide speedier results, and eventually provide quicker services to clients so they can compete with other businesses in their market. 

Qualys, a SaaS-based platform for digital security, helps organisations with digital transformation by ensuring that their systems are effectively protected from intruders. 

Qualys claims to shorten remediation periods and lower cyber risk for businesses by combining entire cybersecurity stacks onto a single agent, allowing both new and existing customers to get the most out of their security investments. 

Sumedh Thakar is the president and CEO of Qualys. He joined the company in 2003 and grew within the company, taking various leadership roles focused on helping Qualys deliver on its platform vision. In 2014, he became chief product officer, overseeing all things product, including engineering, development, product management, cloud operations, DevOps, and customer support. In 2021, he rose to the position of CEO in the company.

Analytics India Magazine had an exclusive interaction with Thakar regarding the rising cases of cyber security threats in India and how these can be addressed. 

AIM: What are the current trends in cyber security and which are the verticals in focus?

Thakar: The rise of automation in cyberattack defence is one of the trends catching up in tech organisations. In recent years, the number of vulnerabilities has significantly increased.

This makes it impossible for businesses to fix all of their system’s vulnerabilities, given the critical shortage of cyber talent. When corporations cannot hire their way through this challenge, they automate the system to solve this avalanche of vulnerabilities. 

It’s becoming increasingly clear that automation is needed to address the issue. For example, we know there are monthly patches from Microsoft. Thus, we can automate in areas where patches do not typically break things. An automated task can be set to update Chrome on every corporate laptop in the organisation so that the limited staff on hand can focus on patching super-critical, high-risk assets. 

Another trend is AI. Despite years of hype, we now see the useful implementation of AI and deep learning in cyber solutions. The technology is being used to augment tasks that humans previously did, such as combing through an organisation’s networks and looking for suspicious behaviour. In these use cases, AI and deep learning can return results in seconds vs hours and hours of human investigative work.

AIM: How has the market evolved for Qualys in India?

Thakar: The initiative by the Indian government to digitise the nation has pushed organisations to turn around their corporate operations and business processes. Though things have significantly improved as a result of this transition, it has also raised cyber danger and exposed sensitive information.

We are seeing more organisations reach out to us for help in reducing their risk exposure. We have responded with a consolidated platform approach that saves the time of the security teams and increases efficiency. The company provides security solutions to about 700 companies in India, including UIDAI, to secure Aadhar data. In the fiscal year 2021-22, we clocked a revenue of $441 million. 

AIM: Why should companies think about security from day one?

Thakar: Digital transformation is a business and technology enabler. It gives us the ability to shift from adding security at the end of the software development workflow to adding it at the inception.

The approach creates a continuous integration and deployment where safeguards and security checks are integrated into each key stage of the workflow, making it easier and faster to address issues. Importantly, it eliminates many security concerns from the very start. 

AIM: How important is it to secure the networks for a future-ready enterprise?

Thakar: In a future-ready enterprise, it is important to design security into systems from the ground up. Digital transformation, increased adoption of the Internet of Things (IoT), a growing remote workforce and a technology talent shortage have led to an exponential rise in organisations’ attack surface, which makes the future-ready enterprise vulnerable.

Security solutions help defend the attack surface, and teams must correlate externally-visible and internally-managed assets and govern compromises that occur because of undiscovered, unmanaged or poorly-managed IT assets. Organisations need to view vulnerable assets from the outside in and execute like an attacker to quickly identify areas of risk.

AIM: In the past, we have seen attacks on security providers like Cloudflare. Have you also faced such attacks? How are you securing yourself from such phishing attacks?

Thakar: In the changing environment, we are strongly committed to the security of our customers and their data. We leverage our own solutions including proactive risk mitigation, continuous patching and configuration management, along with continually monitoring our environments for any indication of active threats, exploits and compromises. Additionally, we collaborate with the other top global security teams to improve our posture against attackers.