Join top executives in San Francisco on July 11-12 to hear how leaders are integrating and optimizing AI investments for success. Learn more
VentureBeat sat down (virtually) last week with Ritesh Agrawal, CEO and co-founder of Air hole Networkingto gain insight into how he and his team are creating one of the most innovative startups in the cybersecurity industry.
Agrawal leads a team of experts who have built successful infrastructure products for the carrier, industrial and enterprise sectors. He has over 20 years of experience in network, security and cloud solutions. Under Agrawal’s leadership, Airgap Networks has achieved several milestones, including winning three prestigious Global InfoSec Awards at the 2023 RSA conference.
The following is an edited excerpt from VentureBeat’s interview with Ritesh Agrawal:
VentureBeat: Can you tell us a bit about your background and how you got involved in the cybersecurity industry?
Ritesh Agrawal: I have a background in leading the Juniper Network Security business, where I focused primarily on Telcos and large enterprises. I realized that the industry was losing the cybersecurity battle, with spending on security infrastructure increasing every year, but the number of breaches and damages continued to rise. When I realized the need for a more sustainable solution, I saw an opportunity to apply VC-led innovation to industry.
And that always starts with a transformational architecture, not just a new feature set. We observed the effectiveness of the mobile/telco architecture in preventing malware from spreading even if a device is infected and at a fraction of the cost of business offerings. The name “Airgap” stems from our ambition to provide the same level of perfect isolation, protection and cost-effectiveness for all enterprises in IT and OT.
VB: As CEO of Airgap, what insights have you learned about the cybersecurity industry?
Agrawal: First, the threat landscape is incredibly dynamic, so only the most agile organizations will adapt and thrive. This is why you see so many successful cybersecurity startups: It’s hard for larger organizations to innovate as quickly as attackers, and customers can’t afford to fall behind.
For example, Airgap has six major patents with more [pending] approval, and we just won three major innovation awards at RSAC because our customers rely on us to stay ahead of changes in the threat landscape.
Second, to aim high. This is a crowded space with many competitive solutions, so incremental innovation and feature polishing won’t displace incumbents. I’ve always believed that as a startup you have to deliver an entirely new architecture, not just a product, or you shouldn’t launch.
Finally, to try and internalize that every network security team is really under time pressure and budget right now. They need quick, easy wins that don’t require new skills. Simplification and fast time-to-value are a breakthrough in business. Don’t automate complex security processes — eliminate them with better architecture. At Airgap, for example, not only have we made traditional network segmentation piping “easier”, it’s just gone.
VB: How do you see the threat landscape evolving in the coming years?
Agrawal: Attacks are about to get a lot more sophisticated. For example, social engineering attacks that use a combination of AI and the wealth of online information about us and our employers will penalize networks that lack strong authentication and identity checks.
Government actors and crime-as-a-service are likely to play a bigger role, and that means more attacks that aren’t about ransomware, but instead cause significant damage to core networks and corporate assets.
It’s part of a larger trend that I think marks the end of perimeter-based security thinking, and in many ways the end of aging core network architecture itself. And why customers like Flex, Tillys and Kingston Technologies are actively using Airgap as their defensible architecture for mission-critical infrastructure.
VB: What should cybersecurity leaders do to stay ahead of this curve?
Agrawal: First, recognize the need to prioritize protecting mission-critical networks, assets, and identities with a defensible network architecture. Everyone has their own unique ‘crown jewels’. They drive the business and operational processes that must remain secure, even if breaches occur elsewhere in the network. And that’s Airgap.
Perimeter-based firewall architecture isn’t enough, and I’m happy to debate this with any firewall vendor. Everyone spends more And being violated more; that’s not what winning looks like.
Second, aggressively evict the trust and attack surface from your network. Establish zero-trust segmentation between your mission-critical infrastructure and your standard corporate IT network, as well as across all devices within shared networks, to ensure threats cannot spread. And bridge the gap between identity and endpoint protection with a dedicated secure access solution, as traditional VPN solutions don’t eliminate the legacy trusted connections that attackers manage to breach.
And you can’t secure what you don’t know or can’t find, so leverage network-centric asset discovery and intelligence like Airgap, which is designed for low latency and no network congestion.
And third, prioritize cybersecurity solutions that don’t require heart surgery for your running network. Apply this litmus test to any security solution provider: Tell me what changes to my network, tech stack, or infrastructure I need to make? How much training do I need? How long will it take? Airgap deploys in hours, which is great for time-to-value, but more importantly, it does so because the touch to the running network is so light. Any solution that forces equipment upgrades, network addressing, ACL/NAC changes, or network outages for more than a few microseconds should be severely avoided.
VB: Why are OT networks a particular focus for attackers, and what special precautions should OT network owners take?
Agrawal: OT networks are not designed primarily for security, but for speed and scale. OT networks have a long lifecycle, are not often patched, and are widely accessible to vendors and engineers for remote support. They often have far too many devices sharing the same network segment. They’re full of old Windows servers and headless devices, so any agent-based solutions designed for corporate IT networks simply won’t work. It’s like Swiss security cheese, but for many OT networks it can be more holes than cheese.
The very first thing I recommend to owners of OT networks is to create a special layer of visibility and control (we call it an Airgap) between your corporate IT network and your core/OT network. The Airgap Zero Trust Firewall, or ZTFW, prevents threats from spreading from IT to the core network, and vice versa, so that the security of operations can be maintained even if higher network layers are compromised.
Airgap ZTFW relies on three essential capabilities to secure this special layer. The first is agentless segmentation, because legacy Windows servers and headless machines are common. The second is secure access with full MFA (multi-factor authentication) for your remote technicians and technicians, because VPNs are way too trusting. And the third is network-based asset intelligence with accurate, real-time inventory because OT networks are very dynamic.
VB: Once an enterprise has fully segmented and secured access to its network, how does asset intelligence help keep it secure?
Agrawal: Staying safe and compliant on day 2 and beyond is a big deal for the industry. Before Airgap started delivering same-day segmentation, companies spent six months or more hard at inventorying and segmenting their network, only to see it start to unravel again the next day.
First, remember that real networks are very dynamic. Whether the changes are due to acquisitions, new campuses, refurbishments or simply moving mobile equipment between floors, most companies have no clear idea what they have or where it is. Everything starts with real-time accuracy, and that means the network.
Prioritize solutions that leverage network context and network behavior analysis while ensuring low latency and no network congestion, which were the main design goals for Airgap with our ZTFW. Push for systems that can provide full visibility of any traffic stream, including side streams. Don’t settle for systems with extensive packet inspection and polling, as they can easily overload congested networks.
VB: Airgap just announced ThreatGPT, a ChatGPT integration with the Airgap Zero Trust Firewall. What does this mean for customers and where do you think AI-assisted cybersecurity is headed?
Agrawal: We are super excited about ThreatGPT. Because we establish full micro-segmentation, we have a wealth of network, asset and traffic history information available. Because ThreatGPT is fully integrated into the core of the ZTFW architecture, you can use any available data to train the models, and I believe we’re the first to bring this to market.
ThreatGPT, based on the GPT-3.5 architecture, offers customers the data mining intelligence of AI combined with a simple, natural language interface. It’s pretty overwhelming; it locates risks anywhere in your network by typing simple questions.
Going forward, I see AI more as boosting human productivity and not as a substitute for human intelligence. I’m glad Airgap is leading the market here – it’s a game-changer in risk management.