Why Humans Alone Can't Beat CybercrimeRubrik CEO Sinha on Why Defenders Need Latest Tech to Keep Up With Threat Actors
Cybercrime has grown considerably in the last several years. The scope, velocity and variability of attacks have increased, as has the attack surface - and it's impossible for humans alone to understand, correlate, find the cause, analyze and fix it, said Bipul Sinha, co-founder and CEO of Rubrik.
Threat actors are using artificial intelligence and machine learning to make attacks more sophisticated, he said. "But on the other hand, AI and ML can also be used for good to understand the intent of a particular event, if the event correlated with a broader set of activities, if it could potentially be a zero-day or an unpatched vulnerability, and where humans can intervene to solve the problem," he said.
In this video interview with Information Security Media Group at RSA Conference 2023, Sinha discusses:
- How defenders can use AI;
- The advantages of an advisory board to help formulate cybersecurity best practices;
- The benefits of partnerships with industry peers;
Sinha, an entrepreneur and an engineer, also serves as a partner at Lightspeed Venture Partners. Previously at Lightspeed, he focused on the software, mobile and internet sectors. He worked at Blumberg Capital, where he was the founding investor and board member of Nutanix and Hootsuite. Sinha also held engineering positions at Oracle Corp., American Megatrends and IBM. He holds several patents in distributed computing.
Tom Field: Hi there, I'm Tom Field. I'm senior vice president of editorial with Information Security Media Group. The topic of conversation is why it is near impossible for humans to beat cybercrime alone. We have in ISMG Studios, Bipul Sinha. He is the co-founder and CEO of Rubrik. Bipul, thank you so much for taking time to speak with me today.
Bipul Sinha: Thank you so much for this opportunity.
Field: Let's talk about why it's become so tough for humans to fight cybercrime on their own. Cybercrime has grown up considerably in the last several years.
Sinha: It is actually almost impossible for humans to comprehend the scope, velocity and variability of cyberattacks because our data is everywhere - it's on-premises in the data center, in the cloud platforms and all sorts of SaaS applications, and it increases the surface area of attack. And for folks to understand, correlate, causate, what started where and when, it is almost impossible.
Field: Let's talk about machine learning and artificial intelligence. Anecdotally, we hear they make phishing and ransomware notes more sophisticated and harder to detect. Specifically, what's been your experience?
Sinha: If you look at AI/ML, it can be used for good. It can also used for nefarious purposes. The bad actors are using AI/ML to trick human beings to click into an ad to actually give us an offer that we can't refuse or they are enticing us in different ways and also taking advantage of human vulnerabilities such as procrastination, our ability to quick react to an offer, which could be an attack. But on the other hand, AI/ML can also be used for good, for example, to understand what is the intent of a particular event. If this event is correlated to a broader set of activities? Could this potentially be a zero day or an unpatched vulnerability, where the humans can intervene by using the artificial intelligence augmentation to solve the problem.
Field: Well, you talk about how AI can be used for good. Number of vendors they are trying to infuse AI into the dev process from the get go. What are you seeing?
Sinha: We have been working on AI for the last five or six years because what we fundamentally understood is, AI can be applied to the mission-critical business data of the customers to derive security intelligence out of it, such as how far ransomware or cyberattacks have gone? What is the sensitivity of the content? Is there malware sitting in the data? When customers understand the data risk, they can restore their operation upon an attack. Obviously, prevention is important. But resilience which comes from data security is the key.
Field: Bipul, Rubrik, you've got a CISO advisory board. How is the CISO advisory board helping you formulate some best practices that you in turn can share with your customers?
Sinha: So if you look at us in Silicon Valley, we are living in the technology bubble in Silicon Valley. And all the magic happens at the customer sites where the CISOs and CIOs are solving real business problems. And we need to understand their perspective, feeling and vision for the future for their businesses. And how do we translate that into products and features that we build, and that is the outside-in and inside-out relationship that we are building with CISOs. And our own CISO advisory board is helping us formulate the product direction road map to solve the problems of today and tomorrow.
Field: So your clients benefit from what you get from the CISO advisory board?
Field: They also benefit from partnerships you have with stalwarts such as Zscaler, Microsoft, Palo Alto Networks. What are some of the benefits of those partnerships?
Sinha: See, the thing is that the scope and variability of the attacks as I was saying are so huge that one vendor alone cannot solve the problem. Cybersecurity industry traditionally focused on prevention of attack, but the new world is resilience and data security. And how do you bring this infrastructure security and data security together to provide end-to-end zero trust? That's what we are doing with Zscaler, Microsoft and Palo Alto Networks. Our goal is to be a vendor that brings the data intelligence into the SecOps so that the SecOps can fully understand from infrastructure risk to the data risk.
Field: We started this conversation by talking about why it's near impossible for humans to beat cybercrime alone. How would you summarize how Rubrik is helping customers to beat cybercrime?
Sinha: Rubrik is helping customers increase their cyber-resilience posture. Because if you can restore your applications and business, you can assume risk and breaches, but still continue to operate, because in this world, prevention is impossible. The best option for customers is to build resilience in their whole business operation, and Rubrik is helping to do that.
Field: I don't I think you could say that better. That's a good message to leave with.
Sinha: Thank you so much for this opportunity.
Field: Thank you, Bipul, it's been a pleasure.
Sinha: Same here.
Field: We have been talking with Bipul Sinha. He is the co-founder and CEO of Rubrik. For Information Security Media Group, I'm Tom Field. Thank you for giving us your time and your attention.