VentureBeat Q&A: How Airgap CEO Ritesh Agrawal created an progressive cybersecurity startup

Daily SF NewsMay 9, 2023

0 11 6 minutes read

Join top leaders in San Francisco July 11-12 to learn how leaders are integrating and optimizing AI investments for success. Learn more

VentureBeat sat down (virtually) last week with Ritesh Agrawal, CEO and co-founder of Airgap Networks to get insights on how he and his team are building one of the most innovative startups in the cybersecurity industry.

Agrawal leads a team of professionals who have developed successful infrastructure products for the carrier, industrial and enterprise sectors. He has more than 20 years of experience in network, security and cloud solutions. Under Agrawal’s leadership, Airgap Networks has achieved several milestones, including winning three prestigious Global InfoSec Awards at the RSA Conference in 2023.

The following is an edited excerpt from VentureBeat’s interview with Ritesh Agrawal:

VentureBeat: Can you tell us a bit about your background and how you got into the cybersecurity industry?

case

Transformation 2023

Join us July 11-12 in San Francisco as top leaders share how they’ve integrated and optimized AI investments for success and avoided common pitfalls.

Join Now

Ritesh Agrawal: I have a background as head of Juniper’s network security business where I focused primarily on telcos and large enterprises. I realized that the industry was losing the cybersecurity battle as security infrastructure spending increased each year, yet security breaches and damages continued to increase. Realizing the need for a more sustainable solution, I saw an opportunity to apply VC-led innovation to the industry.

And that always starts with a transformative architecture, not just a new feature set. We have observed the effectiveness of mobile/telecom architecture in stopping the spread of malware, even if a device is infected, at a fraction of the cost of enterprise offerings. The name “Airgap” comes from our commitment to offer that same level of perfect isolation, protection and cost-efficiency to all businesses across IT and OT.

VB: As CEO of Airgap, what insights have you gained about the cybersecurity industry?

Agrawal: First, the threat landscape is incredibly dynamic, so only the most agile organizations will adapt and thrive. This is why there are so many successful startups in cybersecurity – larger companies find it difficult to innovate as fast as attackers, and customers cannot afford to fall behind.

For example, Airgap has six major patents with more [pending] Recognition, and we’ve just won three major innovation awards at RSAC, as our customers rely on us to stay ahead of them as the threat landscape changes.

Second, to aim high. This is a busy space with many competing solutions, so incremental innovation and feature polishing won’t crowd out incumbents. I’ve always believed that as a startup you should deliver a whole new architecture, not just a product, or you shouldn’t bring it to market.

In closing, I’d like to try to internalize that any network security team is really overwhelmed with time and budget these days. You need quick, easy wins that don’t require new skills. Simplification and fast time-to-value are a business game changer. Don’t automate complex security processes—eliminate them with better architecture. With Airgap, for example, we haven’t just made traditional network segmentation “simpler,” it’s just gone.

VB: How do you see the threat landscape evolving over the next few years?

Agrawal: Attacks are becoming more sophisticated. For example, social engineering attacks using a combination of AI and the wealth of information online about us and our employers will penalize networks that lack strong authentication and identity controls.

State actors and crime-as-a-service are likely to play a bigger role, and that means more attacks that don’t target ransomware but do significant damage to core networks and assets.

It’s part of a larger trend that I think signals the end of perimeter-based security thinking and, in many ways, the end of the aging core network architecture itself. And why customers like Flex, Tillys and Kingston Technologies are actively adopting Airgap as their viable architecture for mission-critical infrastructure.

VB: What should cybersecurity leaders do to stay ahead of this curve?

Agrawal: First, recognize the need to prioritize protecting mission-critical networks, assets, and identities with a defensible network architecture. Everyone has their own unique “crown jewels”. They control the business and operational processes that must remain secure even if security breaches occur elsewhere in the network. And that’s airgap.

A perimeter-based firewall architecture is not enough, and I’m happy to discuss this with any firewall vendor. Everyone spends more and gets hurt more often; That’s not what winning looks like.

Second, aggressively drive trust and attack surfaces out of your network. Establish zero-trust segmentation between your mission-critical infrastructure and your standard corporate IT network, as well as for all devices on shared networks, to ensure threats cannot spread. And bridge the gap between identity and endpoint protection with a dedicated secure access solution, because traditional VPN solutions don’t eliminate the old trusted connections that attackers know how to crack.

And you can’t back up something you don’t know or can’t find, so leverage network-centric asset discovery and intelligence like Airgap, designed for low latency and zero network congestion.

And third, prioritize cybersecurity solutions that don’t require heart surgery for your running network. Apply this litmus test to any security vendor: Tell me what changes need to be made to my network, tech stack, or infrastructure? How much training do I need? How long it will take? Airgap deploys in hours, which is great for time-to-value, but more importantly, because there is so little exposure to the running network. Any solution that forces device upgrades, network re-addressing, ACL/NAC changes, or network downtime of more than a few microseconds should be seriously avoided.

VB: Why are OT networks the focus of attackers and what special precautions should OT network owners take?

Agrawal: OT networks were not originally designed for security, but for speed and scalability. OT networks have long lifecycles, are rarely patched, and are used extensively by vendors and remote support engineers. You often have far too many devices sharing the same network segment. They’re filled with old Windows servers and headless devices, so all the agent-based solutions designed for enterprise IT networks just don’t work. It’s like Swiss security cheese, but for many OT networks, it can be more holes than cheese.

The very first thing I recommend for OT network owners is to create a dedicated layer of visibility and control (we call it the Airgap) between your corporate IT network and your core/OT network. The Airgap Zero Trust Firewall, ZTFW for short, prevents threats from spreading from IT to the core network and vice versa, so that operational security can be maintained even if higher network layers are compromised.

Airgap ZTFW relies on three essential functions to secure this dedicated layer. The first is agentless segmentation due to the prevalence of legacy Windows servers and headless machines. The second is secure access with full MFA (multi-factor authentication) for your remote engineers and technicians, as VPNs are far too trusting. And the third is network-based asset intelligence with accurate, real-time inventory, as OT networks are very dynamic.

VB: Once a company fully segments and secures access to its network, how does asset intelligence help protect it?

Agrawal: Staying secure and compliant on Day 2 and beyond is a major concern for the industry. Before Airgap started providing same-day segmentation, companies put in six months or more of hard work inventorying and segmenting their network, only to see it fall apart again the next day.

First, consider that real networks are highly dynamic. Whether the changes were caused by acquisitions, new locations, refreshes, or just mobile devices being moved between floors, most businesses don’t have a clear idea of what they have or where it is located. It all starts with real-time accuracy, and that means the network.

Prioritize solutions that leverage network context and network behavior analysis while ensuring low latency and zero network congestion, which were key design goals for Airgap with our ZTFW. Insist on systems that provide a complete view of every traffic flow, including lateral traffic flows. Don’t settle for systems with extensive packet inspection and polling, as they can overload easily congested networks.

VB: Airgap just announced ThreatGPT, a ChatGPT integration with the Airgap Zero Trust Firewall. What does this mean for customers, and where do you think AI-powered cybersecurity is headed?

Agrawal: We are very excited about ThreatGPT. Because we set up full micro-segmentation, we have a wealth of information about the network, assets, and traffic history. Because ThreatGPT is fully integrated into the core of the ZTFW architecture, you can use any available data to train the models and I believe we’re the first to bring this to market.

ThreatGPT, based on the GPT 3.5 architecture, offers customers the data mining intelligence of AI combined with a simple, natural language interface. It’s pretty stunning; It will find risks anywhere on your network just by typing in simple questions.

For the future, I see AI more as a driver of human productivity and not as a replacement for human intelligence. I’m happy that Airgap is the market leader here – it’s a game changer in terms of risk management.

VentureBeat’s mission is intended to be a digital marketplace for technical decision makers to acquire knowledge about transformative enterprise technology and to conduct transactions. Discover our briefings.