Interview – Deepak Daswani – ElevenPaths
DAN ASSOR [00:00:02] Hi and good morning and welcome back. If you’ve just joined, My name’s Dan Assor and this is Techerati Live, Cyber Cybersecurity Edition. My next interview is going to be with Deepak Daswani of ElevenPaths. So good morning, Deepak.
DEEPAK DASWANI [00:00:18] Good morning. How are you?
DAN ASSOR [00:00:20] I’m very well, thank you. I’m very well. Thank you for joining us this morning. So, Deepak, it would be great to start off with. If you could just tell us about ElevenPaths and also your role within the business.
DEEPAK DASWANI [00:00:31] Well, ElevenPaths, is a company of cybersecurity of Telefonica in Spain, also all to business in U.K. and mainly the company that develops cybersecurity solutions for Telefonica and their customers. And my role is I work as a Chief Security Ambassador for ElevenPaths. So mainly I am in events like today, I do talks, I work as a Chief Security Ambassador or Evangelist. This role of talking to people and showing the risks, making awareness to companies, and also reaching the information of our solutions to people.
DAN ASSOR [00:01:27] Sure, okay. And Deepak, if you could just also just bring to life some of the core products that you offer.
DEEPAK DASWANI [00:01:37] Well, we don’t want to talk today about products but we have different solutions. In many different fields of cybersecurity, we have solutions like, for example, nowadays talking about pen-testing. Ethical hacking, we have a solution called Faast, that’s a different approach of pen-testing, which is a continuous and persistent pen-testing, so that’s one. For example now, we have also solutions, focusing threat hunting that it’s an area that now racing a bit. We have cybersecurity, threats. We have solutions, focus to mobile risk and also dedicated to managing vulnerabilities like SandaS GRC. And now we have different tools for example, we have a new tool that we have developed called Diario, it’s a new approach to detect macro-based malware. You know that many of the ransomware incidents that were performed last year. Many malware campaigns were still based on macros. It’s a way of attacking businesses that we used to see many years ago. Then we have, some years where Java applets based attacks were focusing on where the main attack vectors, then we have lots of flash and another way plugins problems. And nowadays, again, we are facing many macro-based malware attacks. So Diario it’s a… sorry you were going to tell me something?
DAN ASSOR [00:03:42] No I was just gonna… You were talking about cyber resilience. I was also just wondering how you would define that.
DEEPAK DASWANI [00:03:47] Sorry?
DAN ASSOR [00:03:48] Cyber resilience? How would you define cyber resilience?
DEEPAK DASWANI [00:03:56] Well, nowadays cybersecurity is in fashion and because the attacks are being performed every day and now that’s why this concept of this term of resilience. Everyone talking about that, because nowadays we know that attacks are going to be performing, organisations are facing these risks. And they know that they’re going to be attack, and the attacks are going to be successful sometimes. So resilience is the ability, the way the organisation has to respond to an incident. To prepare first, a few years ago, we were working, trying to avoid incidents. Now we know the incidents are going to happen. So resilience is the capacity that the organisation has to face this incident and to recover as fast as possible in all the fields that I mean, that has to work in an incident. Because not only solving the incident, it’s recovering the image, the reputation. There are many things that the organisation or an organisation has to face with an incident.
DAN ASSOR [00:05:19] I understand. That makes absolute sense. What do you think the basic foundation is for digital confidence?
DEEPAK DASWANI [00:05:27] The basic?
DAN ASSOR [00:05:27] Basic foundation.
DEEPAK DASWANI [00:05:31] Of what?
DAN ASSOR [00:05:32] For digital confidence.
DEEPAK DASWANI [00:05:34] For digital confidence, yeah. Well, our organisation has to do many things. I think our organisation has to prepare their information systems and infrastructure. And know that it’s going to be resilient to cyber-attacks because these cyber-attacks are going to be performed. So one of the main things our organisation has to do is to audit their systems and look for vulnerabilities in the systems. Another thing, very important is to increase their awareness of their employees. For example, one of the things that I mostly do with is awareness sessions to the staff of a company to prepare them to face the risk. But not only like with talk, some part of the session is a talk, it’s the speech. But also doing technical demos and practical real-time attacks so they can see how, for example, the credentials of the employee, the credentials of the social network of the email can be compromised in a few minutes. So it’s a work of many layers. You cannot simply do one thing. And the most important approach is that it’s a continuous work that we have to do.
DAN ASSOR [00:06:59] Sure. And I know you’ve told us a bit more a bit about your core services. Do you have anything to add to that? And also be useful to understand more about your addressable markets. So the EU or further afield?
DEEPAK DASWANI [00:07:14] Well, sorry?
DAN ASSOR [00:07:14] In terms of your markets that you operate in. Obviously within the EU and elsewhere. Do you see a differentiation between the different locations that you work in, in terms of the services you offer and how they are implemented?
DEEPAK DASWANI [00:07:36] No well, I think cybersecurity is a thing that organisations around worldwide are facing the same problems. Depending. It also doesn’t depend in their size. So the approach to solve the problems it’s global and we are not finding big difference in, for example, in Spanish markets, the U.K. market or another market. And now that there are also many companies that are based in many countries. So when the attackers are going to try to make damage to an organisation or or attack, they don’t usually choose any country. They go to work for an organisation. In fact, one of the things that attackers do is to look for what we know as low hanging fruit. That it’s a concept that its… so they look, if an organisation is based in many countries. They look for a vulnerable system which is easy to attack. And for example, that could be an entry point to continue making damage to an organisation.
DAN ASSOR [00:08:47] Sure. Okay. So we’re just about out of time Deepak, is there anything else would just like to tell our viewers about your work and what the future holds for ElevenPaths?
DEEPAK DASWANI [00:08:58] Well, I only say that we are very proud of being where we are because it’s a company that it’s based in Spain with Spanish talent. And we have many of the best hackers in Spain that also are presenting their work in conference like Blackhat or Leftcon. And we are a company that builds technology. We build our own technology. We also have work with many partners, the principal vendors in the market. So we have alliances. But we also we do our technology. We test the technology. And we are there to help their organisations to be more secure. We all want to do any kind of promotion or publicity in that way. We only wanted to talk about cybersecurity where you want, but as you’re asking me, only say that we are based in Spain, but we are here for and in U.K., you can know us because all to business is the brand of telecom we have there.
DAN ASSOR [00:10:08] Okay. So thank you, Deepak. I appreciate that. So that was Deepak Daswani from ElevenParths. So unfortunately, that’s all for me this morning. But don’t go anywhere, because next we’re going to hand over to our co-host, Chris Smith from Blue Chip. And he’s going to share our first cybersecurity panel of the day, which is Remote Systems: Keeping Them Alive and Secure. So thank you so much. I’m Dan Assor and I hope you enjoy the rest of the day.