Ganesh Krishnan joined Carl Lewis to discuss cybersecurity’s evolution and how companies can implement security measures inside and outside their walls.
Ganesh Krishnan is a self-described cybersecurity superhero.
It’s a well-earned title: He’s spent over 25 years protecting the digital world from cyber threats. Ganesh’s career has included top-level security and engineering roles at Yahoo, LinkedIn, and Atlassian.
Ganesh launched an AI-powered cybersecurity startup in 2017 and sold it after only 18 months. His new company, Anzenna, aims to reimagine cybersecurity by empowering every employee with simple, effective security tools.
Carl Lewis, host of The Connected Enterprise podcast, welcomed Ganesh to discuss cybersecurity’s evolution and how companies can implement security measures inside and outside their walls.
Cybersecurity, Then and Now
Ganesh is often asked how the cybersecurity landscape has changed during his career.
Initially, people didn’t know what cybersecurity was—or didn’t care.
“It was hard to get people to pay attention,” Ganesh says. “It was hard to get funding for the things we wanted to change and get people to change.”
“It’s amazing. Phishing has been around for 20 years, and it’s still the biggest attack vector we see,” Ganesh notes. “And it’s getting more sophisticated.”
Cybersecurity and Remote Workforces
Many companies have enabled mobile workforces, and employees must be as secure at home as they are in the office.
Remote workers should educate everyone in the household about what can and can’t be done with their devices.
“That’s a huge challenge,” Ganesh says. “The number of cyberattack targets has expanded tremendously.”
As the world locked down during the pandemic, companies scrambled to adopt zero-trust infrastructure and other tools.
“But cybersecurity isn’t just about the technology,” Ganesh explains. “It’s about how people handle their daily work. It’s about balancing risk.”
Cybersecurity and the Cloud
Public cloud providers like Amazon Web Services (AWS), Azure, and Google Cloud have been around for about 10 years, and many companies have moved there.
“Back then, everybody said, ‘Oh my god, this is a security disaster. Never move to the cloud. All your data will be gone.’ But 10-plus years later, I say cloud solutions and services are a net positive,” Ganesh says. “If you’re behind four walls, you must develop your own standards and seek help. But in the cloud, everything is standardized.”
If you understand your cloud solution and deploy it correctly, your path to security can be simple. However, don’t assume cloud providers will secure everything. If you run your own code and applications, you must ensure their security.
“The one thing you can’t outsource in life is responsibility,” Ganesh says.
Cybersecurity and People
Regardless of your company’s software and hardware solutions, don’t ignore the human factor—annual cybersecurity training isn’t enough.
“That’s like telling people they can exercise once a year and be fit,” he says.
He advises regularly engaging your employees and reinforcing that cybersecurity concerns everyone, not just the cybersecurity team.
Companies are freeing their teams to innovate and choose almost any tool they want—but that comes with accountability. With multiple devices, emails, and text messages, users must understand how to keep data safe.
As an employer, you can empower your team to fix problems. For example, if an employee accidentally shares a sensitive file outside the company, don’t punish them—use it as a teaching opportunity.
“You’ll foster engagement by making that situation contextual and empathetic,” Ganesh explains. “Incentivize and reward employees for participating and making the system better. That’s much more effective than a training video.”
Listen to the Podcast
For more insights from Ganesh Krishnan, including his thoughts about TikTok and the future of cybersecurity, listen to Vision33’s The Connected Enterprise podcast. In each episode, host Carl Lewis interviews bright minds and industry thought leaders about enterprise technology and what’s coming next.