Q1.) A brief description of yourself and your career journey.
I have more than 17 years of experience in the ICT industry. I find this industry the most dynamic and it was where I found my education, which is a combination of science, business administration and marketing, being implemented the most. I have worked with various technology brands to grow their business in Sri Lanka and Maldives, which means, I have helped many organisations in the region to realise their business potential with the help of technology.
My next phase of excitement started when I joined Sophos as its country manager for Sri Lanka and Maldives. I am leading Sophos’ efforts to execute its mission, of protecting all kinds of organisations from cybercrime with our next-generation cybersecurity solutions and services, in the region. It gives me an immense feeling of fulfilment when we help local organisations to combat cyberattacks.
Q2.) Sri Lanka is witnessing a digital transformation. What are the key factors to consider for organisations to make their digital transformation more secure?
Digital transformation has brought increased speed and agility to the regional businesses, but in this process, security often remains on the backburner. That is to say, when organisations are moving their infrastructure, applications, data and users into the cloud/digital environment, security also needs to go along with the new technology landscape.
Sri Lankan Organisations thus need to evaluate the current state of security critically in their respective organisations, and work to immediately resolve the largest problems, and then incrementally improve in all areas of concern. They need to set up a cybersecurity posture including solutions, services, processes, and people aligned to their area of business and the way they interact internally and with the external world. Collectively all departments should work to improve their digital immune system by raising the bar for cybercriminals.
Q3. )What security challenges are people facing when working from home? How has your company handled these challenges?
Some of the systems and tools being used by organisations were not as effective in a remote working scenario as they were in-house. For example, systems monitoring and patching issues were exacerbated in the work-from-home scenario. Some businesses found it difficult to provide connectivity while others were not prepared to make a seamless shift to remote working. This meant that some businesses were taking temporary shortcuts to enable remote working, which meant compromising on security. Sophos is addressing these challenges by not only providing organisations with industry-leading, cloud-native protection products but also making investments in more capable AI systems to help security teams be both more effective and proactive. We are also launching products that enable organisations to embrace a zero-trust model. In addition to products, we are also providing services to organisations that lack dedicated security teams with our Managed Threat Response (MTR) team. The fully-managed service provides 24/7 monitoring, detection and response by threat hunting experts.