CyberTech Top Voice: Interview with Model N’s Chirag Shah

Hello, CyberTech community. Welcome to our CyberTech Top Voice interview series.

The latest CyberTech Interview with Model N’s Chirag Shah is an interactive Q&A-styled conversation. In chat, Chirag shared his insights on GenAI’s role in cyber threat management ahead of an upcoming Sysdig webinar. In this interview with Model N’s Chirag Shah, we explored the various facets of threat detection and response management spanning different security-related activities and strategies.

Let’s start…

Hi Chirag, welcome to the CyberTech Top Voice Interview Series. Please share your insights on GenAI’s role in rapid threat detection and response management. 

Chirag Shah: GenAI is poised to play a transformative role in rapid threat detection and response management, offering enhanced capabilities in detecting, analyzing, and responding to cyber threats. Its integration into cybersecurity strategies can significantly improve an organization’s ability to defend against increasingly complex and frequent cyberattacks. 

Some key insights to consider are the following:

Threat Detection, response, and mitigation

• Pattern Recognition and Anomaly Detection capabilities to analyze a large volume or number of datasets to identify patterns that indicate potential security threats. 
• Real-time analysis detects threats in real-time, providing immediate insights into ongoing threats. 
• Automation in initiating incident response process right when threat detected, segregating systems/environments, applying required patches.  This process requires continuous learning and adapting models that will minimize the impact of a breach.

Threat Intelligence & SOC Management

• Using GenAI integrate and analyze threat intelligence feeds from multiple sources, providing a contextual understanding of threats. 
• By analyzing historical data and current threat trends, GenAI can predict potential future attacks.
• Support SOC analysts by managing false positives and ensuring efficient accuracy of threats so that the focus is narrowed to real problems/risks. 
• Recommendations for remediation based on the analysis of past incidents and industry best practices. 

Challenges and Considerations

• Quality of data and accuracy of learning model are important aspects of threat assessments.   
• Human Oversight and ethical considerations are important aspects to consider.
• It is important to consider collaboration between humans and GenAI to have stronger and more efficient management of security posture. 

As the Global Information Security Officer of Model N, what are your biggest IT and security concerns? What are your expectations from the current crop of threat intelligence solutions providers?

Chirag: Like my counterparts in the industry, my role as an Information Security Leader involves shaping and implementing a security strategy that safeguards critical data for both our organization and our customers.

Below are some key areas of concern and expectations that I believe are shared by security industry leaders regarding threat intelligence solutions.

Sophisticated cyberattacks, particularly those backed by substantial resources, are often stealthy and persistent, with the intent to infiltrate sensitive data undetected over long periods. To counter these threats, threat intelligence solutions need to advance by offering early warning systems or even automated threat blocking through the integration of global threat intelligence feeds.

For instance, the rise of ransomware attacks in recent years, which have grown more frequent and destructive, underscores the need for innovative tools and technologies. Attackers are increasingly employing double extortion tactics, demanding ransom not only for decrypting data but also for withholding sensitive information from public release. Effective threat intelligence solutions should offer real-time detection and response, automated threat containment, and thorough incident analysis, along with actionable recommendations to prevent the spread of ransomware within a network.

These concerns, however, extend beyond ransomware.

Cloud security, supply chain security, regulatory compliance, and the overall efficiency of security operations and threat management programs remain critical areas that require ongoing attention and robust solutions.

How should organizations attract and upskill the current workforce to fill cybersecurity gaps? 

Chirag: Filling cybersecurity gaps through workforce upskilling involves several strategic initiatives. It begins with fostering a strong, company-wide commitment to cybersecurity, a responsibility that starts at the top with the Board, CEO, and other executives, and extends to every level of the organization, including engineers and interns. The core message that “security is everyone’s responsibility” should be clearly communicated across the company to motivate and engage all employees in maintaining a secure environment.

Top CyberTech Events: Announcing the Full Agenda for the 2024 ISC2 Security Congress

Providing competitive compensation and benefits, along with promoting work-life balance, is crucial for retaining and motivating cybersecurity talent. Additionally, investing in continuous learning and development is essential. This includes offering access to training programs, professional certifications, boot camps, and opportunities for networking within the industry.

Beyond job-specific training, it’s important to offer leadership development, mentorship opportunities, and professional growth initiatives both within and outside the company. Promoting diversity and inclusion is another key pillar, broadening the talent pool and bringing varied perspectives into the cybersecurity team.

Finally, it’s important to establish clear career progression paths and skill development plans to ensure that employees see a future within the company and know the steps they need to take to advance.

Would you recommend any specific cybersecurity certifications for beginners, intermediate, and advanced-level professionals? 

Chirag: For those just starting out, CompTIA Security+ and (ISC)² Certified in Cybersecurity provide solid entry-level foundations. For those interested in compliance and risk management, ISACA’s CISA (Certified Information Systems Auditor) and CISM (Certified Information Security Manager) are excellent choices.

Recommended CyberTech News: AI MINDSystems Hires Health Chief, Advances ‘HERO’ AI

For intermediate-level professionals, certifications like CISSP Associate, Certified Ethical Hacker (CEH), and CompTIA Cybersecurity Analyst (CySA+) are highly valuable. For more advanced training, Offensive Security Certified Professional (OSCP) and GIAC Security Essentials (GSEC) are strongly recommended.

In addition to formal training, I suggest connecting with seasoned security professionals who have extensive field experience. Seeking their guidance and arranging regular mentorship meetings, whether monthly or quarterly, can be incredibly beneficial for professional growth and practical learning.

What are your predictions for the 2025 CyberTech industry: 

Chirag: The integration of Generative AI (GenAI) and Machine Learning is becoming increasingly prevalent, both among cyber attackers who leverage these technologies to enhance their tactics, and within industries that utilize them to bolster defenses against emerging threats. In the future, we can expect a greater emphasis on advanced threat management strategies, including behavioral analytics, threat detection, and the implementation of Zero-Trust architectures to create more secure, segmented environments.

The expansion of cloud security solutions, such as Secure Access Service Edge (SASE), will be crucial in protecting the growing number of cloud-based assets. Additionally, there will be heightened regulatory scrutiny as global data privacy regulations continue to evolve, with more countries and U.S. states adopting comprehensive privacy frameworks. This shift will compel organizations to align their security practices with these regulatory standards. Moreover, the focus on supply chain security will intensify, as vulnerabilities in the supply chain can have far-reaching impacts.

Simultaneously, addressing the cybersecurity talent shortage will remain a priority, as organizations strive to build and maintain skilled teams capable of managing these complex security challenges.

In the coming years, tools for proactive threat management, encompassing threat hunting, predictive analytics, threat intelligence, and real-time threat mitigation, will gain increasing prominence. These solutions will be pivotal in enhancing organizations’ ability to anticipate, identify, and neutralize cyber threats before they can cause significant harm.

Thank you so much, Chirag for your delightful insights. We look forward to having you again at the CyberTech Top Voice engagements.

To participate in our interviews, please write to us at news@intentamplify.com