CIO Influence Interview with David Nuti, Head of Security Strategy, Extreme Networks

David Nuti, Head of Security Strategy, Extreme Networks in the Q&A talks about biggest cybersecurity threats today, shift from reactive to proactive threat management, best practices of ZTNA and more about cloud-driven networks…

————–

Hi Dave, welcome to the CIO Influence Interview Series. With your extensive experience in the IT industry share your observations and learning as Head of Security Strategy of Extreme Networks.

We are in the midst of a necessary evolution when it comes to how we think about network and security management. These operations have traditionally been siloed, but they are now converging, alongside AI. The reason for this is clear: in a world where remote users are the norm, we have exploding numbers of IoT devices, and we’re reliant on multitudes of applications, the attack surface has expanded and network management is getting more complicated. So how do we reduce this complexity? The answer lies in unified, streamlined solutions.

Also Read: CIO Influence Interview With Karthik Ranganathan, co-founder and co-CEO of Yugabyte

The network is forever linked to security, but today we need to go beyond a traditional approach like firewalls and NAC. Organizations and their IT teams need solutions that take the pain and friction out of securing a network so they can create consistent policies and offer the same experience to users no matter where they are. The way to accomplish this is through Zero Trust offerings that integrate network, application, and device access security in a single, easy-to-manage solution.

How is Extreme Networks addressing the need for seamless security integration within modern cloud-driven networks?

We believe that the network is the foundation of any security strategy. Organizations in any industry need to be able to protect their various systems, data, and applications and have control over and line of sight into who has access. With ExtremeCloud Universal ZTNA, IT teams have greater control and can consistently authenticate and monitor users to ensure no one is touching something they shouldn’t. Security and network management are integrated, removing complexity for the IT team and improving experiences for users.

Extreme’s Universal ZTNA solution unifies cloud Network Access Control and ZTNA in a single, easy-to-use SaaS offering, with one zero trust policy engine for both networks and applications to ensure consistent security, unified observability and a seamless experience when remote or on-site. It’s also integrated with our ExtremeCloud IQ cloud management platform, simplifying workflows for network security and management. We’re boosting IT team productivity, reducing troubleshooting time, and enabling easy identification and secure network and application access based on identity-level privileges.

What are the biggest cybersecurity threats today that you think enterprises often overlook?

The biggest vulnerabilities don’t lie in one area of the IT stack – rather, typical weak spots involve legacy systems and outdated, and unpatched and monitored technology solutions. Delaying modernization initiatives can leave organizations reliant on outdated systems and solutions, which can be an even bigger burden on IT/security teams as they’re not properly equipped with the right tools to manage today’s threat landscape. IT systems can also be vulnerable without visibility into the network. Network monitoring and management tools can allow the IT team to oversee access controls and mitigate any security threats as they arise. This is another reason to seek out unified solutions for network and security management.

How can organizations shift from reactive to proactive threat management, and what role does technology play in that transition?

Zero Trust enables organizations to start shifting to this mindset by treating every user as already suspicious – no one is automatically trusted and everyone must verify their identity before accessing something within an organization. Visibility and control over the network are also crucial for proactive threat management. You cannot secure what you can’t see, and being able to quickly identify vulnerabilities is key.

Solutions like cloud management and AI can also help in shifting to a proactive mindset. Moving to the cloud helps unify management and increase visibility across the network, and AI solutions can help automate monitoring of the network and flag potential anomalies

Organizations should also look to reduce silos and encourage collaboration and communication across the business. IT teams need to understand business processes and be trusted by departments and leadership so they can more easily and effectively determine appropriate access controls.

Also Read: A Comprehensive Guide to DDoS Protection Strategies for Modern Enterprises

With Zero Trust becoming a priority for many organizations, what are some best practices you recommend for implementing ZTNA effectively?

First, identify the areas of your business with the most risk – what would have the biggest consequence if it failed? Prioritize these systems first, as well as who needs access to them. Organizations may see Zero Trust as something that has to be completed overnight. There are solutions that can be deployed within a day, but if it seems overwhelming, start with priority parts of the business.

Second, as noted earlier, IT and security teams need to have a full understanding of business processes, the number of connected users, what permissions should be given to which job functions, etc. This planning phase will make it much easier to implement Zero Trust and ensure every part of the organization is secure. It’s easier to look for ZTNA solutions that can automatically identify applications in case anything is overlooked, but open and consistent lines of communication is a good place to start.

Share five emerging technologies or trends you think will shape the future of secure networking, before we close.

1. Smaller businesses will have better access to emerging tech: After an aggressive period of convergence in the information technology space – primarily through strategic acquisitions – innovations in automation led by the emergence of AI are now helping to narrow the skills gap and reduce barriers to entry when it comes to using new technologies, enabling companies to redefine and simplify the end customer experience. This simplification has broadened the available target market for technology segments that have traditionally been the domain of major enterprises. For example, the cybersecurity solutions suite available to a small or midsize business is now lightyears ahead of where things stood just a few years ago, bringing the security posture of SMBs to near parity with their much larger business counterparts.
2. Customers will seek vendors who can provide technology and business expertise: Organizational leaders will prioritize creating a clear vision of their goals and path forward to reach their desired outcomes, and they will pursue technology partners and service providers that can meet their technology and business requirements and deliver on those outcomes. In response, technology and networking leaders are increasingly prioritizing skillsets in account managers that are more closely related to finance or business backgrounds than the tech-only leaders of old. This trend toward organizations leveraging large-scale partner and provider expertise to their advantage to deliver defined outcomes, not just to complete technology construction projects, is an important shift.
3. AI will take its next step forward: Today, many organizations are focused on whether AI will replace humans, which is a thought process that can create stagnation in AI’s development. Tactical ROI models for AI implementation will emerge, moving that focus to evolve into discussions around how to get immediate ROI from AI by addressing specific use cases. For example, new hire training could go from months to days, with AI helping to consolidate information and making it easier for new hires to find the information or documentation they need.
4. User experience will dictate innovation: More and more, companies are abandoning technology that offers little beyond a new acronym and are turning to solutions that offer a simple, customizable user experience. Technology will continue to converge, and as we see more cloud-native, ML and AI solutions emerge, adoption will be driven through the user experience, not just the solution’s capabilities.
5. Security will become inseparable from networks and AI: Though AI dominates conversations, the top concern of CIOs and IT professionals is still security. Because the network forms the foundation of all technology in an organization, and organizations are using AI as another foundational technology to enable greater efficiency across functions, we will soon not be able to have a conversation about one without mentioning the others, and it won’t make sense to discuss them separately.

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]