CIO Influence
AIOps CIO Influence Interviews Security

CIO Influence Interview with Amit Gupta, Chief Product Officer, Tigera

CIO Influence Interview with Amit Gupta, CPO at Tigera

“Financial services organizations need a Declarative Infrastructure fabric where teams can define the infrastructure requirements and the platform can provision and maintain the infrastructure across multi-cloud or on-prem.”

Hi Amit, welcome to our Interview Series. Please tell us a little bit about your role and responsibilities at Tigera.

Thank you for this opportunity, Sudipto. I am the Chief Product Officer (CPO) at Tigera. I’ve been with Tigera since 2018, and in my role as CPO, I am responsible for the strategy and vision of Tigera’s products, and for leading the execution and delivery of Tigera’s product strategy and roadmap.

I have nearly two decades of experience developing software and services for enterprises and service providers across the world.

Could you tell us more about the ideal customer profile of Tigera?

Which industries rely on your solutions and services?

Today, Tigera’s active security platform for containers and Kubernetes is used by leading companies like Discover, Merck, NBCUniversal, HanseMerkur, Allstate, Box, Siemens Healthineers, Playtech, Royal Bank of Canada, and Bell Canada. The primary industries that rely on Calico include financial services, telecom providers, global payment providers, and many other Fortune 100 companies.

Today, more than 50% of Fortune 100 companies use Calico!

PREDICTIONS SERIES 2024 - CIO Influence

What is the most impactful container technology that drives digital transformation for IT organizations?

Without a doubt, it is Kubernetes, for several reasons:

  1. Abstracting the platform from underlying infrastructure – IT teams don’t have to be locked into an infrastructure provider.
  2. Fabric for multi-cloud – Let Kubernetes manage the underlying infrastructure and the IT teams focus on app deployment and operations.
  3. Accelerate app development and deployment – Takes away a lot of toil and operational complexity from the traditional way of deploying and managing apps.

Please tell us more about Calico Open Source.

Calico Open Source was born out of Project Calico, an open-source project with an active development and user community.

CIO Influence Predictions 2024 Series: Mastering the Cybersecurity Maze: Tips for Seamless Logistics

Calico Open Source is the most widely adopted container networking and security solution for containers, virtual machines, and native host-based workloads. Tigera is the creator and maintainer of Calico Open Source. Calico supports a broad range of platforms including Kubernetes, OpenShift, Docker EE, OpenStack, and bare metal services.

Calico is the most adopted technology for container networking and security and used across 1M+ clusters, and 8M+ nodes and has been downloaded over 1.5B times from Docker.

Please tell us about the developments within the Containers Security landscape that specifically support the ongoing Generative AI project.

Threat Detection

As adversaries are leveraging Generative AI for their attacks, it will be critical for defense solutions to also evolve to leverage LLM models for threat detection.

Risk prioritization and mitigation

Security analysts should leverage LLM models to help figure out what to pay attention to among all the security issues/events.

What kind of infrastructure does a financial services organization need to match the demands of digital transformation? 

Financial services organizations need a Declarative Infrastructure fabric where teams can define the infrastructure requirements and the platform can provision and maintain the infrastructure across multi-cloud or on-prem.

Organizations also need a security architecture that doesn’t rely on gates or chokepoints and a declarative security model that implements security controls next to workloads. This ensures that security controls don’t need to be rewired if the workload moves from one infrastructure to another.

Could you share some use cases from the financial services industry specifically mentioning your differentiated products and services?

We had the privilege of helping Mulligan Funding, a leading provider of business l**** for small and medium-sized businesses, achieve SOC 2 compliance.

Compliance regulations pose challenges for businesses that want to digitally transform but are faced with strict rules and regulations. To streamline its loan-offering services and allow online loan checkouts for its customers, Mulligan Funding introduced a microservices-based, cloud SaaS platform.

Because of the sensitive personal and financial data the SaaS platform would handle, the communications to and from the application needed to be secure and SOC 2 compliant. 

To accomplish this, Mulligan Funding standardized on Microsoft Azure Kubernetes Service (AKS) and Calico Cloud for security and compliance. Deploying Calico Cloud enabled Mulligan Funding to achieve SOC 2 compliance, ensuring the trust and protection of customers’ financial data without compromising speed, innovation, or user experience.

Please provide your take on the future of active security platforms in building a strong IT infrastructure:

At Tigera, we offer the only solution that takes an active approach to container security, which is critical given the increasing sophistication of cybercriminals and the uptick in attack techniques that target cloud-native and Kubernetes-based applications.

Rather than just identifying vulnerabilities and threats, our solution actively prevents attacks and mitigates risk by applying a zero-trust security approach to reduce the attack surface and prevent the lateral movement of threats, thereby safeguarding sensitive data. This is critical as the threat landscape will continue to worsen and evolve in the future.

Lighter Notes

One thing you remember about your employee (s)?

I remember the problem solvers.

Burn the midnight candle or soak in the sun?

Work hard and play hard.

Coffee, or Tea?

Depends on what’s going on with it. Often morning coffee and afternoon tea.

Your favorite Tigera product marketing initiative that you want everyone to know about?

Building awareness among security and DevOps teams about a complete security posture for their containerized application against network and host-based attacks based on known and zero-day threats.

First memorable experience in your career as an IT and security ops leader?

I have always been on the vendor side, but definitely have heard many experiences from my customers. One thing that has always stuck with me is a quote from a CISO: “There are only two types of organizations. One that has been hacked and the other that doesn’t know about it. Fundamentally, your security architecture and operations have to be designed with an assumption that there is already a threat lurking around in your infrastructure and network.”

Most useful app that you currently use:

Notion.

Thank you, Amit! That was fun and we hope to see you back on CIO Influence soon.

[To participate in our interview series, please write to us at sghosh@itechseries.com]

Mark Maass earned his Bachelor’s and Master’s degree in Strategic Management from Rotterdam School of Management. He spent 10 years with German conglomerate Bertelsmann, mainly in corporate development & strategy functions for the business services division. Since January 2019 he led strategy and M&A for Majorel, a venture between Bertelsmann and Moroccan Saham Group focused on customer experience management.

Tigera - Crunchbase Company Profile & Funding

Tigera provides the industry’s only active security platform with full-stack observability for containers and Kubernetes. The company’s platform prevents, detects, troubleshoots, and automatically mitigates exposure risks of security breaches.

Tigera delivers its platform as a fully managed SaaS (Calico Cloud) or a self-managed service (Calico Enterprise). Its open-source offering, Calico Open Source, is the most widely adopted container networking and security solution. Tigera’s platform specifies security and observability as code to ensure consistent enforcement of security policies, which enables DevOps, platform, and security teams to protect workloads, detect threats, achieve continuous compliance, and troubleshoot service issues in real time.

Related posts

AWS and Code-X Announce Partnership to Bring Increased Security Capabilities to the AWS Cloud

CIO Influence News Desk

CyberArk to Acquire Venafi from Thoma Bravo for End-to-end Machine Identity Security

CIO Influence Staff Writer

Security Researchers Reveal Staggering Magnitude of ICS Vulnerabilities in 2021 as Cyber Attacks on Critical Infrastructure Increase