CIO Influence Interview with Rahul Powar, CEO and Co-Founder of Red Sift

Rahul Powar, CEO and Co-Founder of Red Sift, talks about the impact of AI in cybersecurity in this Q&A:

——–

Hi Rahul, welcome to our CIO Influence Interview Series, briefly describe your career journey and what drives your passion for technology.

Thank you for the warm welcome. Following completion of my master’s in systems engineering, I have built a career as an optimistic technologist – first focused on building distributed systems.  I was part of the founding team and the principal technical architect for Shazam in 2000. There, I designed, built, and launched the first Shazam iPhone App on Day-0 of the Apple Appstore alongside backend systems related to music recognition, music ripping and ingestion and many others.

Also Read: CIO Influence Interview with David Nuti, Head of Security Strategy, Extreme Networks

After Shazam, I founded Apsmart, which Thomson Reuters acquired in 2012. From there I went on to become a repeat founder starting my current company Red Sift in 2015. Today, Red Sift is a venture-backed cybersecurity company with over 1,000 customers around the world

Interestingly, I hadn’t always aspired to be a founder; however, I was drawn to exploration and solving meaningful problems. My shift into security was unplanned, but the critical challenge of email security threats and their universal impact inspired me. I recognized a gap to fundamentally make the internet safer and decided to take action.

Cybersecurity is rapidly changing, with new threats emerging faster than ever. From your perspective, what are the most significant cybersecurity challenges organizations face today, and how should they adapt?

2024 has been another busy and challenging year for security teams. When I talk to our customers a theme I have been hearing is the speed at which bad actors have been able to innovate new ways around the protocols that were designed to keep the internet safe.

The most notable version of this in 2024 was SubdoMailing. Bad actors were able to bypass DMARC to send malicious mail on behalf of global brands through forgotten subdomains that were mistakenly left in the DNS. Though many brands (including all of our impacted customers) have taken the steps necessary to remediate this threat, the attack remains ongoing.

This style of attack is made much more profitable for bad actors through the use of AI. While malicious mail used to take time and energy to create, it can now be done in seconds. The same can be said for finding, registering and purchasing domains that were once owned by legitimate brands and are now forgotten.

The challenges with SubdoMailing remain because the only defense is continuous monitoring. Teams are finding they must fully implement security protocols, and, they must find ways to defend the known gaps that exist between these protocols while also monitoring continuously to stay secure.

How is AI transforming cybersecurity strategies, especially in terms of threat detection and response? Highlight how Red Sift is leveraging AI to enhance digital resilience.

At Red Sift, we deeply believe that AI can, and will be, widely used by defenders as a force for good. We have known for years that AI models are uniquely well-placed to observe and interpret signals that humans might miss, unlocking a new layer of scalable capacity across constrained teams.

We have seen this approach be impactful for customers over the last two years as we have tackled complex problems like logo detection or complex domain name transformations for our brands looking to identify and stop impersonation online.

2024 brought new opportunities in the form of LLMs. We were delighted to bring the first-ever LLM fully integrated with a DMARC application to market in October – Red Sift Radar. The feedback has been astounding. From customers saving $4,000 in the first 24 hours by spotting malicious invoices to teams being able to analyze domain security in two minutes instead of 20, it’s clear there are real, tangible impacts in equipping security teams with AI.

What emerging trends in cybersecurity or technology should organizations be prepared for in the next 3-5 years? How is Red Sift positioning itself to stay ahead of these developments?

As I noted previously, one of the latest challenges we’re seeing in cybersecurity is poor domain and DNS management, which has led to vulnerabilities like SubdoMailing. Many organizations with mismanaged subdomains—often set up years ago—have discovered lingering DNS records, leaving a clear path for bad actors to exploit. This vulnerability stems from limited visibility and poor DNS hygiene, which can undermine existing DMARC protocols. These records, if compromised, allow attackers to send malicious communications that appear to come from legitimate organizations. Worse still, while the original exploitation was coming via an email attack, it is essentially a domain takeover that can sit silently on an organization’s primary domain, ready to inflict devastating and potentially irreversible damage.

With threats like SubdoMailing on the rise, it’s essential to help our customers move “beyond DMARC” now—not in three to five years. Organizations need to act swiftly, as real-world attacks have begun to undercut the very policies designed to prevent them.

Also Read: A Comprehensive Guide to DDoS Protection Strategies for Modern Enterprises

Similarly, as quantum computing advances, current security standards must adapt to protect sensitive data from future threats. While practical quantum computers may still be years away, the urgency lies in protecting today’s critical information from tomorrow’s quantum-enabled breaches. Quantum computers could render widely used encryption protocols like RSA and ECC obsolete, exposing long-lived data such as state secrets, financial transactions, and medical records that remain valuable over time.

To mitigate this risk, security standards must transition to quantum-resistant algorithms designed to withstand future quantum-powered attacks. This includes redefining cryptographic frameworks, updating key management protocols, and adopting hybrid encryption models that blend classical and quantum-safe techniques. Proactive adaptation is critical—not just to defend against future quantum threats but to secure sensitive data today from becoming tomorrow’s exposed vulnerabilities. By acting now, organizations can future-proof their systems and maintain trust in an increasingly uncertain technological landscape.

While we can’t predict every trend that the next few years may bring, one thing is certain: for the internet to remain a safe environment, organizations and our customers alike must be strengthened and ready to tackle tomorrow’s challenges. Navigating these emerging environments will be critical for security leaders, and at Red Sift, we’re committed to helping our customers manage these complexities in a fast-evolving market.

With Red Sift’s presence across North America, Australia, and Europe, how do regional differences impact cybersecurity strategies? Are there unique challenges specific to certain geographies?

The internet is an inherently global space, therefore regional differences tend to be more reflected in national policy and regulation, or organizational maturity. For example, in the United States, the Cybersecurity and Infrastructure Security Agency (CISA) has issued updated recommendations on combating phishing threats, while in the United Kingdom, the Payment Card Industry Data Security Standard (PCI DSS 4.0) will mandate automated phishing detection and protection measures starting in 2025.

DMARC adoption levels also tend to differ based on region, with a large number of organizations unprepared when it comes to implementing essential security measures to stay protected. In February 2024, Google and Yahoo introduced new requirements aimed at creating a “safer, less spammy inbox.” These rules include clear instructions on implementing DMARC for every domain that sends email, as well as ensuring SPF and DKIM configurations are in place. However, Red Sift’s analysis of over 72 million domains worldwide reveals that nearly 88% still have only basic or no authentication. Regionally, there are distinct differences in adoption: in the United Kingdom, 15.4% of domains have initiated DMARC setup, while in Australia and the United States, these figures are 23.5% and 19%, respectively.

As IT leaders are increasingly tasked with ensuring cyber resilience, what strategic advice would you offer to CIOs and CISOs who are building their cybersecurity frameworks in today’s complex threat environment?

Building a resilient cybersecurity framework requires CIOs and CISOs to think beyond traditional defense strategies when communicating with the board. Firstly, it’s essential to position cybersecurity as an upfront investment that protects the organization’s reputation, customer trust, and bottom line. While proactive security measures may not deliver immediate, tangible results, the long-term benefits—such as cost savings from breach prevention and avoiding potential regulatory penalties—are significant.

When presenting to board members, translating technical risks into business terms is crucial. Emphasize how security investments align with compliance, governance, and the preservation of brand reputation. In particular, highlighting the reputational risks of a breach can help bridge the gap in understanding, as brand damage and customer trust erosion are tangible concerns for the board.

Balancing the urgency of cybersecurity with a measured approach is also essential. Focus on illustrating how preemptive measures contribute to cost savings and reduced liability, rather than raising alarms. By demonstrating how security initiatives are foundational to protecting the organization’s strategic goals, you can foster a board that values and supports a proactive stance on cybersecurity.

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]