Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecurityCybersecurity News

5 minutes with Satya Gupta: The surge of remote work and its impact on critical infrastructure organizations

By Maria Henriquez
5 minutes with
October 13, 2020

Meet Satya Gupta, Virsec’s visionary, who has more than 25 years of expertise in embedded systems, network security and systems architecture. Prior to focusing Virsec to a product orientation, Gupta built Virsec as a software design and consulting business and targeted data networking, application security and industrial automation projects. Prior to this, he was Director of Firmware Engineering at Narad Networks and Managing Director and Chief Engineer at Eastern Telecom and Tech Ltd.

Gupta holds 14 patents in complex firmware architecture with products deployed to hundreds of thousands of users. He holds a BS degree in Engineering from the Indian Institute of Technology in Kanpur and additional degrees from the University of Massachusetts at Lowell.

Here, we talk to Gupta about the impact that COVID-19 and remote work policies has had on critical infrastructure organizations. 

 

Security magazine: What is your title and background?

Satya Gupta: As the Chief Technology Officer at Virsec currently and in my professional career spanning 35 years, I have built a range of hardware, embedded and software products used by millions of people worldwide. I have 14 issued patents that cover a range of subjects such as networking, wireless, micro kernels, interpreted code vulnerabilities, memory integrity vulnerabilities etc.

 

Security magazine: How has COVID-19 and the surge in remote work impacted industrial and critical infrastructure companies (Fin Serv, healthcare, government/defense, etc.) themselves?

Gupta: The Cybersecurity & Infrastructure Security Agency (CISA) has identified sixteen sectors as critical infrastructure of our nation. Organizations in these sectors have largely followed guidance from the CISA which starts off by making a risk assessment for their staff.

The organization makes every attempt to identify and encourage those people who can potentially work from home without affecting their productivity to work from home.

From a spend perspective, the organization must accelerate software initiatives that were part of a longer-term digital transformation strategy. Some examples of such new software and hardware initiates include collaboration tools, VPN, VDI etc. Funding these initiates has caused avoidable economic strain on organizations especially those whose cash low positions may not be very strong.

One consequence of deploying a lot of new software in a hurry is that best practices for securing the new software tend to get ignored. IT organizations cannot patch vulnerable software as fast as the vulnerabilities are growing. One can see that the number of new vulnerabilities and attacks such as ransomware attacks are growing rapidly.

Many users who may not have had previous exposure to software tools are now forced to grapple with subtle nuances in the new software. If some of these people have elevated privileges in the organization, the intellectual property, confidential information, and business continuity can come under serious risk from phishing and vishing attacks.

 

Security magazine: How can these companies effectively stay secure amid increasing threats during remote work and with an increase in cyberattacks (i.e. phishing and ransomware)?

Gupta: The old saying that haste makes waste is particularly significant here. IT organizations must properly architect their new software rollouts to ensure they are not trading productivity for risk. Deployment procedures including tightening configurations for software and following best practices should not be short circuited.

A very important initiative must be to train staff on protecting themselves from phishing and vishing attacks. Companies must fund and launch red team initiatives to “test” their staff and train those who happen to fall victim to simulated phishing attacks.

Another initiative organization can undertake is to invite pen-testers to assess the risk exposure of their software infrastructure. Organizations can invest in automated attack simulators to ensure they discover the weak links in their deployed software before attackers do.

Yet another initiative organizations’ can undertake is to patch their infrastructure and application code on as short a schedule as possible. Vulnerabilities in the infrastructure code as well as in-house code must be identified and remediated at the earliest opportunity.

An extremely important initiative must be to replace older security controls; especially point solution because they do not give a holistic view of the attacker kill chain and only result in “expense” in depth. Instead, IT must look for security controls that are full stack, highly deterministic and do not require an army of analysts to deploy and maintain. By adding more staff, not only would the organization incur unnecessary expense but would be making matters worse in these Covid 19 pandemic times.

 

Security magazine: How has COVID-19/remote work forced critical infrastructure to fast-track digital transformation, and how can they effectively stay secure with new security tech while embracing this new tech?

Gupta: As mentioned earlier, many longer-term digital transformation steps must be fast tracked. IT needs to make sure several security best practices described above are followed so that security is not traded for speed. Shortcuts in configuring new software, not patching fast enough and using security controls that are behavioral in nature even when deterministic solutions exist are some of the steps IT must take in order to reduce the risk to the organization.

 

Security magazine: What does the future of distributed cybersecurity teams looks like post-COVID and with remote work now the norm?

Gupta: As principles of natural selection have shown in the past, those software vendors who produce more secure code and security control vendors who harden the applications will drop by the wayside.

KEYWORDS: COVID-19 critical infrastructure cyber security information security remote work

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Duncan Greatwood

    5 minutes with Duncan Greatwood — Securing remote access in critical infrastructure

    See More
  • 5 mins with Hamilton

    5 minutes with Mike Hamilton – The biggest threats to the critical infrastructure

    See More
  • 5 mins with Brian H

    5 minutes with Brian Harrell - Critical infrastructure protection and the power grid

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing