There may be few as well-prepared to speak about the technological vulnerabilities faced by the millions who suddenly found themselves working from home than Raj Badhwar. Employees working from home during the COVID-19 pandemic created a stress test for technologies like Zoom or WebEx that meant exponentially larger amounts of people utilizing the videoconferencing and online collaboration tools than ever before.
In the early days of the American pandemic response, Badhwar, chief information security officer at Voya Financial, wrote four articles to help businesses transition their employees to work from home safely and securely.
Badhwar drew on his more than twenty-five years of analysis, architecture, design, development, and management of technical resources for cybersecurity engineering, operations, and incident response. He has led application development, network management, and information security efforts at Bank of America, AOL Time Warner, AIG, and defense contractor BAE Systems. He’s also a member of Rutgers University’s cybersecurity board, as well as a board member for the National Technology Security Coalition (NTSC), a nonprofit and nonpartisan organization that serves as an advocacy voice for fellow CISOs.
If it’s related to cybersecurity, you should probably call Badhwar.
A New Cybersecurity Talent Ecosystem
Badhwar’s role on the NTSC has been earned for good reason. The CISO is a progressive advocate for the role of diversity and inclusion in cybersecurity—including diversity of skill, as is seen in his promotion of cybersecurity as a career for kids with special needs.
“People who are thought to be on the autism spectrum are often perfect and ideal candidates for cybersecurity positions,” Badhwar explains. “They may be shy or avoid eye contact, but they are often very adept at mathematical pattern analysis and recognition.”
Badhwar says Voya, at large, has voiced support for these kinds of initiatives, as evident by its commitment to the special needs community through Voya Cares and its selection as one of Ethisphere’s Most Ethical Companies eight years in a row.
The CISO also drew significant experience from his Department of Defense contracting days. “I saw veterans coming home from war and transitioning into cybersecurity work, and it makes good sense,” Badhwar says. “Their mission changes a bit, but they’re still able to continue to protect and defend their coworkers, their customers, and their clients.”
Less than a decade ago, Badhwar says that 90 percent of most CISOs were likely white men, and he’s hoping to help change that statistic. “Along with those who may have military or police backgrounds, it’s very important that we select from a wide candidate pool of people from other ecosystems and backgrounds,” Badhwar explains. “We have to find a way to engage and awaken that interest early in women who might not have considered cybersecurity as a career previously.”
Badhwar took that advice with his own daughter, introducing her to programming, malware defense, and other key cybersecurity concepts early on.
“We have to find a way to engage and awaken that interest early in women who might not have considered cybersecurity as a career previously.”
The CISO Perspective
Now, perhaps more than ever, Badhwar says that CISOs should be looked to for leadership on company boards. “Security is paramount to any company,” Badhwar says. “When the board of directors wants guidance about where investments are being made in a company and they don’t have security people on that board, there is a valuable voice that is not being heard.”
When it comes to companies wanting to move their entire network to the cloud, Badhwar says that having a CISO on more boards of directors might have saved a world of headaches.
“There may be some short-term gains in moving everything to the cloud, but I think security has been forgotten, and that’s why there are breaches literally every single day in the news,” the CISO explains. “I spend a lot of my time these days talking about cloud security because it is the future state of application and system hosting for every corporation.”
Fortunately, partnerships with cloud-based database security companies like jSonar have helped ease this difficulty. “jSonar enhances our capability speed and agility to provide security monitoring and behavior-based analytics both on-premise and in the cloud,” Badhwar says.
According to Ron Bennatan, chief technology officer at jSonar, most organizations struggle with deploying consistent data security policies to the cloud. “Legacy on-premise tools don’t carry across to cloud workloads,” he explains. “At jSonar, we abstract the complexity of the underlying data systems and provide a single platform to secure any data workload.
“Our customers, like Voya,” Bennatan adds, “can accelerate innovation in their business and migrate to the cloud while having the confidence that their security controls and more will be consistent across all on-premise and cloud systems through jSonar.”
“I spend a lot of my time these days talking about cloud security because it is the future state of application and system hosting for every corporation.”
Wider Thoughts on the Web
Along with extensive security, application development, and network management experience, Badhwar is also a serious thinker about what the future of technology offers both in terms of opportunities and challenges. He has coauthored fourteen security patents, and conducted extensive research in the areas of cryptography and zero trust networks as well as AI-based pattern matching and reactive-response for cyber incident response and fraud mitigation. He has also written about the code of ethics for AI as it applies to cybersecurity.
Badhwar has studied quantum computing extensively and has written about the potential risks with its advent. “While quantum computing will exponentially increase the computing power at our disposal, security technologists worldwide are worried about its supposed capability to break many of the encryption and hashing algorithms that are currently based on computational difficulty,” he explains. He has also written about post-quantum cryptography, including quantum encryption’s ability to provide the needed security to sensitive data now and in the future.
Badhwar has also written and spoken extensively on the idea of cyber-exceptionalism. “Cyber-exceptionalism is not nationalistic,” Badhwar explains. “It is an attempt to band together with cybersecurity professionals around the world with a mission to maintain the confidentiality, integrity, and availability of our systems, services, and our sensitive data from various cyber adversaries and attackers. We must work together to share best practices for the needed preventative and protective security controls with our peer companies and businesses to form a shared defense.”