Podcasts
Career Notes
Ep 96
Career Notes 4.17.22
Ep 96 | 4.17.22

Satya Gupta: Rising to your contribution. [CTO]

Show Notes
Transcript

Satya Gupta: Hello. My name is Satya Gupta. I'm the CTO at Virsec’s Systems.

Satya Gupta: I grew up in India, my father was a civil servant and at that time, it was really hard, we had, uh, two other siblings. My mother was insisting that we go to the very best school because education was at a very high premium in our household, there were time's when they had to sell some books to be able to meet expenses.

Satya Gupta: It was very clear to me that I had to go and become an doctor or an engineer, and certainly doctor was out of my league because even if I had to go into a biology lab and dissect a frog I'd probably end up fainting before the frog had a knife in its belly and all. So I decided I'd be an engineer, and one of the biggest challenges of going in to a engineering school in India is to everybody's aspiration is to get into this very famous school called the IAT, and because my brother had taught at school, you know, it was, uh, pretty much my goal to be able to go and get in to that same school.

Satya Gupta: I actually went to a higher education in the US so from India, I kind of did another master's degree in, uh, the university of Massachusetts, and, uh, right after that, um, I went to work for GM and I quickly realized that I wasn't really cut out to be one of the 700,000 employees that GM had it that time, and I really wanted to do something meaningful, you know, something that allowed me to sort of, uh, express myself a whole lot better and solve some really big problem for the industry.

Satya Gupta: So I kind of quit GM and I went to work, uh, for myself and, uh, you know, there was many ventures that, you know, startups that I actually went through. Uh, last one that I did, really made a huge difference. The big thing that we did out there that, uh, in the startup was that, you know, we kind of suddenly, uh, use some really cool technology to be able to make a huge thing. So instead of having one megabit of bandwidth or two megabits of bandwidth, we were up to a hundred megabits in the case of businesses, up to a gigabit of bandwidth. So, you know, that made me think, that we have to sort of keep working with things that will change people lives rather than solving incremental problems. You know, there's no fun in doing that. And I had the mental fortitude and the educational background to be able to go, look at some really hard problems.

Satya Gupta: One thing that really inspired me at that point in time was when it was just a casual sentence that was uttered by a colleague but a stuck in my brain for posterity, I would say. So the colleague said that, um, people rise to their level of incompetence, and that was really a remarkable statement that I heard from that person. You, uh, rise to the point where you can actually contribute. And, uh, when you think that you've, um, uh, are done here, that you cannot contribute anymore, um, that's where it all ends and all right, but in reality, the sky's the limit.

Satya Gupta: It's almost like a storybook, uh, startup scenario here. Um, I was visiting a colleague, who was a professor at the university of Massachusetts, um, he and I who sat down for coffee at a Starbucks, and as we were sitting for this coffee, I realized that there was these big cyber attacks going on, and, it just so happened. I opened the conversation with him and saying, hey, did you notice this new cyber attack? Uh, and here are these big dominant cyber companies at the time, uh, who were releasing signatures every 10 minutes, and the millions of machines were going down over the last few days, and, uh, because of this very, uh, nimble attack, it was one of those, uh, you know, worm-like attack that was taking machines down by the millions. 

Satya Gupta: Something he said struck me as, uh, you know, hey, we are not really looking at root causes out here, we kind of looking at symptoms, you know, every time a new attack happens, we try to figure out what's going on with that particular attack, and it's like, um, you know, playing a game of whack-a-mole, you know, a new attack shows up, you kind of stomp on that little, uh, arcade game. So you know, every day, uh, 350,000 new pieces of malware get created, and we are trying to classify, you know, every piece of malware, and to me that looked like a big joke out there. 

Satya Gupta: So at that point in time, I came up with this whole thought process of what I now describe as first principle. I had a couple of meetings with the professor again, and we came up with five or six guiding principles, um, that we call first principles. The very first principle was we must be able to protect an application from being abused, even if it is vulnerable, the second principle was milliseconds matter, the third principal that was involved out there was that vulnerabilities are the key, the fourth principle was that, you know, I shouldn't really expect people to hand me their source code so that I can look at it and be able to figure out where the vulnerability got, and the last, very important thing was if I look at a server, there are hundreds of processes out there. I cannot go and say, I can see I'm going to protect only one or two and I leave the rest to open. 

Satya Gupta: So those are the five, first principle that we said, uh, we must adhere to in our solution, and I'm very happy to tell you that, you know, uh, it's been a long, arduous journey. Our customers are now beginning to see that, you know, this is the only way to protect, you know, the vulnerabilities. You have to be able to make sure the vulnerabilities are like that bad lock that you hang on your door that cannot be abused. Even though,, you know, the lock may give up, you know, you still be able to protect, make sure that the doors are strong enough to not give up, and, um, you know, now more than ever, customers are beginning to see that you're now able to, uh, make sure that the application stays within its guard rails and it's the attacker is not being able to sort of, uh, move the needle and derail the train and make the application do things that they want.

Satya Gupta: It's really important to be able to leverage, uh, other people's brain and you know, assemble the very best people, be able to leverage their brain power, and that's my sign off, uh, functioning. You know, we want to be able to have the very best people in the team and also leverage their thinking power and be able to, this is how we, you know, as a collective, we become better, and, you know, it's crazy, you know, as an entrepreneur, you have to be a little bit crazy because, uh, you know, you have to have this dedication to be able to, uh, you know, keep going down and pick up every day, but uh, but it's really fun too, at the same time, you know, to be able to create these new things that, uh, will change somebody's life is really important to me.

Satya Gupta: You have to be able to dream big, and you have to have the fortitude and the mental courage to be able to hold on to that, if you really believe in something, go for it. And, um, uh, also dream big, you know, make sure that, you know, you're not solving a small problem, but you're solving thing that will make a name for it, you know, which will have things that, uh, people will remember. This is how I, uh, it should be done versus accepting the status quo and doing it for, you know, the same way that people have been doing it for the 30 years that may have gone by, uh, in the cybersecurity industry, and by thinking big, we are able to make people understand, you know, what, uh, what is different? What is it that's different that we are doing and how their lives will get better? So, you know, uh, my, my, uh, two advice to people is, uh, dream big and, um, uh, work with dedication.

Career Notes
Podcast Info
Schedule: Sundays
Creator: CyberWire, Inc.
ADVERTISEMENT
Sponsored by SpyCloud
Sponsored by SpyCloud

SpyCloud protects consumers, employees, suppliers, and citizens from the dangers of compromised identity. Its solutions make breached information actionable to prevent fraud— enabling a proactive, automated response that negates the value of stolen data before it can be used to cause harm. Learn more.