VentureBeat Q&A: How Airgap CEO Ritesh Agrawal created an innovative cybersecurity startup

VentureBeat sat down (virtually) last week with Ritesh Agrawal, CEO and cofounder of Airgap Networks, to gain insights into how he and his team are creating one of the most innovative startups in the cybersecurity industry.

Agrawal leads a team of experts who have built successful infrastructure products for the carrier, industrial and enterprise sectors. He has over 20 years of experience in networking, security and cloud solutions. Under Agrawal’s leadership Airgap Networks has achieved several milestones, including winning three prestigious Global InfoSec Awards at the RSA Conference in 2023.

The following is an edited excerpt from VentureBeat’s interview with Ritesh Agrawal: 

VentureBeat: Can you tell us about your background and how you got involved in the cybersecurity industry?  

Ritesh Agrawal: I have a background leading the Juniper Network Security business, where I primarily focused on Telcos and large enterprises. I recognized the industry was losing the cybersecurity battle, with security infrastructure spend increasing each year, yet breaches and damages continuing to rise. Realizing the need for a more sustainable solution, I saw an opportunity to apply VC-led innovation to the industry.

And that always starts with a transformational architecture, not just a new feature set. We observed the effectiveness of the mobile/telco architecture in stopping malware from spreading cold even if a device is infected and at a fraction of the cost of enterprise offerings. The name “Airgap” comes from our ambition to offer this same level of perfect isolation, protection and cost-effectiveness for all enterprises across IT and OT.

VB: As CEO of Airgap, what insights have you learned about the cybersecurity industry? 

Agrawal: First, the threat landscape is incredibly dynamic, so only the nimblest organizations will adapt and thrive. This is why you see so many successful startups in cybersecurity — it’s hard for larger organizations to innovate as fast as attackers can, and customers can’t afford to fall behind.

For example, Airgap has six significant patents with more [pending] approval, and we just won three major innovation awards at RSAC, as our customers rely on us to keep them ahead of changes in the threat landscape.

Second, to aim high. This is a busy space with a lot of competing solutions, so incremental innovation and feature polishing aren’t going to displace any incumbents. I’ve always believed that as a startup you should deliver an entirely new architecture, not just a product, or you shouldn’t launch.

Finally, to try to internalize that every network security team is really stretched on time and budget right now. They need quick, easy wins that don’t require new skills. Simplification and rapid time-to-value is a business gamechanger. Don’t automate complex security processes — eliminate them with a better architecture. At Airgap, for example, we didn’t merely make traditional network segmentation plumbing “easier,” it’s just gone.

VB: How do you see the threat landscape evolving over the next several years?

Agrawal: Attacks are about to become a lot more sophisticated. For example, social engineering attacks using a combination of AI and the wealth of online information about us and our employers will punish networks that lack strong authentication and identity controls.

State actors and crime-as-a-service are likely going to play a larger role, and that means more attacks that aren’t about ransomware but instead cause significant damage to core networks and assets.

It’s part of a larger trend that I believe signals the end of perimeter-based security thinking, and in many ways the end of the aging core network architecture itself. And why customers such as Flex, Tillys and Kingston Technologies are actively adopting Airgap as their defensible architecture for business-critical infrastructure.

VB: What should cybersecurity leaders do to get ahead of this curve?  

Agrawal: First, recognize the need to prioritize protecting business-critical networks, assets and identities with a defensible network architecture. Everyone has their own unique “crown jewels.” They drive the business and operational processes that must stay secured, even if breaches are occurring elsewhere in the network. And that’s Airgap.

Perimeter-based firewall architecture isn’t enough, and I’m happy to debate any firewall vendor on this. Everyone is spending more and getting breached more; that’s not what winning looks like.

Second, aggressively drive trust and attack surface out of your network. Establish zero-trust segmentation between your business-critical infrastructure and your standard corporate IT network, as well as for all devices within shared networks, to make sure threats can’t spread. And close the gap between identity and endpoint protection with a dedicated secure access solution, as traditional VPN solutions don’t eliminate the legacy trusted connections that attackers know how to breach.

And you can’t secure what you don’t know about or can’t find, so leverage network-centric asset discovery and intelligence like Airgap that’s designed for low latency and no network congestion.

And third, prioritize cybersecurity solutions that don’t require heart surgery to your running network. Apply this litmus test to every security solution vendor: Tell me what changes to my network, tech stack or infrastructure do I have to make? How much training do I need? How long will it take? Airgap deploys in hours, which is great for time-to-value, but more importantly it does this because the touch to the running network is so light. Any solution that forces equipment upgrades, network readdressing, ACL/NAC changes or network downtime longer than a few microseconds should seriously be avoided.

VB: Why are OT networks a particular focus for attackers, and what special precautions should OT network owners take?

Agrawal: OT networks weren’t initially designed for security, but instead for speed and scale. OT networks have long life cycles, are patched infrequently, and are significantly accessed by suppliers and remote support technicians. They often have way too many devices sharing the same network segment. They’re filled with old Windows servers and headless devices, so all the agent-based solutions designed for corporate IT networks just plain don’t work. It’s like a security Swiss cheese but for many OT networks it can be more holes than cheese.

The very first thing I recommend for OT network owners is to create a dedicated layer of visibility and control (we call it an Airgap) between your corporate IT network and your core/OT network. The Airgap Zero Trust Firewall, or ZTFW, prevents any threats from spreading from IT down into the core network, and vice versa, so that safety of operations can be maintained even if higher network layers are compromised.

Airgap ZTFW relies on three essential capabilities to securing this dedicated layer. The first is agentless segmentation, because old Windows servers and headless machines are common. The second is secure access with full MFA (multifactor authentication) for your remote engineers and technicians, because VPNs trust way too much. And the third is network-based asset intelligence with accurate, real-time inventory, because OT networks are very dynamic.

VB: Once an enterprise fully segments and secures access to its network, how does asset intelligence help keep it safe?

Agrawal: Staying secure and in compliance on Day 2 and beyond is a major problem facing the industry. Before Airgap began delivering same-day segmentation, enterprises would put in six months or more of hard work to inventory and segment their network, only to watch it start to unravel again the very next day.

First, consider that real networks are highly dynamic. Whether the changes are from acquisitions, new campuses, refreshes or just mobile equipment moving between floors, most enterprises have no clear idea what they have or where it is. Everything starts with real-time accuracy, and that means the network. 

Prioritize solutions that leverage network context and network behavior analysis while ensuring low latency and no network congestion, which have been key design goals for Airgap with our ZTFW. Insist on having systems that can provide full visibility of every traffic flow, including lateral flows. Do not settle for systems that have extensive packet inspection and polling, as they can easily congest overloaded networks.

VB: Airgap just announced ThreatGPT, a ChatGPT integration with the Airgap Zero Trust Firewall. What does this do for customers, and where do you think AI-assisted cybersecurity is going?

Agrawal: We’re super excited about ThreatGPT. Because we establish full microsegmentation, we have a wealth of information about the network, assets and traffic history available. Because ThreatGPT is fully integrated into the core of the ZTFW architecture, you can use all available data to train the models, and I believe we are first to market with this.

ThreatGPT, based on the GPT-3.5 architecture, gives customers the data-mining intelligence of AI coupled with an easy, natural language interface. It’s pretty jaw-dropping; it will ferret out risks anywhere in your network by just typing in simple questions.

For the future, I see AI more as driving human productivity and not as a substitute for human intelligence. I’m pleased Airgap is leading the market here — it’s a game-changer in terms of risk management.