Sevatec, a national security firm specializing in Agile, DevSecOps, data sciences, cyber engineering, and cloud solutions recently brought on Sridhar Vishnubhotla as Chief Solutions Architect for Cyber Security. He joins the company’s Innovations Team (I-Team) to expand efforts in active defense, offensive countermeasures, and cyber deception management. As a subject matter expert, he will drive endeavors in machine learning and deep learning analytics to enhance business resiliency and protect federal customers’ IT infrastructure from cyber security threats.
As a part of one of the fastest growing fields in government contracting, Vishnubhotla recently shared his thoughts on cybersecurity as an industry, and how professionals can stay cutting-edge in this in-demand field.
1. How do you define cybersecurity?
Cybersecurity is a balancing act to provide security, assurance, and protection to critical information, whether personal or corporate. It transcends technologies, people, and processes to provide operational and business resiliency.
2. What are the growth areas and industries where cyber professionals should focus their development?
Cybercrime is industry agnostic. With cybercrime increasing at an exponential pace, some areas that have room for deep growth are 1) Threat Modelling: Machine Learning and Deep Analytics 2) Continuous Diagnostics and Mitigation Strategies and, 3) Security Awareness Programs: Existing and Emerging Threats, Vulnerabilities, and Risks
3. What technical skills are needed?
Penetration Testing, Cloud Security, DevSecOps, Code Review, Security Hygiene, Network Security (Isolation and Segmentation), and Cyber Technical Writer
4. How do you keep your skills sharp?
I am actively involved with cyber communities within the industry, Centers of Excellence and Innovation teams for cyber security. My primary focus is data protection to enhance quality of life and protect people. I am also a member of several professional organizations, and having professional certifications helps provide access to state-of-the art learning opportunities and skill sets. Through these associations, members get exposure to up-to-the-minute market conditions, the latest emerging threats and risks, and leading-edge mitigation strategies, as well as an opportunity to build relationships and discuss current trends. Also, I constantly research government and commercial professional efforts, participate in meetups, cyber conferences, and industry days to make sure my skills always remain on the cutting edge.
5. What are some of the unique aspects of providing this kind of cutting edge support to the federal government, versus working in Silicon Valley?
The mission of the federal government is to “Improve Quality of Life and Protect Americans.” Silicon Valley and commercial industries may not always share the same vision. With that purpose guiding priorities, stakeholders in the federal government have different needs and expectations than those in for-profit commercial industries.
The federal government must also meet extensive regulatory requirements, but we know that regulatory compliance does not make information secure.
At Sevatec, we define our mission as being dedicated to partnering with the government and providing trusted talent who are inspired to serve and protect Americans. We help our federal customers secure and protect vast amounts of information, addressing the combination of location (physical or virtual), people, processes, and technologies through an Agile approach towards a strong security posture.
In fact, among Sevatec’s unique differentiators in the government contracting arena is our strong focus on Agile processes – both across our own organization, and for our customers. Because we are a mid-tier organization and able to fully take advantage of quick-turn Agile, DevOps, and DevSecOps approaches, we have built a strong reputation in the national security arena.
By reviewing a government agency’s needs and requirements, we are able to design and tailor unique cyber security solutions, using Threat Models specific to the government’s operations. In turn, these proactively address existing and emerging threats, vulnerabilities, and risks with cost-effective mitigation strategies.