Cybersecurity has carved out a spot in today’s digital landscape and made itself a necessary piece. Without adequate cybersecurity, a company opens itself up to data breaches and other critical threats.
Seven years ago, Rajesh Khazanchi co-founded ColorTokens, a leading innovator in SaaS-based Zero Trust cybersecurity solutions providing security from endpoint to cloud. Their tools elevate cybersecurity to the level of a queen in chess–powerful and invaluable.
Khazanchi, now the CEO of ColorTokens, has deep insights into the evolution of cybersecurity and has been on the front lines of the battle against cyberattacks for almost three decades. His extensive background in leading product teams at VMware, BMC, HP and Oracle has profoundly shaped his understanding and philosophy on leadership, scaling and the future of security. He is an experienced leader with a strong track record of developing and delivering innovative products and has been awarded six patents for his cloud automation and cybersecurity innovations.
Trust is the fundamental philosophy of why he started ColorTokens. His drive and motivation stem from the idea that no one – not businesses, not families, not individuals – should be forced to feel the pain of a cyberattack.
Over the last 10-15 years, networks have changed remarkably. And it’s a transformation Khazanchi has witnessed up close – networks going from very rigid hardware-centric to virtualized networks.
“The same can be said for storage,” he says. “Storage went from the EMC, HP and the Dell’s of this world to the pure storage of the companies, which actually started virtualizing storage systems and making storage as a service.”
Despite the rapid change and adaptation of new technologies, Khazanchi observed that security was significantly lagging. “That was a phenomenal opportunity for all of us,” he says.
“[At ColorTokens], we conceptualize the need to have security independent of which application is running where. Independent of the cloud infrastructure or data center infrastructure and independent of where the user is accessing.”
The Concept of Zero-Trust And the “New Normal”
ColorTokens works off the concept of “trust nothing, verify everything” to maintain data integrity and business continuity despite any cyber-attacks. The zero-trust approach takes from the idea that you should avoid guesses and implicit trust assumptions. Users should switch input signals on an ongoing basis to adapt to changing contexts and circumstances.
It is no secret that enterprises are constantly under attack. Cybersecurity and cyber threats are trading digital blows in a constant technological war. Perimeter defenses have proven increasingly ineffective for most enterprises in stopping the initial breach or the following spread.
The last two years of the pandemic have forced an acceleration in digital transformation. It has been a boon to hackers but a threat to companies unprepared on the security side to adjust to the evolved cyber threats. Remote work is also an added risk factor.
Khazanchi has seen the awareness around cyber security significantly increase but still believes there is a lag. “The concept of trust and untrust is still there. Users think, ‘If I’m connected to a laptop, my laptop, it’s fine.’ They don’t realize that the process is already running.”
He sees it as crucial for users to increase their knowledge. “It’s also about cyber practices and how you can actually preserve your identity and your assets online,” he says.
CEOs and boards are approaching Khazanchi as the concerns around cybersecurity are rising. Many companies have experienced attacks, although few are made public. Remote work also means increased data breach attempts.
The growing concerns have employers on higher alert, searching for ways to address how users are accessing applications.
“People can work from anywhere. They can have untrusted networks; their systems can be compromised. You must think from a perspective that you can be attacked at any time, now go with the notion that the attack is already inside. With that perspective, go and build your strategy, which is actually the right strategy. You need to think that your users are unknowingly clicking on something. During that time, how your infrastructure is reacting is very important,” Khazanchi says.
Adapting to Cyber Threats with Zero Trust Architecture
The Xtended ZeroTrust Platform is ColorToken’s cloud-delivered, software-defined platform. It secures critical assets and works to maximize the deterministic quality of enforcing security rules.
“The fundamental genesis of ColorTokens started with, ‘how do I protect my applications, assets and data, keeping the principles of zero trust in mind?'” says Khazanchi.
Indeed, with the relatively new zero-trust concept, many might not understand that it operates as an architecture, not as a product. There is an abundance of tenants or aspects associated with zero-trust architecture, and procuring only one of them from a vendor is not enough, nor is it efficient.
“We are not an identity solutions company, but we do a zero-trust segmentation and zero-trust network access. That ensures them that any time applications are talking to each other or the user is talking to an application, you bind the identity of a user or a system, or a service with that application. So, every single time application is protected. Be that on a cloud or data centers,” he says.
With all the cyber-attacks and subtle breaches, what is critical is how a company chooses to focus on salvaging and protecting despite being compromised. Knowing that your organization likely already has compromised assets is the first step.
Working from home is the norm for many companies, which is transforming the IT infrastructure; now, the question of how to protect your assets becomes even more critical.
Benefits of a Cloud-Native Platform
Back when Tony Scott was still the federal Chief Information Officer, he put in place the premise of the NIST framework. Now, Scott sits on the ColorTokens board of directors.
It was built as a cloud-native platform, which means no on-prem installations with the software. It’s a lightweight data collector agent installed in the customer’s environment. ColorTokens gives visibility to micro-segmentation capabilities and endpoint protection by extending the policies created in micro-segmentation to the end-user.
“We are fundamentally a workload protection system,” Khazanchi says. The company also offers a complete managed services offering of their solutions, making it a convenient package for any company that needs a boost in their cybersecurity.
Don’t Aim for Perfection: Lessons After a Year As CEO
With almost 400 employees, ColorTokens has a strong foundation of dedicated team members.
A year ago, Khazanchi took over the reins as CEO. “I thought I was reasonably prepared to be CEO. But as it turns out, nothing can truly prepare you to lead an entire organization,” he says.
The past year has taught him invaluable lessons, and he believes building an A-plus team and instilling a culture of trust and accountability is crucial for success. He is also an advocate for putting perfectionism to rest.
“You need to prioritize progress. Don’t aim for perfection because it will cost you an enormous amount of time. Even if it’s 80-90% perfect, agility and speed are far more important than perfection.”
As for his team, as the CEO, he knows “the buck stops with him.”
“Extreme accountability is essential for us to achieve our vision, and anything less is unacceptable,” he says.
“My job as the CEO is to set clear goals and strategies, then get out of the way so my team can get the job done. My job is to lead and inspire, not to second guess. We have great talent, great tools, and great teamwork. You’ll do your best work when you know that you are fully empowered and trusted.”
Cybersecurity is a rapidly shifting space. Many unexpected influencers can impact it, such as the pandemic and war. The only constant thing is how important it is.
Keep an eye out for more advancements in the ColorTokens Zero Trust Architecture platform of solutions.
