Andrea Carcano

Cybersecurity appeals to me because there is a lot of lateral thinking involved.

Andrea Carcano

Andrea Carcano is co-founder and Chief Product Officer of Nozomi Networks, the leader in OT and IoT security for critical infrastructure. He is an expert and international leader in industrial network security, artificial intelligence and machine learning. With a passion for cybersecurity that began in high school, he went on to study the unique challenges of securing cyber-physical systems. Andrea holds a master’s and PhD in Computer Science, focusing in both on cybersecurity. He has published several academic papers, including one describing an early example of malware targeting SCADA systems.


Interviewer

    5 minute read
    08 January 2025

    Andrea Carcano, co-founder and Chief Product Officer of Nozomi Networks, reflects on lessons learned from the global IT outage in July 2024, discusses why the conditions are ripe for generative AI and explains why he is looking to the future with confidence.

    Nozomi Networks is currently a leader in industrial cyber security. Can you tell us how it all started – for you personally and with Nozomi Networks?

    It’s always a pleasure to pause and reflect on the early days – we’re always so busy working on new challenges, emerging topics, company growth. Ours is a typical startup story. My co-founder, Moreno Carullo, and I started the company with very little money in a small office at my parents’ house.

    For me, my lifelong passion for cybersecurity has been a major motivation. I studied the subject, then followed up with a master’s and a PhD in OT critical infrastructure protection. Cybersecurity appeals to me because there is a lot of lateral thinking involved. When someone develops software, he or she basically tell users how to work with it. If you think about it, cybersecurity is basically about finding another way to use that software.

    I started my career at the European Commission by building malware and viruses designed to attack industrial control systems, all for research purposes, of course. I also worked for a large oil and gas company, which took me to Nigeria, Tunisia, Egypt, Congo and many other countries. So, my background is a mix of academic and practical experience.

    Cybersecurity appeals to me because there is a lot of lateral thinking involved.
    You mentioned that you started out working from your parents’ house. Nowadays, where everything happens online, how important is it to be in the office?

    Our company’s flexibility and our people’s determination to make the very best of these difficult times were certainly important cornerstones. We pushed the pace, developed the counting system within a very short space of time and approached our existing customers. Demand was very high, so everything went like clockwork, especially during the first few weeks. We found ourselves submitting tender after tender, and managed to acquire new customers – in Switzerland and abroad. This triggered new challenges though: we had to invest, take a risk, procure materials and, and, and. We wouldn’t have got through this demanding situation without our dynamic team and the investors, who supported our idea. Another key success factor was the use of mostly in-house resources to create the counting system. In addition, our people programmed the app themselves. Thanks to short production pathways, we were always one step ahead of our competitors and in a position to supply customers quickly. After a while, some copycats came on the scene and the situation returned to normal a bit.

    When Nozomi Networks started we were a remote company, so we were ahead of time in that respect. Before the Covid pandemic, Nozomi Networks was considered innovative because we gave our people so much freedom. Moreover, in the pre-pandemic times there was a different mindset. Even when I told people that there was no need to come into the office every day, they would often show up anyway. Now, after the pandemic, it’s the opposite. In Silicon Valley, where I’m based, many companies are struggling to get their people back to the office.

    I think there is a value in being together, especially when you do tech stuff, because you need to experiment, test your next ideas, get inspiration from other people. I can’t give you a formula – one, two, five days – but it’s important to spend some time together in the same place.

    Let’s talk about the recent global IT outage affecting numerous airlines, banks, businesses and government institutions. Where were you then and how did you perceive the event?

    July 19, 2024, was a historic day in IT. There were blue screens all over the world, in hospitals and airports. I don’t use any of the affected software, so I didn’t suffer a direct impact – fortunately.

    I think what stands out about the outage was its scale: seeing that blue screen pop up in so many places at the same time and around the world. So many people were impacted. At Nozomi Networks, we are acutely aware of the consequences of cyberattacks for connected devices that affect the day-to-day lives of different people. Nowadays, technology is generally quite resilient, and we tend to forget about the potential impact until something like this happens.

    At Nozomi Networks, the outage reminds us why our philosophy is so important. We believe that when you install cybersecurity software anywhere in a critical area like surgery or air traffic control, you need to apply design thinking. The stakes are high, and the approach needs to be a bit different. That’s what we’re trying to do as a company.

    I think what stands out about the outage was its scale: seeing that blue screen pop up in so many places at the same time and around the world.

    What effective strategies and approaches can successful organizations adopt to manage cybersecurity risks in their OT infrastructure?

    I wouldn’t claim to know all the answers to this question, but I can certainly share some best practices and lessons learned from being in the business for many years.

    A good mantra to have is to plan everything you want around the project on OT from the outset, but also to acknowledge that you need to plan for the unexpected. This is probably true in any project, but in the OT environment, in particular, you will always need to accommodate things that weren’t on the radar when you designed your project.

    Another important aspect for Nozomi Networks, but also for our customers, is the mindset of customer satisfaction. The goal shouldn’t be to sell as much as possible, but to keep customers happy. To achieve this, you need to sell the right technology or the right product at the right time. For Nozomi Networks, that’s a platform of products. In my opinion, everything start from understanding the customer’s setup and needs. An analogy I like is: If you buy a new house, you need to protect it by installing an alarm system.

    You need to plan for the unexpected.

    Looking ahead, which emerging trends or technologies do you believe will have the most significant impact on OT security? How should organizations prepare themselves for these changes?

    We’ve been involved in the OT conversation for eleven years now, and the journey is ongoing. Convergence is a major trend and it’s still happening. Obviously, there are some companies that were quicker and already ahead of their competitors, and others that are behind because they just started.

    One thing we strongly believe as a company is that convergence is unstoppable. It’s going to happen anyway, and it’s better to embrace it earlier rather than later. That’s what we’re trying to recommend to our customers.

    You can’t have this mindset of separation: OT, IoT, IT. It doesn’t work. You are bound to find a lot of very deep OT technology, but there will also be cameras, printers, computers. You’ll also see standard IT technology, including the capability to discover something on the OT side. That’s why a solution like Nozomi Networks needs to be capable of understanding the whole picture. I think this is where the future is going.

    Why do you think generative AI is coming of age right now and how does it affect cybersecurity – and society?

    The last 18 months have been very exciting. We see some real innovation coming. Nozomi’s co-founder did his PhD in AI and generative AI, so I have some good insights from him. He likes to remind me that the algorithms behind AI and generative AI weren’t invented overnight. The math behind them have been around for many years. But two things have happened in recent years to enable the innovation to come to fruition. The first is the amount of data which is accessible today. Much more than five to ten years ago, and it’s still growing. We can use this to build intelligence. This brings me to the second point: In order to process all of that information, you need to have the power, the CPU capability. What’s happening right now is the perfect alignment of data, viability for learning and capability to process all that data.

    This exciting change also has major implications for cybersecurity. At Nozomi Networks, we actively monitor the hacking community. And one thing we’ve noticed is that AI technology has lowered the level of knowledge and skills needed to build malware, but at the same time it has made the attacks more complex. We believe that this change is also an opportunity on the protection side. We can use AI to change the way cybersecurity has been practiced. I think that three years from now the standard job of a security analyst will be very different.

    Looking a bit into the future, we always need to maintain a critical stance, but we also need to play with the technology, understand how to use it properly. AI will make mistakes, but it will also get better. For the next generation, it will just be part of life. We all need to embrace it.

    AI technology has lowered the level of knowledge and skills needed to build malware, but at the same time it has made the attacks more complex.

    Featured articles and interviews

    Is Operational Technology Security your shortcoming or long-term advantage?

    s digital technology and physical processes converge, securing operational technology (OT) has become a business imperative.

    Sebastian Tobler, Co-founder and CEO of GBY SA

    Sebastian Tobler is co-founder and CEO of GBY SA, which has developed a new approach for the rehabilitation of people with reduced mobility. An automotive engineer by training and trade, Sebastian Tobler’s life took a new direction when a bike accident left him paralysed. Alongside his entrepreneurial activities, he heads the SCI-Mobility Lab as Professor at the Bern University of Applied Sciences.

    Patrick Pruniaux, Chairman & CEO of Sowind Group

    Patrick Pruniaux has a background in business administration and began his career in the watch industry at TAG Heuer. Always fascinated by innovation, he joined Apple in 2014 and oversaw the launch of the Apple Watch. Following a move to Kering in 2017, he managed the Ulysse Nardin and Girard-Perregaux watch brands. In 2022, Patrick Pruniaux spearheaded the historic management buyout and now serves as CEO of these two brands within Sowind Group.

    Serra Bicak, Reckitt Hygiene

    Serra Bicak is Senior Vice President Reckitt Africa Middle East at Reckitt Hygiene. She has lived and worked in eight different countries for various roles during her career in fast-moving consumer goods. Serra Bicak is passionate about diversity, equity and inclusion (DE&I) and leads Reckitt Hygiene’s gender balance program.

    Judith Häberli, Urban Connect

    Fabienne Muff, an engineer from Lucerne, studied mechanical engineering at the ETH Zurich with a focus on renewable energies and robotics.

    Siddhi Mehta, Rhythm 108

    Siddhi Mehta, founder and CEO of Rhythm 108, talked to us about sustainability, craftmanship – and how her company combines heritage and innovation to take the Swiss chocolate tradition into the future.

    Francisca Obrecht, Weingut Obrecht

    Peter Rupp grew up in Sargans, Switzerland, around 20km south of the Hilti headquarters in Liechtenstein. He studied Economics in St. Gallen, then took a post-graduate degree in Engineering in Winterthur.

    Peter Rupp, Hilti Group

    Peter Rupp grew up in Sargans, Switzerland, around 20km south of the Hilti headquarters in Liechtenstein. He studied Economics in St. Gallen, then took a post-graduate degree in Engineering in Winterthur.

    Luciana Vaccaro, HES-SO

    Originally from Naples where she grew up and studied physics, Luciana Vaccaro moved to Switzerland in 1996 to complete a PhD in microengineering at EPFL. She held various positions in research and education at the universities of Neuchâtel and Lausanne before heading the Grant Office at EPFL. In 2013 she took the reins of HES-SO as rector. Last October, Luciana Vaccaro was elected president of the umbrella organization swissuniversities and started in her new position on 1 February.

    Thomas Fürer, ABB

    Thomas Fürer has served ABB for 22 years, including 14 years in his current role as Group Head of Tax. A Certified Swiss Fiduciary Expert and Certified Swiss Tax Expert, he takes a keen interest in technology and digitalization in the tax function and beyond.

    Monika Zihlmann, Global Digital Commercial Platforms

    Monika Zihlmann, Vice President Global Digital Commercial Platforms at Smith+Nephew, discusses the trends and pressures shaping the medtech industry and explains why now is the time to embrace a multi-channel customer engagement model.

    François-Henry Bennahmias interview

    François-Henry Bennahmias was born in Paris. After five years as a professional golfer, he decided to take on new challenges in the luxury industry, working for brands such as Giorgio Armani, Gianfranco Ferré and others, before entering the world of fine watchmaking with Audemars Piguet in 1994.

      Are you our next interview partner?

      The New Normal Magazine is open for thought leaders and decision makers.