In today's digital age, data is the lifeblood of most businesses, and safeguarding it has become an increasingly complex challenge. Venkata Sai Manoj Pasupuleti, Lead Software Engineer at Apple, has made significant contributions to data privacy and cybersecurity. His extensive experience spans industries such as banking, cloud services, and hospitality, where he has played a pivotal role in shaping resilient security protocols. In this interview, Venkata Sai Manoj shares insights from his time at L&T, Hyatt, and ServiceNow and discusses the evolving landscape of cybersecurity and data privacy.
Interviewer: Venkata, your journey in data privacy and cybersecurity is truly inspiring. Can you start by telling us how it all began?
Venkata Sai Manoj Pasupuleti: Certainly. My fascination with data began during my undergraduate studies in Electrical Engineering at the Manipal Institute of Technology, India, where I graduated in 2011. Shortly thereafter, I joined L&T and worked there for three years. I moved to the U.S. in 2014 to pursue further education and received my Master of Science in Electrical and Computer Engineering from The Ohio State University in 2016, graduating with a 3.8 GPA. It was during these formative years that I developed a deep interest in data security and its critical importance across industries.
Interviewer: You've worked in sectors where data security is paramount, especially during your time at L&T. Could you elaborate on your role in securing data for Syndicate Bank?
Venkata Sai Manoj Pasupuleti: At L&T, I was deeply involved in securing sensitive financial data during our work with Syndicate Bank. My role primarily focused on strengthening the security architecture to protect transactional data and sensitive customer information. One of my key contributions was implementing encryption protocols to secure data both at rest and in transit. This was essential for safeguarding critical information such as account details, credit card numbers, and personal identification from external threats. Additionally, we deployed multi-factor authentication (MFA) and risk-based authentication to prevent unauthorized access.
Working in the banking sector was eye-opening—it underscored the importance of cybersecurity, not just as a backend concern but as a critical part of the customer experience. A breach can cause financial losses and a significant erosion of customer trust. Our team ensured compliance with stringent regulations like PCI-DSS and conducted regular audits to maintain high-security standards.
Interviewer: ServiceNow is a leader in cloud services, especially in highly regulated sectors like government and healthcare. How did you manage data security while working toward FedRAMP certification?
Venkata Sai Manoj Pasupuleti: ServiceNow's cloud platform serves industries where data privacy and security are non-negotiable. Achieving FedRAMP certification was one of the most significant projects during my time there. FedRAMP sets rigorous standards for cloud services used by U.S. government agencies, so the bar for security was incredibly high. A crucial element was ensuring strict Identity and Access Management (IAM) protocols, such as Role-Based Access Control (RBAC), which ensured that only authorized personnel had access to sensitive information.
Obtaining FedRAMP certification wasn't just about meeting regulatory requirements—it was about building a cloud platform that instilled trust and security for enterprise clients. This achievement significantly bolstered ServiceNow's reputation as a reliable partner for organizations looking to migrate critical operations to the cloud while maintaining top-tier security.
Interviewer: At Hyatt, you were instrumental in implementing innovations like the Digital Key, the World of Hyatt (WOH) app, and revamping the Hyatt.com website. How did you balance these innovations with maintaining high cybersecurity standards?
Venkata Sai Manoj Pasupuleti: The hospitality industry is unique in that it handles a combination of personal, financial, and location-based data. At Hyatt, we focused on enhancing the guest experience through digital innovations like the Digital Key, which allows guests to unlock their rooms using their smartphones. These advancements, however, introduced new cybersecurity challenges.
To ensure security, we implemented end-to-end encryption to protect communications between the app and the hotel's backend systems. We also integrated biometric and multi-factor authentication to safeguard against unauthorized access, especially if a guest's phone was lost or compromised.
For the WOH app, which manages sensitive guest data like reservations and loyalty points, we adopted tokenization for payment data, making sensitive information inaccessible to attackers even during a breach. We also employed AI-powered monitoring to detect anomalies in guest account activities, allowing us to proactively mitigate threats.
The key was providing a seamless, secure digital experience that enhanced the guest journey while adhering to strict cybersecurity protocols.
Interviewer: With your extensive experience across industries, what trends do you foresee in the future of cybersecurity and data privacy?
Venkata Sai Manoj Pasupuleti: The cybersecurity landscape is evolving rapidly, and one of the most significant trends I foresee is the rise of quantum computing. Quantum computing has the potential to break traditional encryption methods, which will force industries to adopt quantum-resistant algorithms. This shift will be both a challenge and an opportunity for the cybersecurity sector.
Ransomware attacks are another growing threat. I believe organizations will increasingly rely on AI and machine learning to detect and prevent such attacks before they cause significant damage. Privacy-enhancing technologies, like differential privacy and federated learning, will also become more prominent, especially as businesses continue to integrate AI and data analytics into their operations.
With the growing importance of regulations like GDPR and CCPA, I also see a shift toward privacy-by-design approaches from the outset. Additionally, decentralized security models like blockchain will provide enhanced transparency and protection for data-driven transactions.
Interviewer: What advice would you give to organizations aiming to strengthen their cybersecurity and data privacy measures?
Venkata Sai Manoj Pasupuleti: My advice is to treat cybersecurity as a foundational element, not as an afterthought. Organizations should adopt a zero-trust security model, where every user, device, and application is thoroughly verified before being granted access. This approach minimizes insider threats and mitigates the risk of large-scale breaches.
Encryption should be standard practice for data both at rest and in transit. Additionally, organizations must conduct regular audits and vulnerability assessments to identify weaknesses before they become critical. Employee education is also essential, as human error remains one of the leading causes of data breaches.
Finally, stay ahead of emerging technologies. Quantum computing and AI are set to reshape the cybersecurity landscape, and adopting forward-thinking approaches will be crucial for protecting sensitive data and maintaining customer trust.