CTO Pekka Sillanpää: "Security must be transparent and built-in"
Contact us Subscribe

CTO Pekka Sillanpää: “Security must be transparent and built-in”

Pekka Sillanpää joined Tosibox in February 2019, when he was appointed Chief Technology Officer (CTO) and member of the Executive Management Team. Pekka is a skilled cyber security specialist who is focused on driving Tosibox’s R&D work and software development. After two months at Tosibox, it’s time to learn a bit more about Pekka.

Welcome to the Tosibox family, Pekka. Could you introduce yourself and share your thoughts about working at Tosibox so far.

Thanks, sure, I feel very excited – lots of things going on! I worked for the cyber security services company Nixu for almost 14 years, which was a great growing path, covering basically every aspect of cyber security. I realized that doing even the basic things right in this domain can be very difficult on a larger scale. Lessons learnt were that security must be transparent and built-in.

When I realized that the mission of Tosibox is to simplify secure connectivity, providing a cure to a huge and growing problem, I got really excited about the opportunity to work here. Product business has always been close to my heart and I have helped many software companies during my career. Here I can really utilize practically everything I have learnt in the past years and still learn something new every day.

So far I have been very impressed with the Tosibox culture. Since the first day I have felt the enthusiastic and supportive atmosphere. People get nice feedback from colleagues, and people love what they do. We are currently living in a really cool phase at the company, taking it to the next level by transferring the knowledge of the first propeller hats to a bunch of new talented developers, while at the same time extending our current hardware based business to software business. Interesting times!

Tosibox offers secure IoT connectivity, and you have strong competency in cyber security. What are the biggest cyber security challenges companies are facing today?

Detecting cyber attacks before it’s too late is one of the biggest challenges companies currently have. The most common attacks are ransomware attacks, because people open malicious emails or leave insecure and vulnerable devices visible to the Internet – both which are relatively easy to exploit. Having proper backups may help, but still installing all production servers from scratch is a ton of work and may cause big costs due to recovering actions, possible sanctions and especially loss of productivity.

Protecting 100% against the attacks seems to be impossible. However, doing even the basic things right would reduce the attack surface drastically. Especially in the smart industry and building automation domains, there is a fast growing number of insecure devices connected to the Internet without any protection, all the time. This is the area where I see a big demand for easy-to-use solutions and want to help the world with this.

Cyber security is a hot topic right now and justly so. What does the future look like in this domain?

Cyber security is a hot topic, not only because it is an ever-continuing fight between the good and bad, but also the impacts of the cyber attacks are huge. There is a lot of money involved. Companies have even gone bankrupt because of not recovering from the attacks.

I believe that companies are improving in understanding their risks and becoming more aware of the business impacts to make prioritized decisions. After understanding this, they can also do smarter investments in cyber security. Thanks to better understanding of the risks – and how to control them, I believe that we are moving towards a more secure and trustworthy digital world. The same trend has slowly happened in all more traditional industries too – similarly as wearing a safety belt and bicycle helmet have become normal, even cyber security technology will become a natural part of our everyday life. And of course, products are built initially more secure as the awareness grows.

How does Tosibox differentiate itself from competing solutions? What drew you to Tosibox?

There are some competing solutions, but most of the ones I am aware of are intercepting traffic in the cloud of the service provider, which may be a security risk. What I like about TOSIBOX® technology, is that it provides a full end-to-end encrypted communication channel, from the user’s workstation to the managed devices – or from the devices to the data analysis server. No one in between can intercept the traffic. I also like the technology stack and the future plans on focusing more to software based products and solutions.

Cyber security is serious business. How do you balance work and personal life?

Sometimes the days get long indeed. There are frequently new attacks, new technologies and many other interesting things to be studied and investigated, which may sometimes get quite addictive. I try to ensure that in addition to work related stuff I have enough time for a) family b) taking care of my physical condition and c) relaxing. I don’t have strict working hours, but when all these areas are in balance on a weekly basis, I can also give my best at work. I like jogging, gym and playing tennis, and like to relax by practicing my favorite musical instruments.

Learn how TOSIBOX® simplifies IoT security >

“Similarly as wearing a safety belt and bicycle helmet have become normal, even cyber security technology will become a natural part of our everyday life.”

Pekka Sillanpää, CTO, Tosibox