The dark web, emerging cyber threats, and the race to stay ahead in a rapidly evolving digital landscape—are just some of the topics Saket Verma, Cybersecurity India Practice Leader at Kyndryl India, navigates daily. In an exclusive interview with The Cyber Express (TCE), Saket shares his remarkable career journey, detailing how he has shaped the future of cybersecurity with a keen focus on business growth and innovative security solutions.
Before joining Kyndryl, Saket was the President of Aujas Cybersecurity, where he honed his skills in strategy and client satisfaction. With a career spanning over 25 years at leading companies like IBM and HP/HPE, he has successfully managed multimillion-dollar business units and led diverse teams across the Asia-Pacific region.
Outside of his professional life, Saket is passionate about exploring new tech trends, delving into Vedantic philosophy, and enjoying the timeless adventures of Tintin.
TCE: With your extensive experience across multiple organizations, how has the approach to cybersecurity evolved over the years, especially in the Indian context? Do you believe that Indian organizations are genuinely committed to cybersecurity, or is it more of a compliance checkbox for many? What is your assessment of the current state of cybersecurity in India, particularly in terms of incidents, vulnerabilities, and recent attacks?
Cybersecurity has evolved dramatically from a mere checkbox item to a critical priority for organizations across sectors. As a global IT hub, India faces unique challenges. The advancements in IoT, machine learning, and 5G, combined with hybrid work environments, have expanded the digital footprint leading to new sophisticated cyber threats.
According to a 2023 DSCI report, Indian respondents detected more than 400 million cyber threats across 8.5 million endpoints, averaging 761 detections per minute. Furthermore, the evolution of AI has pushed the world to move away from legacy tech solutions, rendering traditional security perimeters obsolete.
As a result, the focus has shifted from mere safeguarding to developing effective methods for identifying, detecting, and managing risks. Although India has advanced from a primary reliance on antivirus software and firewalls to utilizing high-tech tools like Cloud Access Security Brokers (CASB) and behavioral analytics, vulnerable gaps still remain which cybercriminals exploit.
TCE: Attack Surface Management (ASM) is critical for identifying and mitigating potential vulnerabilities. How do you approach ASM in your strategy, and what technologies or methodologies do you find most effective in managing an organization’s attack surface?
Attack Surface Management (ASM) involves the continuous process of identifying, analyzing, and reducing an organization’s attack surface. This process covers network infrastructure, software applications, cloud services, endpoints, and even human factors like social engineering.
Our zero-trust framework prioritizes securing the most critical and risky elements, selecting use cases aligned with business objectives, and leveraging established zero-trust public frameworks.
TCE: Threat Intelligence is often cited as essential for proactive defense. Can you also share how you have integrated threat intelligence into your cybersecurity strategy, and how do you ensure that the intelligence gathered is actionable and relevant to your specific threat domain?
To tackle a problem, you need to understand it first, and the same applies to protecting against cyberattacks. When integrating threat intelligence into your cybersecurity strategy, focus on gathering relevant data, identifying and monitoring threats in real time, and automating its use in security tools. Prioritize high-fidelity threat feeds, contextualize the data, and continuously update mechanisms to adapt to evolving threats.
TCE: Dark Web Monitoring is becoming increasingly important as cybercriminals operate in hidden online spaces. How do you conduct dark web monitoring effectively, and what are the challenges you face in tracking and responding to threats that emerge from these environments?
Dark web activity can alert businesses to ongoing or past attacks or threats linked to partner breaches. As an early warning system, dark web monitoring helps detect data breaches and classify risks from unknown sources, enabling faster responses.
Companies can track these activities using advanced tools like keyword searches, pattern recognition, and machine learning algorithms. However, the dark web’s clandestine nature and vast volume of information make tracking difficult. Its encrypted, pseudonymous communications further complicate assessing credibility.
TCE: The cybersecurity skills gap is a global issue, yet many argue that the industry is not doing enough to create accessible pathways for new talent, especially for underrepresented groups. What are your thoughts on this, and how can the industry better address these concerns?
India’s digital economy could generate up to $1 trillion by 2025, with half of this coming from new digital ecosystems. However, the country faces a significant cybersecurity skills gap. The industry must create more inclusive and accessible opportunities for new talent by collaborating with educational institutions, businesses, and government agencies.
Developing low-cost or free training programs, offering scholarships, and fostering community-based learning can help close the gap. Our company is addressing this issue through initiatives like the Cyber Rakshak program, which trains women in rural areas in essential technology skills, aiming to create 100,000 Cybersecurity Ambassadors in three years.
Additionally, company’s Cyber Sainik program, in collaboration with the Data Security Council of India (DSCI), aims to train 25,000 students in cybersecurity to defend against cyber threats like bullying and online exploitation.
TCE: You’ve led large cross-industry sales teams and driven consulting businesses across various organizations. In your experience, have you seen a genuine alignment between business leaders and cybersecurity priorities, or do you find that cybersecurity often takes a backseat to business goals? There’s a growing debate around the effectiveness of traditional cybersecurity measures versus newer, more innovative solutions. Some believe that traditional methods are outdated and inadequate for today’s threats. Where do you stand on this, and do you think organizations are too slow to adapt to new technologies?
When we talk about the changing cybersecurity landscape, we’re referring to a shift with far-reaching implications. As the landscape has evolved, security has become a top strategic priority for business leaders across all industries. This evolution has also made the role of the Chief Information Security Officer (CISO) increasingly critical and complex. While many experts argue that traditional cybersecurity methods are becoming outdated, it’s important to recognize that this is not about following trends—it’s about adapting to a constantly evolving threat environment.
Indian organizations are adapting to this rapid pace of change. For example, while perimeter security and basic antivirus solutions were once sufficient, the rise of AI-driven scams has forced defenders to also adopt AI and machine learning to enhance threat detection and response capabilities. In our company’s State of IT Risk Survey 2023 survey, 84% of global respondents confirmed that their organization relies heavily on IT systems to run critical business processes and 71% had experienced a cybersecurity-related event. To effectively navigate these changes and improve responsiveness, collaboration among CISOs, CIOs, leaders, and stakeholders is crucial in today’s digital economy.
TCE: What emerging trends have you observed in the evolution of cybercrime, particularly in the tactics and sophistication of ransomware and phishing attacks? How are these threats evolving, and what new strategies are cybercriminals using to bypass traditional security measures?
AI plays a significant role in cybersecurity, acting both as a tool for defenders and a weapon for scammers. Phishing and ransomware have surged as the most prevalent cybercrimes, posing a growing threat to organizations.
Ransomware has evolved from simple encryption-based attacks to more sophisticated forms like “double extortion,” or even “triple extortion” where attackers steal data and threaten to leak it if ransoms aren’t paid. Recently, some ransomware operators have shifted tactics, bypassing encryption to focus on stealing sensitive data and threatening to expose it on shame sites to pressure victims.
In India, a ransomware attack recently shut down payment systems across nearly 300 local banks, impacting 0.5% of the country’s payment volumes. To combat these threats, strong authentication measures like multi-factor authentication (MFA), regular vulnerability management, timely patching, continuous security monitoring, incident response, employee training, and endpoint monitoring and protection.
Phishing remains the most common form of social engineering, tricking users into compromising security. India recorded 79 million phishing attacks in 2023, according to a recent report. To combat phishing, the focus should be on employee awareness training and implementing advanced email security solutions to filter out malicious content. With the rise of cloud services and personal devices, endpoint monitoring and protection are critical to detecting and responding to breaches.
