The exponential rise of digital infrastructure and connectivity has undoubtedly accelerated the growth of our economy in the past decade. But it has also raised the issue of cybersecurity which is now a matter of utmost concern across public and private sectors alike.
SecurEyes, a Bengaluru-based cybersecurity firm founded in 2006, has emerged as a trusted partner for regulatory bodies, governments, and multinational corporations worldwide. With a presence in over 30 countries, the company offers a comprehensive suite of services, including cybersecurity assessments, managed services, and governance, risk, and compliance (GRC) consulting. SecurEyes has also developed a range of products to help organizations manage their cybersecurity and compliance obligations effectively. The company's commitment to innovation and excellence has earned it prestigious accolades, such as the Technology Services Award at the Central Banking Awards 2023. In this interview with TheCSRUniverse, Seemanta Patnaik, Co-founder and Chief Technology Officer, and Karmendra Kohli, Chief Executive Officer and Director, share insights into SecurEyes' journey, its approach to cybersecurity, and its vision for the future.
Scroll down for more insights:
Q: SecurEyes operates at the intersection of technology and trust. How have you earned the confidence of major institutions?
Seemanta Patnaik: Trust in cybersecurity begins with quality service. For example, during one of our first retail banking audits abroad, we uncovered issues that had existed unnoticed for three years, like ticking time bombs. That eye-opener created immediate credibility. Our approach is thorough—we assess systems not just from a checklist, but from a hacker's perspective. This depth, combined with a strong internal training culture, builds trust organically.
Q: How does SecurEyes balance offensive and defensive strategies, especially in services like red teaming and cloud security?
Seemanta Patnaik: We constantly evolve with the threat landscape. Compared to six years ago, we now conduct comprehensive, 360-degree assessments—from data reconnaissance to network, system, and application-level evaluations. It is not about running a single scan; it is about correlating data across layers to understand real risk exposure. Cloud security and compliance are now critical, especially with growing digitisation and tighter regulatory scrutiny.
Q: What are the unique challenges of auditing critical national infrastructure (CNI)?
Seemanta Patnaik: CNI systems are diverse and often hard to access. Sometimes we lack prior exposure to certain devices. In such cases, we go back to fundamentals—OS behaviour, network connections, system-level vulnerabilities. We adapt our tools and collaborate closely with system administrators. Importantly, we first understand the infrastructure's role and impact before crafting threat models and test scenarios.
Q: How has SecurEyes built credibility in this complex space?
Seemanta Patnaik: We moved from advisory to building our own audit management platform, embedding standardised rulebooks to remove ambiguity from assessments. This ensures consistency and confidence across every audit, reducing the variance caused by individual interpretation. We have significantly reduced attack surfaces and false alerts post-assessment. We have seen a drop in phishing success rates thanks to awareness programs. Regulatory non-compliance metrics have also reduced significantly for clients.
Q: Looking back, what core values have remained constant throughout SecurEyes' journey?
Karmendra Kohli: From the start, we have been grounded in four core principles: value creation, high commitment, integrity, and dependable delivery. These values apply not only to our customers but across our ecosystem—employees, vendors, and partners. They are non-negotiable, and I believe they have been central to our growth and credibility.
Q: With cybersecurity now a national and corporate pillar, where does SecurEyes fit into India's cybersecurity narrative?
Karmendra Kohli: Cybersecurity is no longer optional—it is essential. We are seeing a shift from reactive to proactive and now even preemptive security strategies. SecurEyes is building solutions for tomorrow’s risks, especially as India positions itself as a global cybersecurity leader. Our journey shows that Indian innovation can serve both national and international markets effectively.
Q: How has the global threat landscape shaped your work with Indian clients?
Karmendra Kohli: Every region presents unique threats—geopolitical risks in the Middle East, APTs in North America, and stringent compliance in Europe. Working globally helps us bring those insights back to Indian clients, enabling them to become globally resilient, not just locally compliant.
Q: What are the biggest challenges for Indian cybersecurity startups looking to scale globally?
Karmendra Kohli: Focus on value delivery is key—how your solution helps the client save time, reduce risk, or improve accuracy. Then comes professional accuracy and specialisation. Cybersecurity demands precision. And with AI and increasing competition, internal processes must be tight to ensure consistent, timely, and quality delivery.
Q: What emerging technologies will define SecurEyes' next five years?
Karmendra Kohli: AI and quantum computing will reshape both attack and defence. We are already integrating AI into our services and products. Quantum computing will challenge existing encryption methods, so we are tracking developments closely. We're also investing in cyber-physical security, especially with the rise of IoT, IIoT, and smart infrastructure. Future readiness is core to our evolution.
x
