Cymulate’s Sahasrabudhe unveils cybersecurity strategies for Indian finance


In an exclusive interview with TimesTech, Shailendra Shyam Sahasrabudhe, Country Manager for India, UAE, and Southeast Asia at Cymulate, highlights the evolving cybersecurity landscape in the Indian banking sector. Emphasizing proactive measures, Sahasrabudhe discusses Cymulate’s innovative cybersecurity platform, leveraging AI, and collaboration to counter emerging threats. His insights shed light on the dynamic strategies required to strengthen cyber resilience in a rapidly digitalizing financial environment.

TimesTech: Can you outline the current cybersecurity threats facing the Indian banking sector and discuss how the landscape has evolved over time?

Mr. Shailendra: With the growing adoption of mobile and internet banking, as well as the integration of hybrid cloud technologies, the financial sector is witnessing an exponential rise in cyber threats. In this dynamic environment, banks and financial institutions must be proactive in assessing and enhancing their cybersecurity measures. The traditional reliance on outdated validation processes like VA & PT (Vulnerability Assessment & Penetration Testing) is no longer sufficient. Instead, embracing new approaches such as Breach Attack Simulation, Continuous Automated Red Team, and Attack Surface Management is crucial. These methodologies help identify and address weaknesses across the IT infrastructure more effectively, improving the overall maturity levels of cyber resilience.

TimesTech: What specific features of Cymulate’s cybersecurity platform cater to the needs of Indian banks, insurance companies, and technology enterprises? What sets Cymulate apart in the Indian market?

Mr. Shailendra: Cymulate’s cybersecurity platform caters to the specific needs of Indian banks, insurance companies, and technology enterprises through tailored features like Breach Attack Simulation and Continuous Automated Red Team. What sets Cymulate apart is its proactive and dynamic approach, exceeding traditional solutions. The platform’s emphasis on Exposure Management allows targeted efforts based on business impact, aligning with the evolving threat landscape and making it a modern and effective cybersecurity choice in India.

TimesTech: Given your expertise in partnerships and client relations, how does collaboration contribute to strengthening cybersecurity measures, and are there specific strategies Cymulate has employed to enhance industry relationships?

Mr. Shailendra: Organisations can strengthen their defense against changing threats by leveraging collective knowledge and resources through good collaborations. With its experience, Cymulate is aware of the value of industry connections. The organisation proactively participates in strategic alliances, exchanging knowledge and innovations to offer customers a whole cybersecurity solution. This collaborative approach guarantees a defense posture that is dynamic and adaptable, matching the ever-evolving cybersecurity threats.

TimesTech: Could you highlight any emerging threats and attack trends that you anticipate will impact organizations in the coming year, particularly in the Indian market?

Mr. Shailendra: With increased digitalization and cloud adoption, ransomware attacks are expected to surge. India, being a prime target, will see a rise in cyber incidents. Artificial Intelligence will play a central role in both defensive and offensive strategies, with threat actors utilizing AI for more sophisticated attacks.  Reflecting on 2023 predictions, operating systems, secrets management, omnichannel phishing, and off-the-shelf attack tools remain prime concerns. Organizations must stay vigilant and adopt proactive measures to navigate these emerging threats effectively in the coming year.

TimesTech: How does Cymulate leverage Artificial Intelligence and Machine Learning in its cybersecurity solutions, and what strategies do cyber attackers use to counteract AI and ML-driven defenses, in your opinion?

Mr. Shailendra: Cymulate products apply AI to enable flexible integrations with security controls and provide mitigation options for identified risks. For example, after aggregating the security findings from vulnerability scanners, Cymulate uses AI to create meaningful context for a reported vulnerability. The AI in Cymulate assigns the vulnerability to risk domains while creating a remediation plan that considers relevant compliance frameworks, guidance for patching, mitigation strategies with compensating controls, and business implications of validated exposure risk.

While Cymulate is focused on improving your cyber resilience before an attack, we do see the threat actors evolving their practices to evade the AI models used by AI-powered defenses and injecting malicious data into the training dataset to influence the learning process of the AI model.

TimesTech: As the Country Manager for India, UAE, and Southeast Asia, what are your key priorities for business operations, sales, and marketing? How do you plan to expand Cymulate’s presence in these regions amid the current cybersecurity landscape?

Mr. Shailendra: Cymulate is an ever-evolving platform that remains a work in progress, adapting to the constant evolution of threats posed by malicious actors attempting to compromise systems and organizations. The platform continuously undergoes updates to stay ahead of emerging challenges. Notably, the Exposure Analytics component has recently seen a substantial increase in supported 3rd-party integrations. In the realm of Breach and Attack Simulation and Continuous Automated Red Teaming (CART), numerous scenarios and hundreds of resource objects have been added, with ongoing daily development efforts. Looking ahead, future enhancements involve expanding Attack Surface Management to incorporate native vulnerability scanning functionality. This expansion aims to retain the flexibility of Exposure Analytics in integrating data from 3rd-party platforms. Additionally, CART is set to be extended to automate more complex assessment methodologies, addressing diverse cybersecurity testing scenarios with safety and efficiency in mind.