Ravi Purohit, VP & Head, India Operations, ColorTokens

Ravi Purohit plays an integral role in the organization’s operations, delivery services, and  GTM strategy. Prior to ColorTokens, Ravi has held multiple leadership roles over more than  two decades at Wipro and demonstrated transformative leadership, superior results, and  collaboration across global teams. Most recently, as a Global head of Wipro’s Oracle service  line, he reoriented the service portfolio around customer needs such as enterprise process  transformation, digital transformation, and cloud technology. He has led integrated  services, solutions, demand generation, presales, and large multi-services deals and headed  industry verticals in Retail, CPG, and Food and Beverage globally.


The pandemic marked a watershed period for digitization and cybercriminals alike. Businesses accelerated their shift to digital, pivoted to the cloud, and adopted hybrid work models. On the other hand, cybercriminals rode the COVID-19 wave. They took advantage of every opportunity that came their way – and India became the second most attacked country by cybercriminals in the APAC region. 

Historically, companies have expected CISOs and security chiefs to focus on technical tasks. Leaders had the monstrous and all-important goal of securing a business, but cybersecurity became an afterthought when companies make big, strategic decisions. That meant companies were losing out on the value that the cybersecurity function could provide. Today that is changing. The demand for cybersecurity products, professionals, and services is at an all-time high. According to PwC, Indian cybersecurity is expected to grow to one and a half times the global rate by 2022. Multiple factors are contributing to this growth, including: 

  • Digital Transformation 

As the digital transformation of enterprises picks up pace, vulnerabilities are opening in equal measure. Adopting new technologies is imperative to success in a competitive market. However, this entails a complete overhaul of systems and processes, staff training, and most importantly, a brand-new approach to security. 

  • Talent and Skilling  

The world is facing a shortage of cybersecurity talent. According to a report by Michael Page, by 2025, India alone is predicted to have more than 1.5 million unfulfilled cybersecurity job vacancies. Therefore, the opportunity for India comes from two sides – the need and the gap – and India’s working-age population is its biggest game-changer. Currently, the youth constitute 22% of the country’s population, a higher number than the total population of many nations.  

An increasing number of universities and colleges across India are offering specialized cybersecurity degrees at undergraduate and post-graduate levels. The industry is collaborating with educational institutions to develop and impart niche courses and certifications. Specialized training and courses cover areas such as threat intelligence, application security and security operations. 

  • Government Push and Entrepreneurship

The government has been ramping up its efforts in fostering cybersecurity. The budget for FY21 was one such example wherein the fund allocation for cybersecurity initiatives rose to INR 170 crore. This enables companies to flourish by testing their solutions in the local market.  

Additionally, the DSCI is building a world-class infrastructure for creating momentum for cybersecurity technology development at its Noida campus. The program, formally launched in January 2020, includes incubation for start-ups, state-of-the-art technology research lab, a unique infrastructure for elements such as forensics and testing, security training, and R&D.  

Entrepreneurship is witnessing a steady rise across the country. Nation-wide government campaigns such as ‘Make in India’ and ‘Atmanirbhar Bharat’ have given the necessary impetus to budding entrepreneurs. The availability of new-age technologies and talent has given way to significant growth and created a favorable environment for Indian start-ups to flourish globally.  

According to the Data and Security Council of India (DSCI), around 20% of cybersecurity start-ups were launched in the last two years across India. Interestingly, for these start-ups, India has accounted for 63% of the revenue, followed by North America. 

  • Stage of Development

India is currently in the fairly early stages of development when it comes to cybersecurity. On one hand, we have start-ups offering niche solutions and organizations seeking to deploy them. With competitive pricing and quality improvement, Indian cybersecurity companies have a tremendous scope to cater to developing as well as developed markets. As cybersecurity consumption increases in the country and across the globe, the opportunity is limitless. 

  • Global-local Opportunity

We are also tightly integrated globally. On the one hand, we bring in best practices from the US, UK, and Europe. On the other hand, we are looking to emerge above our Asian peers such as China, Japan, and South Korea. No longer is India seen only as a lucrative market, but more as a creator and an innovator.

Even for our start-ups, the growth potential is huge among global markets where the spending capacity of businesses is also higher. The DSCI has also found that 24% of cybersecurity start-ups have expanded their footprint globally, including countries such as the US, Australia, Singapore, and the Netherlands. 

  • Sectoral Demand

Some sectors are witnessing a higher demand for cybersecurity than others. In India, as found by PwC, the market has been defined by three industries: Banking and Financial Services (BFS), IT and ITeS, and government services. 

Demand in BFSI, IT and ITeS is driven by the tightening of regulatory norms. As for the government, with the roll-out of smart cities and other digital initiatives, it has become a necessary measure to implement proactive, advanced security measures. 

  • Regulatory Demands

Regulators are continuously taking note of evolving cyberattacks and in turn developing frameworks and stringent guidelines to monitor organizations across industries. Regulations such as GDPR, HIPAA and PCI-DSS are creating an increasing impact on the Indian market. Needless to say, enterprises are stepping up their security efforts to avoid hefty penalties and financial losses. 

In conclusion, we are at a critical juncture. Cybersecurity demand is only escalating, and we have the potential to cater to the local as well as global market. But then again, cybersecurity is no child’s play! It is an uphill climb due to the massive disparity between IT architectures and application technology to secure. Business-wise it is complex since enterprises want technology investments to deliver higher value, and hence any cybersecurity initiative undertaken should not degrade existing capabilities. A cybersecurity company always must do more with less. This challenge beckons best of the minds to India as a cybersecurity hub.


Content Disclaimer

Related Articles