The techie who started a formidable cyber security firm after he got hacked

Pavan Khushwaha's firm Kratikal has worked with clients across a range of sectors both, at home and in US, UK, Middle East and North Africa. It now plans to expand to govt clients

A few years ago, when Pavan Khushwaha was still a student at the National Institute of Technology, Allahabad, his email account got hacked. While most people would have either given up the account or fixed the problem and moved on, Khushwaha decided to form his own cyber security company. 

He teamed up with his friends from college, Dip Jung Thapa and Paratosh Bansal, to set up Kratikal in 2013. While Khushwaha is the CEO of the firm, Thapa is the chief operating officer and Bansal, the chief technology officer.

"With an increase in the awareness about cybersecurity, the requirement for solutions in this space has changed. Within the last decade, the demand for traditional cyber security Solutions (such as firewall and anti-virus) has shifted towards security solutions that improve cyber threat posture of organisations by inculcating cyber awareness among employees who are considered to be the most vulnerable link in the triad of people-process-technology," said Khushwaha. 

Kushwaha apparently never lost sight of email hacking, though, with electronic mail still being a preferred tool of communication across industries. Earlier this month, Kratikal launched an authentication and anti-spoofing tool, KDMARC, which authenticates emails based on security protocols and addresses threats posed by email-based attacks that target the security of companies and individuals.

"With more than 90 per cent of malware being delivered via email, the years ahead will focus on training users to identify phishing emails and not click on email attachments," says Khushwaha. 

Kratikal began as a cyber security training academy incubated under the Ministry of Telecom. Ever since, it has won several accolades, including recognition as one of the top three cyber security start-ups in the country at the Top 100 CISO Awards, 2019. One of its products was recognised by DSCI-Nasscom in 2017 for being innovative. 

Last month, the firm raised $1 million in pre-series A funding led by Gilda VC, Art Venture and Rajeev Chitrabhanu, with participation from Madhusudan Gopinath, Shangrila Infotech LLP, Equentia NaturalResources, Artha Ventures and LetsVenture. 

"Raising funds has never been a challenge for our organisation. Our leading-edge cyber security products such as ThreatCop, an artificial intelligence/machine learning-based cyber security simulation and awareness tool, KDMARC, email authentication and anti-spoofing tool, TAB, a phishing incident response tool, and KPMonitor, and anti-phishing, fraud monitoring and take-down tool, have been well recognised. We have already raised two rounds of funding including seed worth $500,000," says Khushwaha.

In the years since its inception, Kratikal has worked with clients across sectors such as banking, financial services and insurance (BFSI), non-banking financial company (NBFC), fintech, telecom, e-commerce, consumer Internet, cloud service platforms, manufacturing, and healthcare. 

It also works with clients across the US, the UK and Middle East and North Africa. 

The firm now plans to expand to government clients, with support from Telecom Centres of Excellence. 

This year, it also plans to invest more in expansion and reach. "We are planning to increase our share in the cyber security market by providing our security solutions to more enterprise customers and by establishing a strong barrier against foreign competition. Our goal is to expand our footprint across the country by setting up offices pan-India. We are working on increasing our market reach in three more cities, namely, Hyderabad, Chennai, and Pune. We are also planning on doubling our workforce by the end of the year 2020," says Khushwaha. 

Having been in the sector for years now, Khushwaha says the year 2020 will see more email threats, drone-based network attacks, and an increased security requirement with 5G deployment. 

Also, with most governments taking a dim view of cryptocurrencies, the future will see an increase in traditional financial fraud. "By the year 2023, mobile wallets and payment service will become a $4.5 trillion industry and hence, attackers will deploy an increasing number of attacks on these platforms. With 53 per cent of accounts impersonating human or non-human entities via DeepFake technology, cyber crime technology will continue to pose a grave threat with thousands of people falling victim to criminal intent," he adds. 

However seriously they take their jobs of securing online boundaries, Kratikal co-founders also understand the importance of taking time off and unwinding. "We believe that an employee must have his own time. We have fun Fridays on which employees and employers bond with each other with recreational activities. We also ensure that each employee gels with others during team outings," Khushwaha signs off.