“You know, rough seas make good sailors.”
Akshay Garkel remarked with a thoughtful smile during our lunch conversation just moments before our interview. This simple yet profound statement set the tone for what was to come—a deep dive into the tumultuous waters of cybersecurity.
Today, we live in a hyper-digital age, where data flows faster than light and cyber threats evolve at a breakneck pace. The need for robust security measures has never been more critical. Every second, somewhere in the world, a network is breached, sensitive data is compromised, or a business comes to a grinding halt under the weight of a cyberattack. Amidst this chaos, the question looms—how do we safeguard our digital future?
This is where Akshay Garkel steps in—a seasoned cybersecurity expert with over two and a half decades of experience across industries, geographies, and technologies. His contributions have positively influenced India Inc, citizens, and the Government, driving advancements in cybersecurity. Through his dynamic thought leadership, he has spearheaded sessions fostering mutual collaboration and offered invaluable guidance to boards, management teams, investors, and even regulators. His journey exemplifies resilience and adaptability—a story that inspires and informs, and one we are privileged to bring to you in this exclusive feature.
Join us as we explore the life, leadership, and vision of a man who is navigating the stormy seas of cybersecurity and ensuring a safer digital tomorrow for all.
A Journey from Coding Enthusiast to Cybersecurity Luminary
Akshay Garkel’s journey into cybersecurity began with a deep-rooted passion for technology and a relentless curiosity about systems and security. From his early engineering days, he transitioned from coding and system design to exploring vulnerabilities and building robust defenses. Over the years, he has established himself as a trusted voice in the industry, shaping cybersecurity strategy, policy, and leadership. His expertise spans multiple dimensions:
- Boardroom Advisory: Guides Boards and leadership teams across large corporates, mid-market firms, digital natives, and startups on cybersecurity risk and resilience.
- CxO Strategy & Roadmaps: Works closely with CEOs and CxOs to align cybersecurity and technology roadmaps with business objectives.
- Regulatory Assurance: Supports regulated entities in strengthening compliance through audits that enhance regulatory confidence.
- Threat Intelligence & Proactive Defense: Advises on emerging cyber threats and strategies to build resilience against evolving risks.
- Public Sector & Policy Engagement: Collaborates with government bodies on cybersecurity policies, cybercrime initiatives, and national security frameworks.
- Thought Leadership & Public Speaking: Recognized speaker at leading industry forums and media platforms, shaping cybersecurity discourse.
- Mentorship & Talent Development: Actively nurtures the next generation of cybersecurity professionals, fostering technical excellence and leadership.
Through these milestones, he continues to set a standard for excellence, making a lasting impact on both the industry and the global community.
The Expanding Cybersecurity Battleground
As technology advances, so do security challenges, making cybersecurity a business priority rather than just a technical issue. The rise of quick commerce, where 10-minute delivery is now the norm, underscores society’s demand for speed and agility. However, these advancements have also expanded the attack surface, providing cybercriminals with new opportunities to exploit vulnerabilities. Innovations like AI, machine learning, and rapid commerce too have a fair share. Looking ahead, AI-driven cyberattacks and humanoid integration will further intensify risks.
Organizations are now facing these primary cybersecurity challenges:
| Brand Reputation | Cyberattacks can quickly erode trust. Boards and leadership teams focus on prevention, minimizing damage, and recovering swiftly to maintain public confidence. |
| Regulatory Obligation: | With stricter compliance requirements, such as CERT-In’s mandate to report cyber incidents within six hours, businesses face heavy penalties for non-compliance, adding pressure to their cybersecurity frameworks. |
| Data and Operational Vulnerabilities: | The shift in hacker tactics—from targeting systems to personal devices—has heightened the need to protect sensitive customer data alongside corporate information. |
| Investor Confidence | Boards must implement strong cybersecurity measures and demonstrate proactive risk management to reassure investors of stability and compliance. Regular updates on cybersecurity efforts enhance credibility. |
| Customer Trust | Businesses should prioritize data protection, clear communication, and swift incident responses. Providing security resources, showcasing compliance with privacy laws like GDPR, and maintaining transparency reinforce confidence and loyalty. |
To combat these challenges, organizations must adopt a comprehensive approach:
1. Third-Party Risk Management
Conduct thorough vendor assessments covering cybersecurity policies, regulatory compliance, and technical capabilities to align with security protocols. Implement continuous monitoring with automated tools to detect and respond to anomalies in real time.
2. Incident Response
Develop comprehensive playbooks for scenarios like ransomware and data breaches, including step-by-step guides, communication strategies, and escalation protocols. Establish cross-functional response teams with IT, legal, communications, and business continuity experts for a holistic approach.
3. Infrastructure and Cloud Security
Enforce secure baseline configurations with encryption, identity access management, and multi-factor authentication. Perform regular audits using frameworks like CIS Controls or NIST to proactively identify and address vulnerabilities.
4. Threat Intelligence
Utilize real-time threat intelligence to anticipate emerging threats and adjust defenses accordingly. Collaborate with industry peers, government agencies, and intelligence networks to enhance collective awareness and preparedness.
5. Crisis Simulations
Conduct quarterly crisis drills simulating major incidents like ransomware or supply chain breaches to improve response readiness. Use evolving, scenario-based training to enhance decision-making and agility in real-world cyber events.
6. Education and Awareness
Deliver dynamic cybersecurity training tailored to different roles, covering the latest threats and compliance updates. Deploy phishing simulations to help employees recognize and mitigate social engineering attacks, strengthening overall security awareness.
“The question isn’t if a business will face a cyberattack, but how prepared it is to handle one when it happens,” Akshay Garkel emphasizes.
With his wealth of expertise, he champions resilience, adaptability, and innovation as the cornerstones of effective cybersecurity strategies, ensuring organizations are equipped for today’s dynamic threat landscape.
Addressing the Cybersecurity Challenges of Emerging Technologies
When asked about the challenges associated with emerging technologies, Akshay Garkel emphasizes a fundamental truth: adopting innovations like AI, IoT, and blockchain brings immense opportunities but also exposes organizations to complex vulnerabilities. For him, the key is to understand both the transformative power and inherent weaknesses of these technologies.
Akshay Garkel begins by highlighting the dual nature of emerging technologies. On one hand, they optimize operations, enhance go-to-market strategies, and drive efficiency. On the other hand, their integration into organizational frameworks opens new gateways for cyber threats. Effectively navigating this landscape requires a comprehensive understanding of these technologies’ vulnerabilities, implementing robust assessment frameworks, and committing to ongoing mitigation strategies.
Emerging technologies introduce distinct security challenges:
- Artificial Intelligence (AI): AI models face increasing threats across data, models, and usage. Data poisoning, leakage, and exfiltration can manipulate training sets or expose sensitive information, while supply chain risks, API vulnerabilities, and IP theft threaten security. At the usage level, prompt attacks, AI-driven DoS, and model theft can compromise functionality and trust.
- Blockchain: Despite its perceived infallibility, blockchain is not without weaknesses. Smart contract bugs, mishandled timestamps, unauthorized key access, and SQL injection attacks targeting the database layer can undermine its integrity and lead to significant losses.
- Operational Technology (OT): The IT/OT convergence in sectors like energy and manufacturing increases vulnerability to disruption. Compromised robotic arms or hacked fleet management systems illustrate the potential for operational delays, financial losses, and reputational damage.
Overcoming Hurdles and Safeguarding Innovation
Akshay Garkel’s cybersecurity approach is proactive and industry-leading, focusing on secure architecture, continuous monitoring, and mitigating third-party risks. Through incident response, cyber forensics, and regular assessments, he helps organizations protect critical systems from threats while embedding resilience into emerging technologies.
Citing real-world cases, Akshay illustrates how IT-OT integration in industries like power plants and manufacturing boosts efficiency but increases risk. A cyberattack on robotic arms in a textile factory could disrupt printing, causing financial losses, while compromised fleet management in logistics could cripple supply chains.
Akshay emphasizes systematically identifying and closing security gaps. By blending technical expertise with strategic foresight, he enables businesses to embrace innovation securely, ensuring they remain protected against both current and future threats.
Leading Through Influence and Inclusion
“Good leadership is another way to put your hands around risks and challenges,” Akshay Garkel quotes. His leadership philosophy is rooted in influence, empowerment, and inclusion. He cites the book The Power of Giving Away Power by Matthew Barzun as having had a significant impact on his leadership style.
“Leadership isn’t about being at the top of a pyramid,” he highlights. “It’s about standing at the center, guiding, and empowering those around you.” He believes in enabling accountability and cultural alignment among his team. He likens his role to that of a coach, inspiring others to take ownership and push boundaries. Whether addressing the risks of AI, IoT, or blockchain, his leadership recommendation is always for organizations to remain agile and forward-looking.
“The key is not just identifying risks but empowering your team to turn those risks into opportunities,” he notes.
Diversity as a Driver of Excellence
For Akshay Garkel, inclusion is more than a corporate buzzword; it’s a cornerstone. Beyond gender diversity, he champions opportunities for all. “Some of the best incident monitors are professionals with hearing impairments,” he shares proudly. “Their focus and dedication remind us that talent is defined by passion, not limitations.” He also values the unique perspectives brought by his female colleagues, recognizing that their insights and experiences enrich the team’s approach to problem-solving and innovation.
Inspiring a Culture of Impact
His constellation approach fosters a ripple effect, encouraging team members to lead in their unique capacities. By empowering individuals to take ownership of their roles, he transforms the workplace into a collaborative ecosystem where each contribution strengthens the whole.
“When you cast a positive shadow, others learn to do the same,” he explains, highlighting the power of leading by example. For instance, a department head who openly celebrates small wins and encourages feedback can inspire their team to adopt the same inclusive practices, creating a cascading impact.
This approach resonates across diverse scenarios:
| Cross-functional projects: | Transparent communication breaks down silos, sparking innovation and stronger inter-departmental relationships. |
| Mentorship programs: | Sharing successes and lessons creates a supportive environment, motivating younger professionals to excel and eventually mentor others. |
| Client interactions: | Demonstrating integrity and adaptability inspires these qualities in team members, building stronger, and more trusting client relationships. |
By blending visionary thinking with a commitment to inclusion, he exemplifies how leaders can inspire innovation while nurturing a culture of respect and empowerment. His leadership style shows that when leaders shine brightly, they empower others to shine too—turning individual stars into a powerful constellation.
Driving Global Collaboration, Ethical Practices, and Innovation
Akshay Garkel’s career showcases his cybersecurity and technology expertise. His leadership spans high-profile initiatives, including G20 summits where he advised law enforcement, policymakers, and stakeholders on ICT, metaverse security, and international collaboration. He stressed cross-border cooperation against cyber threats, particularly regarding mutual data sharing and a global security operations center, emphasizing the value of shared intelligence, including dark and deep web threats. Internally, Akshay champions cloud adoption for enhanced cybersecurity and efficiency, enabling scalable solutions, real-time threat detection, and faster incident response. His vision integrates these cloud solutions with advanced analytics for a robust security framework and includes focused monitoring and mitigation of dark and deep web threats.
Beyond his participation at global forums, Akshay’s approach to ethics and integrity within his organization is unyielding. He believes these principles are the bedrock of any successful business operation, especially in the sensitive world of cybersecurity.
Integrity, independence, and a commitment to ethical practices are non-negotiable for him. These core values guide his professional conduct and decision-making, ensuring that every action is aligned with the highest standards of honesty and responsibility.
He is dedicated to adopting and implementing industry-leading practices such as ISO/IEC 27001, adhering to frameworks like the NIST Cybersecurity Framework, and complying with regulations such as GDPR and other data privacy laws.
He emphasizes:
| The importance of ensuring that ethical standards are maintained during high-stakes security testing, especially in production environments. |
| A rigorous approach to reporting security gaps accurately and without compromise. |
| Ethical conduct is essential, as shortcuts damage trust and long-term success. Resilience and business continuity are equally vital, enabling organizations to adapt, recover, and operate despite challenges. |
| The need for resilience in cybersecurity strategies and the importance of business continuity planning to ensure operations can withstand and recover from disruptions. |
For him, success is built on patience, well-thought-out decision-making, and maintaining high standards in every aspect of business. He believes that principles like “quality is the best business plan” are what will sustain in the long run.
Building the Future
His agenda includes focusing on skilling, automation, and mentorship. He believes that automation is crucial for improving efficiency in incident response. By connecting the dots between isolated incidents, organizations can detect threats early and effectively mitigate risks. Akshay is also a strong advocate for continuous learning and upskilling, ensuring that his team stays ahead of the curve in cybersecurity. He emphasizes the importance of mentorship, guiding the next generation of cybersecurity professionals to develop their skills and ethical standards. Additionally, he supports the integration of advanced technologies such as AI and machine learning to enhance threat detection and response capabilities.
Advice for Building Resilient Cybersecurity
Akshay Garkel’s advice for businesses in today’s dynamic cybersecurity centers on adaptability, a structured approach, and maintaining high standards. He emphasizes the need for a framework-driven strategy to manage complexity while maintaining agility to stay ahead of threats. “While profitability is important, we must never compromise on integrity and quality” he adds.
He also emphasizes the need for businesses to regularly reassess their 30, 60, and 90-day plans to ensure relevance in the sector. Flexibility is key to sustaining success. Beyond business, Akshay encourages CSR initiatives that educate communities—especially children—on digital safety, mirroring traditional safety lessons.
Lastly, he advocates for individuals to report suspicious cyber activity to government cyber cells, helping to prevent large-scale attacks on critical infrastructure. By following these principles, businesses can overcome cyber threats and contribute to a safer, more secure digital future.
Akshay Garkel is a Partner with Grant Thornton Bharat, one of India’s leading professional services firms. His views are personal as of the time of this interview.
Key Takeaways from Akshay Garkel’s Journey
- Visionary Cybersecurity Strategist: He blends technology and strategic insights to redefine cybersecurity, modernizing frameworks for the evolving digital landscape.
- Proactive Threat Fighter: He emphasizes resilience, proactive defense, and continuous learning against emerging tech threats (AI, IoT, blockchain), particularly AI-driven bots and dark/deep web dangers.
- Empowering Leader: He rejects hierarchies for a “constellation” model, enabling accountability, inclusion, and empowerment to turn risks into opportunities.
- Diversity & Inclusion Champion: He fosters diversity at all levels, including empowering specially abled individuals, believing diverse perspectives strengthen cybersecurity solutions.
- Global Collaborator & Ethical Advocate: His global engagements (e.g., G20 summits) promote international cooperation and ethical standards for tackling cyber threats and advancing industry best practices.
