Artificial Intelligence is no longer the future; it is the present. It’s reshaping landscapes, altering industries, and transforming the way we live and work. With its rapid advancement, AI is causing disruption — for better or worse — in every field imaginable. While it promises efficiency and growth, it also brings challenges and uncertainties that professionals and businesses must navigate. What can one do to pivot if AI is disrupting their industry? As part of this series, we had the pleasure of interviewing Avkash Kathiriya, Sr. VP — Research and Innovation at Cyware.
Avkash is a cybersecurity professional with more than 15+ years of experience in the information security domain, product management, and business strategy.
Currently heading up security research, business strategy, and security solution architect at Cyware, he’s worked on various projects such as Cyber Threat Intelligence (CTI), SOC/CSIRT Management, Cyber Resiliency, Incident Response and Threat Hunting.
Thank you so much for joining us in this interview series. Before we dive into our discussion our readers would love to “get to know you” a bit better. Can you share with us the backstory about what brought you to your specific career path?
In the early part of my career, I worked across desktop and network engineering, drawn in by the intricacies of operating systems and the architecture of networks. That led me towards security technologies such as firewalls and antivirus solutions, which, at the time, were just starting to gain traction, and I found myself increasingly fascinated by the protective layer these tools provided.
Over time, that interest evolved into a deeper focus on security itself. I moved into hands-on roles as a SOC analyst and security administrator, working across different technologies, including SIEM systems. That later expanded into GRC, which gave me a broader view of how cybersecurity functions at an organisational level. I also spent several years on the enterprise side managing security for large banks, telecoms and manufacturing companies. Being exposed to the limitations of security products gave me a valuable perspective and ultimately inspired a shift into product development, with a focus on solving the very problems I once faced as a customer. That step from practitioner to builder is where my career in cybersecurity product innovation truly began.
What do you think makes your company stand out? Can you share a story?
What sets Cyware apart is our commitment to solving real-world problems that security teams face every day, because many of us have been in their shoes. The company was founded by practitioners who understand the operational pressures and inefficiencies that come with fragmented tools, siloed teams and reactive response models. That lived experience shapes everything we build.
A clear example of this came from Anuj, our CEO leading security operations and strategy for a large financial institution in the US. We had capable teams across SOC, IR, threat intel and vulnerability management, but collaboration was limited. Information sharing was inconsistent and slow, and each function used its own set of tools in isolation, resulting in a lack of visibility and delayed response.
That experience became the foundation for Cyware’s vision. We focused on breaking down those silos; first between teams, then between technologies. We built solutions that enable real-time human-to-human and machine-to-machine collaboration, automating the flow of threat intelligence and operational response. And we introduced the concept of ‘threat contextualisation’, helping security teams not just respond to incidents, but understand the adversaries behind them. That’s the principle behind our Cyber Fusion vision: unifying collaboration, orchestration and intelligence to create a truly proactive defence capability. That’s how we make a difference to the industry.
You are a successful business leader. Which three character traits do you think were most instrumental to your success? Can you please share a story or example for each?
Without doubt, these are curiosity, resilience and customer centricity. For me, curiosity and a commitment to continuous learning have been vital, especially in a field like cybersecurity where the landscape is constantly changing. Early in my career, for example, I was fascinated by the nature of threats and the pace of innovation in defence technologies. That curiosity is what led me from managing systems and networks into security operations, and eventually into product development. It’s also what keeps me engaged to this day and always looking for what’s next, what’s changing and how we can adapt faster.
Resilience has also been essential. In cybersecurity, attackers only need to succeed once, while defenders must be right every time. I’ve seen this firsthand while managing major breaches, and it’s in these moments where remaining calm, methodical and focused makes all the difference in protecting an organisation and learning from the experience to build stronger systems. In our industry, it is an important quality to nurture.
In the case of customer centricity, this has shaped both how I led internal security teams and how we now approach building products. Back when I was working under a CISO, my ‘customers’ were the various business stakeholders, and success meant aligning security controls with business goals rather than creating friction. We’ve maintained that mindset into product development, where every new feature or capability starts with a simple question: how will this help our users solve a real problem without slowing them down? Keeping that commitment to understanding the customer’s world continues to guide our decisions and drive our impact.
Let’s now move to the main point of our discussion about AI. Can you explain how AI is disrupting your industry? Is this disruption hurting or helping your bottom line?
Without doubt, there is AI-led disruption taking place across the cybersecurity industry. As to whether this disruption is hurting or helping, I would say both.
Just as Cyware and many other businesses are using AI to optimise our technologies, our adversaries are doing the same by using it to refine their approach. Let’s say they were building phishing emails to target employees of a bank or other large organisations. Now that they have AI available to them, they are crafting more advanced attacks that are more effective than security teams and the individuals being targeted have seen before, and that’s a genuine hindrance to the effectiveness of security processes and technologies.
Thankfully, on the flipside, those involved in protecting networks and data are benefiting very significantly. SOCs, for example, are using AI to analyse enormous volumes of alerts and prioritise incident response. This not only helps improve the overall effectiveness of organisational security, but it also addresses analyst fatigue — an issue that’s all too familiar to security professionals everywhere. In this context, Security Orchestration, Automation, and Response (SOAR) platforms and threat intelligence systems are becoming more effective when paired with AI, helping teams automate decision-making and respond in real time.
Overall, we see this as a net positive. We’re helping customers move from reactive to proactive defence. That includes everything from automated threat contextualisation to AI-driven orchestration workflows that reduce the time between detection and response. For these areas, AI is central to moving the industry forwards, and that’s where the positive side of the disruption equation comes from.
Which specific AI technology has had the most significant impact on your industry?
One of the most significant developments is the emergence of Model Context Protocol, or MCP. While technologies like LLMs and agent-based AI often dominate the conversation, MCP is also important because of its practical impact on interoperability, which is something the industry has struggled with for years.
To explain, in cybersecurity, different tools and platforms often operate in silos, speaking different languages and requiring custom integrations. MCP offers a common protocol that allows systems to communicate and collaborate more effectively, much like STIX/TAXII did for threat intelligence sharing. It enables natural language queries to be translated into structured API calls, which can then be executed by orchestration platforms.
For example, instead of manually building complex playbooks in Python to trigger security actions, a SOC analyst can use plain English to instruct the system, such as: “If this malware is detected, block it at the firewall.” MCP handles the translation and automation behind the scenes. That simplicity lowers the barrier to adoption and makes AI far more accessible to operational teams.
We’re already exploring MCP’s potential across our platform, particularly in areas like SOAR and threat intelligence, and the results are promising. It’s a powerful step forward in making cybersecurity even more efficient.
Can you share a pivotal moment when you recognized the profound impact AI would have on your sector?
There have been various, but one that stands out was when we saw how AI could transform the concept of collective defence. Traditionally, when one organisation was attacked, the process of analysing that attack, documenting it and sharing intelligence with others was slow and manual. That delay left others exposed to the same threats with no warning.
AI changed that dynamic and we started seeing how it could accelerate every stage of the response cycle, such as analysing an attack, normalising the data, creating detection rules and even generating tailored defences for different environments. Suddenly, the idea of real-time intelligence sharing became achievable.
We saw this come to life in our work on collective defence frameworks, where AI helped bridge the gap between isolated incidents and a coordinated, sector-wide response. It was no longer just about individual organisations defending themselves, it became about communities defending each other, faster and more effectively than ever before. That was the moment we realised AI was an enabler of a fundamentally different approach to cybersecurity.
How are you preparing your workforce for the integration of AI, and what skills do you believe will be most valuable in an AI-enhanced future?
Our underlying philosophy is that AI is here to augment people, not replace them. That message is crucial, because it helps shift the mindset from fear to opportunity. As a result, we can focus on empowering our teams to use AI in their day-to-day work.
Upskilling is a major part of that effort, and we invest in training that helps employees understand both the capabilities and limitations of AI. But more importantly, we encourage them to develop the skills that AI can’t replicate, such as critical thinking, contextual understanding and business acumen. These are the areas where human judgement still outperforms any model.
We also look at how collaboration changes in an AI-enhanced business. In particular, when it’s no longer just about human-to-human teamwork, but also human-to-AI collaboration. That means knowing how to ask the right questions and validate the outputs with domain expertise. Our objective is to help our people work seamlessly with intelligent systems, and a big part of that is building a culture where that collaboration becomes second nature.
What are the biggest challenges in upskilling your workforce for an AI-centric future?
One of the biggest challenges is the very understandable and instinctive resistance some people have to learning something new, especially when it feels unfamiliar or complex. That hesitation can cause slow adoption, even when the tools are intuitive and the benefits are clear.
We’re addressing this by creating environments that encourage experimentation and learning through real-world application. For example, we recently ran an internal AI hackathon where every project had to incorporate AI in some way. The objective was to give people hands-on experience with the technology, so they could discover its potential and build confidence through experience.
What we’ve found is that once people see how AI can help them, not replace them, they become much more engaged. The key is to make upskilling feel relevant and rewarding because that’s how you move from resistance to momentum.
What ethical considerations does AI introduce into your industry, and how are you tackling these concerns?
AI introduces fundamental ethical issues into the cybersecurity industry, one of the most immediate being data security. When you’re using AI to investigate incidents or generate insights, it’s critical to ensure that no confidential information is inadvertently shared with external systems, particularly when working with generative AI models.
Privacy is another major factor. AI tools need access to data to function, but that doesn’t mean every dataset is fair game. We’ve put clear guardrails in place to ensure that any personal or regulated data is handled responsibly and in line with our customers’ expectations and compliance obligations.
Bias and hallucination-model-generated inaccuracy-also remain challenges. AI can only be as fair and accurate as the data it’s trained on, and in a field like cybersecurity, where context matters deeply, that can lead to flawed or incomplete outputs. That’s why we always keep a human in the loop, validating and overseeing what AI generates. Behind the scenes, we make sure our teams remain accountable for any outcome that AI contributes to. Transparency, explainability and ethical oversight are built into the way we deploy AI across our platform and our organisation.
What are your “Five Things You Need To Do, If AI Is Disrupting Your Industry”?
1. Embrace adoption, don’t resist it. The worst response to disruption is hesitation. We acted early by assessing how AI could be integrated into different functions across the business. This included a wide range of activities, such as automating low-level tasks in our engineering workflows and enhancing intelligence in our SOC tools. The point is, we made adoption a proactive process rather than a reactive scramble.
2. Upskill your teams and do so continuously. AI is only as powerful as the people who use it, and that’s why we prioritise upskilling that focuses on how to work with AI tools, not just how they work. One of our most effective initiatives is the AI hackathon I mentioned previously, where every project had to incorporate AI. It helped teams build confidence and showed them how to turn theoretical capabilities into practical outcomes.
3. Build your own AI capabilities where it makes sense to do so. We looked at repetitive, resource-heavy tasks, such as documentation, QA and internal testing, and began developing in-house AI tools to reduce time spent on them. These don’t need to be massive projects; often, small internal models can save hours of effort and create space for teams to focus on more strategic work.
4. Lead with ethics. As mentioned, we’ve put a strong emphasis on data governance, privacy controls and transparency in how we deploy AI. These have to be process and industry-specific, and in our case, include setting those clear policies to prevent sensitive incident data from being exposed through generative models, backed by human oversight.
5. Redefine human–machine collaboration. Don’t forget, the role of AI shouldn’t be to take over — it should enhance what’s already in place. We encourage teams to look at how AI can complement their strengths, not replace them, and it’s that shift in mindset which is essential. The goal should be a partnership where humans and machines amplify each other.
What are the most common misconceptions about AI within your industry, and how do you address them?
The first is the idea that AI is a silver bullet. It’s not. In the cybersecurity context, while AI can dramatically improve detection, response and automation, it’s not a substitute for foundational security practices. You still need layered defences, good hygiene, skilled professionals and various other fundamental capabilities in place to interpret what the tools reveal.
The second misconception is that AI will take away jobs. In reality, AI is much better at taking over repetitive, time-consuming tasks than it is at making strategic decisions or understanding complex, real-world context. We address this by showing how AI can actually free up analysts to focus on higher-value work. When teams see the productivity gains and the reduced fatigue, they shift from fearing AI to embracing it.
The third is blind trust in AI outputs, whereby it’s tempting to assume that just because it’s AI-driven, the results must be accurate. But AI is only as good as the data it’s trained on, and it can still introduce bias or make incorrect assumptions. That’s why we always keep a human in the loop.
Can you please give us your favorite “Life Lesson Quote”? Do you have a story about how that was relevant in your life?
My favourite “life lesson” is that every ending truly creates space for a new beginning. This principle deeply resonates with me because it embodies change, resilience, and continuous evolution. It’s a powerful reminder that what might seem like a closing chapter is actually the necessary catalyst for a new opportunity or direction, teaching us to embrace transitions rather than resist them.
This lesson became deeply relevant during a pivotal career transition. I had spent years thriving in the operational side of cybersecurity, including SOC management, Red Teaming, and Incident Response. While I loved the direct impact of this work, I eventually felt a strong pull towards influencing security at a more foundational level — the product side.
Stepping away from an established and successful operational role felt like an “end” to a defined chapter, which was full of uncertainty. However, by embracing the idea that this “ending” was actually a “new beginning,” I leaned into the discomfort. I leveraged my deep operational understanding to identify real-world pain points, which helped guide product development to build solutions that genuinely resonated with frontline security professionals.
That transition, while initially daunting, directly led to my current role and my ability to contribute to Cyware’s Cyber Fusion vision. It solidified my belief that growth often lies just beyond the familiar and that embracing change unlocks new potential. I feel this lesson is more pertinent than ever in the current AI era, where we must continually unlearn much of what we thought we knew and embrace the new world order of AI and its profound implications.
Off-topic, but I’m curious. As someone steering the ship, what thoughts or concerns often keep you awake at night? How do those thoughts influence your daily decision-making process?
I think many cybersecurity professionals would agree with me when I say it’s the threat you don’t see coming; the zero-day vulnerability, novel malware strain or the coordinated attack that slips through traditional defences before anyone realises it’s there. It’s that sense of the unknown, the “what haven’t we prepared for?” that stays with you, even off the clock.
I’ve seen firsthand the impact of fast-moving threats like WannaCry and the scale at which they can disrupt critical systems. The idea that something similar, or worse, could emerge tomorrow drives a constant sense of urgency. It’s why we focus so much on proactive defence and not just building tools that try to anticipate tomorrow’s risks.
On the other side, there’s the pace of innovation itself. AI, quantum, new tech stacks — wherever you look, the speed of change is relentless. It’s exciting, but it also means organisations in my industry are constantly checking whether they’re moving fast enough and building the right things. Are we preparing our customers for what’s next?
You are a person of great influence. If you could start a movement that would bring the most amount of good to the most amount of people, what would that be? You never know what your idea can trigger. :-)
It would be to make real-time collaboration and intelligence sharing the norm across the cybersecurity ecosystem. I’ve seen firsthand how powerful the cybersecurity community can be through meetups, forums and shared learning, but what we also need is to take that spirit of collaboration to a global scale.
Right now, threat actors are already working together. They have marketplaces, share malware and operate as coordinated networks. But on the defender side, organisations often operate in silos, and our vision is to change that to build a global, self-healing defence network where, if one organisation is attacked, the intelligence from that attack is immediately available to others, allowing them to defend themselves proactively.
Think of it in terms of The Avengers. Each superhero might be strong on their own, but when a bigger threat like Thanos appears, they have to unite. That’s what cybersecurity needs: not isolated defenders, but a connected, real-time network of organisations working together to protect one another. With AI and the right frameworks, I believe this kind of collective defence is within reach.
How can our readers further follow you online?
LinkedIn: https://www.linkedin.com/in/avkash-kathiriya/
Thank you for the time you spent sharing these fantastic insights. We wish you only continued success in your great work!