Don't hunt for VCs, let them find you': Shomiron Das Gupta

When Shomiron Das Gupta started DNIF in April 2017, an open analytics platform that uses deep-tech to identify outliers in user application and systems, the biggest challenge was not the business opportunity but business rivals.

“We faced competition from giants like IBM, HP and Splunk,” he says. While the bigwigs had the might to sell naturally, DNIF had to work really hard to sell their product. “The first big challenge was to stand out,” he says.

The efforts seem to have paid off. From Rs 5 crore in revenue in March 2019, DNIF is on track to close March 2020 at revenues of Rs 20 crore. It has clients across sectors including BFSI, manufacturing and defence, across India and North America. “Cybersecurity was very linear in the initial days but today it has become very dynamic and distributed in nature,” he says in an interview with Forbes India. Edited excerpts:

Q. Your revenues leapfrogged last year…
The year 2019 was brilliant. We multiplied almost three times. Customers are now realising the need for an analytics platform that can scale across use cases and industry challenges, and I am not just talking about cyber security here; the same platform could be applied to several other spaces such as finance, fraud detection, analysis, etc. We identified this need by listening to our customers.

Organisations are generating humongous volumes of high-quality, high-fidelity data through their systems, servers, applications and network devices. Manually sifting through, validating and comprehending the crux of such large amounts of data is humanly impossible. This was the problem encountered in the last decade and then, systems were built to process huge amounts of data.

We moved to the next level, and started looking for specific attack patterns hidden in the ocean of data. But the problem was that we were only as good as our knowledge of the attacks. In essence, we were overly dependent on our repository of known threats to identify malicious behaviour, which don’t always keep up with the latest threats. Thieves don’t really come dressed in black-and-white striped t-shirts, right?

We are constantly trying to keep up with writing rules for attacks in the wild. This part, I think, is very important. With DNIF, we want to get to a point where you don’t have to write rules anymore; the system should be intelligent enough to look at a normal day’s activity and automatically figure out abnormalities and raise instant alerts.

Q. Can you explain in layman terms, how outliers are identified in cyber space?
Essentially, we’re collecting and analysing large amounts of data to identify hereto unknown threats. To explain it in layman terms, imagine a thief breaking into a house. There are multiple points of entry, like the backdoor, windows, etc. Plus, the thief can also enter the house as a seemingly innocent visitor (with malicious intent) by simply knocking on the door. How can you be sure?

Extend this analogy to the cyber space. With data lakes, we check for patterns that may not be identifiable otherwise, to flag suspicious activity. So, in simple terms, a data lake helps ensure if the stranger entering through the front door has malicious intent. It also helps identify any vulnerabilities in the house (backdoor, windows, etc.) that thieves can take advantage of. DNIF connects the dots in high-velocity data lakes to uncover scenarios that directly impact businesses, thereby mitigating risks and increasing efficiency. We offer solutions to the world’s most challenging cybersecurity problems.

Q. How has cyber security evolved in India?
I think cyber security was extremely challenging right from Day 0. We spent 10 years trying to get people to understand that it deserves a separate spot, and then working on specialising.

Now, of course, the challenge has escalated to a different scale. At the same time, the capability of attackers has also escalated. The bigger challenge is that the attacker is still leading the path for us in terms of threats and attacks.

Q. What have been your top learnings through your journey?
It’s been nothing short of a roller-coaster ride. We are now discovering higher rates of success because we’ve started to figure out why customers want to buy our product. Initially, we built absolutely cutting-edge products, but when we went out to the market to sell them, the customers didn’t even have the vision to understand what we were doing. It was difficult to explain to them that the product is not another antivirus or firewall. If the customers could not slot you in a block, they would not know how to work with you.

In the case of DNIF, this problem didn’t exist because the space was already crowded; we had to focus on beating others to get good business.

Another learning is to always focus more on gaining customers than on raising investments. Very often, businesses spend a lot of time chasing venture capitalists (VCs). Chasing customers instead gives you not just money, but also credibility. It helps VCs to come find us too.

Q. What are the advantages of being a B2B player in this space?
The odds favour B2B players. In the B2C segment, you rarely get to talk to your customers face-to-face. When you have a direct conversation with the customer, no matter what your marketing material says, you have the room to swing the conversation towards you. This opportunity doesn’t exist in B2C; there is no second chance—you’ll have to come up with an entirely new campaign, which is extremely expensive. I love the direct contact with customers and, therefore, B2B works really well for us.

Q. What are your expansion plans?
We’re focusing on extending DNIF to cater to the mid-market segment. We know that the product scales for large customers and how it fits budget, delivery and serviceability aspects. We’re also looking at expanding our offerings to markets close to India in terms of the time zones, and trying to replicate our success there. Rather than thinking too long ahead, we want to be agile and think about our next plan of action in quicker, shorter cycles. We are making substantial efforts in North America and ASEAN countries as well.