0:00
/
Generate transcript
A transcript unlocks clips, previews, and editing.

AI Weaponizes Both Sides: Cybersecurity for India with Rohit Srivastwa

A conversation with one of India's foremost security experts on how AI is collapsing the cost of attacking, raising the cost of defending, and what a small Indian business is supposed to do about it.

Most AI coverage arrives in one of two registers — complete triumphalism or utter dread — and both are narrated from about ten thousand feet. This episode stays on the ground, in India, where the questions are concrete: can a bank still trust a video KYC, why does “we’re too small to be worth attacking” no longer hold, and what is a company in Pune actually supposed to do on Monday morning, when it finds itself locked out of its own online systems.

Our guest is Rohit Srivastwa, one of India’s foremost cybersecurity experts. He founded ClubHack, India’s first hackers’ conference; built a company that was acquired by Quick Heal; exited; and is now building his next one. He has advised governments and their various arms — including work on the drafting of India’s privacy law and the early IT Act — along with large companies, small companies, and individuals, and he has written two books: one on privacy for individuals, one on security for businesses. His thesis in this conversation is symmetrical: AI is not a defender’s tool or an attacker’s tool. It is weaponizing both sides at once, and in India the deciding variable won’t be the technology — it will be whether people bother to understand a risk before they adopt the shiny thing that carries it.

Some of the specifics that stuck with us: a live video call on which Rohit can change his own face so you believe you’re talking to Virat Kohli, and why that breaks the video-KYC that now gates every SIM card and bank account; a scam WhatsApp voice call he received that was “90, 95% similar” to a friend’s actual voice, built from audio that is already public; and, at the other end of the spectrum, his non-technical wife sitting down in Google AI Studio and building a working app to track the kids’ tutors and fee payments — phone-only, because she flatly refused a version that also worked on a laptop. Attack and defence, professional and domestic, all moving on the same curve.

Highlights

  • The phishing tell is dead — For years the standard advice was “look for the spelling and grammar mistakes.” AI has erased that signal: a phishing email now arrives in clean, fluent English, so defence has to be rebuilt around behavioural anomalies — is this even a humanly plausible email for this sender? — rather than typos.

  • Deepfaked video KYC — India moved to video-KYC for SIM cards and bank accounts, and attackers are now defeating it in real time. Rohit can swap his on-screen face mid-call; on the defence side, a Pune startup he judged as an awards-jury member has built a tool that flags, live, the exact moment a deepfake switches on.

  • Thirty seconds of your voice — That’s roughly all a modern voice-cloning tool needs; give it a longer sample and it also learns your pauses and your odd pronunciations. The people most exposed are precisely those whose voice is already all over the internet — podcast hosts included.

  • What a SOC actually does — Every device, firewall, and server writes logs one line at a time; a SIEM funnels them into one place, and analysts (graded L0 through L3) hunt for anomalies around the clock. AI has now absorbed the L0/L1 tier — which is either a layoff story or a “far more companies can finally afford to be monitored” story, depending on where you’re standing.

  • The cost curves diverge — Ashish tried the economist’s framing: attack and defence both getting cheaper. Rohit corrected him. The cost of attacking is falling exponentially — you only need five or six point-and-click tools — but the cost of defending is going up, because the defender has to understand and block every one of those tools.

  • Security is a cost of doing business — Like GST, EPF, or insurance, you don’t get to opt out because you’re small. His CA’s email signature puts it best: if you think compliance is costly, try non-compliance once.

  • Ransomware grew a second head — It no longer merely encrypts your files; it copies them out first, so the attacker can also sell your data if you don’t pay. The baseline answer is EDR (endpoint detection and response) — “antivirus plus plus,” with threat intelligence built in to contain the blast radius — but too many mid-market firms still believe a 2010-era firewall and antivirus will hold in 2026.

  • 270 standards and counting — Rohit’s next company distils the world’s ~270 security standards (GDPR, India’s DPDP Act, California, Brazil, and on) into plain action items a junior can execute. Only a handful apply to any one firm, but the legal language is unreadable, and the “just press a button and the agent fixes everything” dream runs straight into a governance wall.

  • Automation is not governance — An agent told to install software on “laptop_Navin_02” can just as easily reboot a machine in the middle of a client presentation. His cautionary tale is SOAR, a Gartner category that quietly died because buyers refused to let software auto-block and auto-remediate — the blast radius of one wrong automated action was simply too large to accept.

  • Grey hair vs. black hair — Grey hair brings structure, governance, and no knee-jerk reactions; black hair wants it shipped now. Both are necessary, and the friction between them is the feature, not the bug — a live illustration of pace layers, the idea Navin traces to Stewart Brand.

  • The Indian cheque as a security philosophy — In the US you buy a chequebook at a stationery shop; in India the bank prints it, and the teller can’t credit your account until the cheque actually clears. Slower and more bureaucratic — and it forecloses entire categories of fraud that still work in the West. Ashish reframed it in statistics: the US treats a cheque as innocent until proven guilty, India as guilty until proven innocent, and for AI security we’re probably better off starting from caution.

  • ChatGPT is a yes-man — It never says no; you’re always right. That is the opposite of Stack Overflow, where the first five replies tell you not to do it. Wonderful when you know the domain and can steer; dangerous when you don’t and take a confident wrong answer at face value.

  • The prompt-injection problem — Navin’s clean explanation: hand an agent your spreadsheets, it reads a web page to help with the analysis, and that page carries a hidden instruction that quietly exfiltrates your data — no malice required from the AI vendor at all. Rohit keeps a live injection sitting in his own LinkedIn “About” section as a running demonstration.

  • The security expert’s own smart home — Navin’s caricature: the real expert’s house has exactly one internet-connected device, the printer, “and if it makes a funny noise I will shoot it.” Rohit’s confession is more instructive — his whole house is automated, but the command centre lives inside the house and he reaches it only over VPN with two-factor auth. AI can walk you through that setup, but only if you’re curious enough to ask for the protection layer, not just “download the ISO and run it.”

Notable quotes

  • “In my domain, AI is weaponising both — the attackers and the defenders. It’s actually weaponising both.”

  • “For years we taught everyone: if there’s a phishing email, look for the spelling mistake, look for the grammatical mistakes. Now that problem is already gone. AI has taken care of it. You don’t see it anymore.”

  • “The cost of doing the attack is going down. The skill set required to do a successful attack is going down exponentially. But from a defender’s point of view, you need to understand all of those and start blocking all of them.”

  • “My CA uses this line as his email signature: if you think compliance is costly, try non-compliance once.”

  • “ChatGPT never says no. You’re always right — it will guide you towards your direction. But it’s not Stack Overflow. On Stack Overflow, the first five comments will be: don’t do it.”

  • “The only thing connected to the internet in my house is the printer — and if it makes a funny noise I will shoot it. There’s a gun kept next to it.” — Navin, on the caricature of the paranoid security expert

Links & resources

  • Quick Heal — the security company that acquired Rohit’s first venture.

  • ElevenLabs — voice-cloning tool cited as needing only ~30-40 seconds of audio.

  • EDR (Endpoint Detection and Response) — the “antivirus plus plus” category recommended against ransomware.

  • SIEM (Security Incident and Event Management) — the central log-aggregation-and-analysis platform behind every SOC.

  • SOAR (Security Orchestration, Automation and Response) — the Gartner-coined auto-remediation category Rohit cites as having failed in the market.

  • GDPR (Europe) and India’s DPDP Act — the two named data-protection regimes; California and Brazil also referenced as having their own.

  • Wireshark / Ethereal / tcpdump — packet-analysis tools, invoked for the “learn to read it raw first” point.

  • Hugging Face — where people casually pull down models to run locally.

  • Stack Overflow — as the pre-AI answer culture (“the first five comments say don’t do it”), and as the source of the copy-paste-a-hidden-malicious-command trick.

  • Google AI Studio — where Rohit’s wife built her tutor-tracking app.

  • Rob Joyce, “Disrupting Nation State Hackers” (USENIX Enigma 2016) — the former head of the NSA’s TAO (Tailored Access Operations) unit on knowing your own network better than the attacker does. (usenix.org/conference/enigma2016/conference-program/presentation/joyce)

  • CISA (US Cybersecurity and Infrastructure Security Agency) — via a news story Rohit cites, about its chief uploading confidential data to ChatGPT.

  • Pace layers — Stewart Brand’s fast-layer/slow-layer framework, which Navin invokes for the grey-hair/black-hair tension.

  • Pune Knowledge on Tap — the “knowledge is free, beer you pay for” meetup Ashish and others started; Rohit notes the last-Thursday-of-the-month cadence.

Connect with Rohit Srivastwa

Discussion about this video

User's avatar

Ready for more?