Join us on:

03 - 05th December 2026
Halls 4GF & 5GF, Bharat Mandapam, New Delhi

SOUTH ASIA'S LARGEST SECURITY EXPO & CONFERENCE
12-14 September, 2024
Hall 4 (Naboratri) ICCB Dhaka, Bangladesh

BOOK YOUR SPACE Register as Visitor
View Exhibitor List IFSEC India Awards
IFSEC India
JANUARY 28, 2026

“We need to move beyond a traditional ‘detect and respond’ mindset toward ‘prevention by design”


Interviewed by Adeesh Sharma

Gaurang Katyal, Product Manager – Integrity, Meta elaborates on the intersection of AI, identity, and product-led security, areas where we are seeing the most rapid and consequential shifts across the industry today. Read on to know more…

1. Modern-day to IT infrastructure threats

The threat landscape has evolved from primarily technical exploits to highly sophisticated, psychology-driven attacks. The biggest shift is the democratization of sophistication. With Generative AI, even low-skill attackers can now launch highly convincing phishing campaigns, deepfake-enabled social engineering, and automated account takeover attacks at scale. Increasingly, we are seeing “identity-first” attacks, where the user becomes the primary entry point rather than the network perimeter or firewall.

2. Technology solutions needed to mitigate these threats

We need to move beyond a traditional “detect and respond” mindset toward “prevention by design.” Two technologies are especially critical.

First, phishing-resistant authentication. The adoption of FIDO2 standards and passkeys is essential to eliminating passwords and neutralizing credential theft at the root.

Second, AI-driven behavioral biometrics. Machine learning can continuously model normal user behavior, such as typing patterns, mouse movements, and location velocity, to detect anomalies in real time, even when valid credentials are used. This allows organizations to stop attacks that would otherwise bypass traditional controls.

3. Impact of AI on organizational security

AI will be the defining force in cybersecurity over the next decade, acting as a true double-edged sword.

On the offensive side, attackers will use AI to discover vulnerabilities faster, generate polymorphic malware, and personalize attacks at a scale that was previously impossible.

On the defensive side, AI is the only viable way to operate at modern scale. Organizations will increasingly rely on AI agents to automate Tier-1 security operations, prioritize alerts, patch vulnerabilities, and predict attack paths before they are exploited. The future of security will largely be AI systems defending against AI-powered threats.

4. Skills security professionals must embrace

Security professionals must become genuinely AI-literate. This goes beyond using AI tools and includes understanding how to secure AI systems themselves, including adversarial machine learning, prompt-injection defenses, and data privacy risks in large language models.

In parallel, data and analytical skills are becoming indispensable. Modern security is fundamentally a data problem, and professionals who cannot reason about data, signals, and models will struggle to protect complex systems.

5. The evolving role of cybersecurity professionals

The traditional view of cybersecurity as a blocking or gatekeeping function is no longer effective. Today, security professionals must act as trust enablers. Security is shifting earlier into the product and system design process, rather than being applied as a control at the end. The future role of cybersecurity leaders is to design protection that works seamlessly for users and the business, enabling growth while managing risk.

Future leaders in cybersecurity will need to be as fluent in user experience and business outcomes as they are in risk frameworks. The goal is no longer to slow the business down, but to enable growth by designing trust directly into products and platforms.