Author Archive CyberFrat


CyberFrat Pune Meet

Date: Saturday, January 25, 2019 Venue: VIL, Information Technology Centre, 2nd Floor, S.No.19,20. Panchshil Tech Park, Next to Courtyard Marriot Hotel, Opp. HP. Petrol Pump, Hinjewadi, Pune – 411 057, Maharashtra, India.

10:00 AM - CF Updates by Anis Pankhania 
10:15 AM - Data Protection in the Digital World - Gaurav Khera , Director - Deloitte India
11:00 AM - SOC & Data Privacy - Umang Chokshi - Director within EY Advisory Services and specializes in Securit
11:45 AM - Networking Break
12:00 PM - GDPR Overview in Auditing - Khalil Ahmad Pathan - Wipro
12:45 PM - Quiz On Data Privacy
01:00 PM - Lunch
Gaurav is a Director with Deloitte India and comes with 12+ years of experience of working with India’s largest telecom operator. He comes with a rich experience of Cyber Risk, Telecom Strategy and Planning, IT Governance, Process Improvement, IT Service Management, Project/Program Management Technology Due Diligence, Digital Strategy, and Budgeting. Worked with a leading telecom operator of India for the formulation of the technology roadmap, setting up its IT Outsourcing Contract, IT Governance Framework, Centralized Service Desk, SLA Management Framework and CSAT for measuring IT satisfaction and alignment with business objectives.
Gaurav also works very closely with clients advising them on Digital Risks as well as other areas of Cyber Security. He has also led multiple engagements for doing IT Due Diligence as part of M&A activities.
  • Architect, Program and Project Management
  • Professional experience: more than 18+ years
  • Security Delivery Lead for India / South Asia and managing 30+ clients for a security solution, design, implementation, and response.
  • Establish strong client relationships in key large telecom accounts to help deliver Security Services portfolio across Infra Security, Identity & Access Management, Security Strategy, Security Information & Operations center, Data & Application Security.
  • Have played various roles in Cyber Security practice in last 15+ years of experience which include Consultant, Team lead, Security Project Manager, Solution Architect, Delivery Lead and worked across industry verticals including Telecom, Banking, Insurance, Automobiles, Retail Finance, Manufacturing & IT.
  • During this tenure, have done solution sizing, solution designing & architecting, Project Management, PMO, and Implemented various security solutions like SIEM (Q-Radar & Arcsight), DLP, Anti-APT, Malware Management, Web Security, Proxy, Email Security, IPS / IDS, Vulnerability Management, 2 Factor Authentication, Identity and Access Mgmt – Privilege Identity Mgmt solution like ARCOS, Firewalls, VPN, Wan Acceleration and Optimization, HIPS, UTM, Device control, WAF & Firewall from various leading OEM
Khalil is BE from Pune University and PGDIM from NITIE, Mumbai with over 11 years of workex primarily in IT Risk Compliance and Governance in various industries.

Navi Mumbai Meet

CyberFrat Navi Mumbai Meet
Date: Saturday, January 18th, 2020
VEnue: qSEAp Infotech Pvt. Unit No: 105, Building No: 03, Sector – 03, Millenium Business Park, MIDC Industrial Area, Mahape, Navi Mumbai, Maharashtra 400710

Read More

Bangalore Meet

NextGen Cyber Protection in association with Qseap

Saturday, December 7th, 2019

Read More

Pune Meet

CyberFrat Pune Face to Face Event Schedule for Saturday 16th November, 10 AM Onwards at Hinjewadi. Click on below Link for detail Agenda and Registration.

If you are not CyberFrat Member, Please join first and then click for event rregistration.

Read More

Cloud Knowledge Exchange

CyberFrat Mumbai Meet: Cloud Knowledge Exchange
Date: 5th October 2019 (Saturday)
Time: 10:00 AM – 04:00 PM
Venue: Vidyalankar Institute of Technology , Wadala (East) – Mumbai

Read More


Quiz Rules

  1. This Quiz is for Students across India
  2. The Quiz will be on Emerging Technologies with 25 Questions on topics like Cloud, Artificial Intelligence, IoT, Data Science, Blockchain and cyberSecurity.
  3. Each question will have 4 options with one correct answer and 30 Seconds to answer.
  4. Each question will have 1000 points, faster you answer more points you earn.
  5. you will require two devices to play the quiz. one to log in the server screen and one to answer the quiz.
  6. The first 100 students login in at 10 AM on 31st August will get a chance to play the quiz.
  7. Winner Scoring the highest points will be given a chance to select any show within the next 7 days in any theater in India for a couple Movie ticket for Saaho.
  8. CyberFrat ID is Mandatory.
  9. Register with your ID below by 30th August 6pm to get an Invite for the Quiz.

IF you don’t have CyberFrat ID yet, click below to get it for free, Add Reference ID as Quiz. once you receive the ID come back to register for Quiz.



CyberFrat is happy to announce the association with Infosec Foundation for Security Symposium And Award 2019. Apart from passes to our professional members we are giving 3 VIP Passes to Mumbai Students, Which includes All Access to full-day Security Summit, Networking with 30+ Speakers & 150+ Professionals, Award Ceremony, Lunch, Musical Evening with Cocktail & Dinner

Venue: Hilton Mumbai International Airport, Sahar Airport Road, Andheri East, Mumbai
Friday, August 30th, 2019
10:00 AM Onwards

Register here to get a chance to Win the Pass (Students Only)




10:00-10:10 – CyberFrat Updates – Gaurav Batra

10:10 – 10:40 – Why cyber security is one of the priority for an organization – Prashant Gupta

10:45 – 11:15 – Phishing – More than just a spam folder – Naveen Yadav

11:20 – 11:50 –  Cyber Risk and Mitigation Controls for NBFC industry – Dominic Vijay Kumar

11:50 – 12:05 – Networking Break

12:10- 12:40 – Fraud Detection using Data Analytics – GK Gupta

12:45 – 01:15 – Data Protection and Privacy – Prashant Gupta

01:20 – 01:35 – Quiz by Gaurav Batra

01:35 – 01:45 – Wrap up & Snacks

If you are not CyberFrat Member yet, Click below to join Cyberfrat for free and get three Month free CFPlus membership as well.


Coffee with CyberFrat – June 2019

Discussion Date: Sunday, 2nd June 2019

Time: 10:30 AM Onwards

Coffee With CyberFrat is a program initiated with an intent to aid in the local networking of cyber professionals and students aspiring to build a career in the cyber industry.

The basic funda of CWC is, the CF volunteers in different cities decide a venue and timing for the meet. This meet is open for anyone and everyone irrespective of their professional background. Further, a topic is decided to be discussed which is same for the meets in all cities. Everyone brings their thoughts and opinions to the table while sipping coffee which is paid individually.

On 2nd June 2019, Coffee With CyberFrat was held at 5 different locations and was a grand success. The topic decided for this meet was IMPORTANCE OF INFOSEC CERTIFICATIONS.

The outcome of the meets that happened in different cities of India is summarized below.

Café Latte Art
Importance of Information Security Certifications

The discussions started with participants sharing their insights on the importance of information security certifications and how they are helpful in career growth for an individual. The discussion zeroed around basically four aspects which were central to the agenda. 

These are as follows: 

  1. Role of certifications in information security career growth
  2. Preparation Strategy for Information Security certifications
  3. Pitfalls to avoid after you successfully pass the certification
  4. Best practices to reinforce learning after passing certification exam

These points are summarized below.

Café Latte Art
A) Role of certifications in information security career growth

 A credential in effect shows candidate’s significant commitment to the job profile in information security field.

  • Typically, an InfoSec credential is backed by an active Security community such as ISACA, ISC2, SANS Offensive Security etc. This gives a brand recognition to an individual which in turn leads to better career opportunities for him / her. 
  • All well-known InfoSec certifications come with a pledge of ethical usage behavior from the candidate. 
  • So in case there are provable reports of malpractice from a candidate, the credential gets revoked by the governing body immediately. 
  • This leads to higher assurance from client’s end.

Within a company, this may lead to quicker job promotion or first preference to work on a new environment / technology if a person is certified on that technology. 

  • As a result, chances of receiving a better pay increases a lot once the candidate is certified.

External factors such as regulatory or industry standard(s) might mandate and insist on sending only certified candidate as a qualifying requirement for a particular job role. 

View this post on Instagram

A post shared by CyberFrat (@cyberfrat) on

  • This in turn, pushes the companies to aggressively get their employees certified.

Better client assurance on work quality can be given hence client is comfortable to pay more the company if they send certified professionals. 

  • This translates to a win-win for both the client and vendors.

This may offer a vendor or service provider an edge over the competition. 

  • This may happen because the client may give preference to a company which employs certified employees when compared to its closest competitor.
  • For an InfoSec professional who is active as a freelancer, having credentials is always better as this attract new young companies
  • These young companies may not have sufficient budget to approach established companies for completing required information security compliance activities. 
  • However, they may very well afford a seasoned certified InfoSec professional to help them to get compliant w.r.t information security.
Café Latte Art
B) Strategy to prepare for InfoSec certifications:

Knowledge based certifications (CISA, CISSP, etc.):

  • Study the basics and prepare well 
  • Do lots of practice questions
  • Better learning can happen via study aids, group studies with peers
  • Test your learning and accuracy via Mock tests 
  • Learn to manage time better as there is limited time to answer questions. 

Skill based certifications (OSCP etc.):

  • Learn and understand the basic concepts well
  • Do the test practice first on labs to reinforce the concepts
  • Heavily practice on stimulated labs before attempting live exam
  • Manage your time well, prepare necessary documentation as you move forward.
Café Latte Art
C) Common Pitfalls to avoid once you successfully pass the certification exam:

  • No need to indulge in bragging about successful certification. Stay grounded and humble. 
  • Stay calm and focused. You may have completed an important milestone, but your career journey is still happening.
  • Don’t become arrogant and start behaving snobbishly around your peers. 
    • People are less likely to work or get along smoothly with a knowledgeable but arrogant person.
Café Latte Art
D) Best practices to reinforce learning after certificate completion:
  • Try implementing some of the ideas in your company which you learned while pursuing certification. 
    • You will get to know the real-life challenges and how to overcome them during implementation phase itself. 
  • Offer to help your colleagues facing in any implementation challenge w.r.t InfoSec. 
    • Knowledge and skills only get better by sharing it with others. 
  • Don’t hesitate to share your exam experience and things you could have done better during examination preparation with your colleagues. 
    • Your respect and confidence will only increase among peers. 
  • Keep learning and share your knowledge freely among peers. 
    • You will eventually win people trust and confidence which will catapult you to new career heights in future.

Other key points identified during the discussion, which are important when the focus falls onto information security certifications are as follows.

You need certification when you don’t know Information Security and you don’t need it when you know Information Security

This means, if you possess experience in InfoSec, certification may not be mandatory as you already have practical experience. However, for a fresher to enter into the industry, you need to have a certification to be eligible for the profile.

Top of Security is risk management 

However, it gets detached from Security as it focuses more on management of risk Security.

Café Latte Art
No certification serves all sectors, there isn’t any generic certificate

There is no generic certification which satisfies all the criteria required. Thus, an individual ends up being perplexed, which certification needs to be completed in order to be eligible for a job opportunity,

Café Latte Art
Preferably CEH certified individuals are hired but it doesn’t matter if they can demonstrate skills

Certain companies prioritize skills and experience over certifications for example if a candidate can demonstrate skills of ethical hacking, it does not matter if he/she possess certification.

Café Latte Art
Certificate will become necessary as numbers grow to filter out people who do not have knowledge

As the digital era is expanding enormously, students would be inclined to work in security domain. Thus, to have an eligibility criterion and have a basic segregation of candidates, certification would be required.

Café Latte Art
Certificate is important but cannot ignore people with experience.

Having a certificate is quite important but on the other hand people in the industry with considerable years of experience who possess knowledge as well as skills cannot be neglected over having no certification.

Café Latte Art
EC council CEH is an entry place

CEH is considered as an entry level certification and expecting a candidate with CEH certification to have skills of higher level would not be fair.

Café Latte Art
The Gaps that were identified which needs to be bridged to enhance the cyber community were: don’t consider him as a security guy.

No up to the mark certifications for cyber investigation

Scarcity of Good trainers 

CISOs ignore maintaining certifications and lack experience of business management

Café Latte Art

CEH is a good entry point into the Information Security industry

CISSP can be considered as a relevant and useful certification for team members

CISM and CISM are good from industry perspective if you are leading a team

Udemy, Cybrary, Hack the box, Pluralsight, Project Drona, Corsera are good websites  for learning free learning.

CISM is fully defensive

CEH and OSCP can be considered as entry level certifications. CEH is objective exam while OSCP is hands on approach offensive security exam.


BANGALORE: Pooja Bagga, Vivek Verma

Starbucks Coffee House, Ground Floor, 115, Road Opposite Raheja Arcade, Koramangala

DELHI: Priyanka Tomar, Prem Gurnani, Nakul, Akshat

Cafe Coffee Day The Square, 46, Janpath Rd, Atul Grove Road, Janpath, Connaught Place

NASHIK: SaiPrasad Kulkarni, Amol Patwardhan, Mohit Bagul, CA Amit Sharma, Saujas Jadhav

Café Coffee Day – Mahatma Nagar, Parijat Nagar, Ramrajya Building

A group of people posing for a photo

Description automatically generated

MUMBAI: Gaurav Batra, Pooja Kadam, Ritesh Bhatia, Smith Gonsalves, Anirban Roychowdhury, Nikhil Talwar, Sameer Saxena, Amaresh Rajvedi, Sunil Sharma

Coffee By Di Bella Exclusive Link Road, Ground Floor. Kiran Kunj, 24th Road, Off Linking Rd, Opposite elbo room, Khar West

A group of people standing in front of a crowd posing for the camera

Description automatically generated

PUNE: Manasdeep, Yogesh Mishra

Irani Café, World Trade Center, Dholepatil Farms Rd, EON Free Zone, Kharadi.

A person standing in front of a mirror posing for the camera

Description automatically generated
Social media & sharing icons powered by UltimatelySocial