In his conversation with 9.9 Group, Bikramdeep Singh explained that AI is transforming cybersecurity by shifting the core question from what needs protection to who needs protection.
With cyberattacks becoming increasingly targeted and behaviour-driven, organisations are being forced to rethink long-held assumptions around risk, identity, and resilience. The US-headquartered Proofpoint has played a key role in shaping this global conversation, driving a people-first security model grounded in deep threat intelligence and real-world attacker behaviour.
In a recent conversation with Jatinder Singh, Editor, 9.9 Group, Bikramdeep Singh, Country Manager at Proofpoint India, shared insights on managing human-centric risk in an AI-driven landscape. He discussed the growing influence of agentic AI, the imperative to distinguish human versus AI-driven activity, and the capabilities security leaders must strengthen to stay ahead. He also outlined his mandate in India, driving strategy, expanding customer engagement, and advancing Proofpoint’s vision for modern, human-centric cybersecurity.
“Agentic AI signals a massive shift; the relevant question changes from “What is the content?” to “Who created it: human or agent?” he stated.
Excerpts from the interview follow.
CIO&Leader: With unprecedented change shaking up cybersecurity, how is Proofpoint reshaping its India strategy, and what major milestones are in sight?
Bikramdeep Singh: Globally, we have a significant lead in email security, addressing what remains the single largest threat vector. We’ve expanded beyond email to data protection, stitching together a unified narrative that secures data throughout organizations across channels.
In India, we have served customers for years, but the sharpening of data sovereignty demands, especially from the BFSI, government, and IT/ITES sectors, has driven us to accelerate localization. We are establishing data centers in Mumbai, Chennai, and Bengaluru. By Q3, all Proofpoint solutions will fully comply with India’s data residency regulations, empowering customers with both security and compliance peace of mind.
We have also launched a development center in Pune focused on product quality and support, while expanding sales and technical capabilities in Mumbai, Delhi, and Bengaluru. We project surpassing 200 people in India this year, reflecting robust demand fueled by rapid technology adoption.
CIO&Leader: Your research reveals that nearly 90% of cybercrime losses stem from fraud, especially phishing. In an AI era, why does human vulnerability endure, and what new defense models are shifting the balance?
Bikramdeep Singh: Despite growth in firewalls, EDR, and SIEM, attackers leverage human weaknesses because they remain easier to exploit than hardened tech infrastructure. Email remains the prime attack vector by sheer volume.
Hybrid work complicates this further. Employees work beyond corporate perimeters using diverse communication tools, amplifying the attack surface. AI compounds the challenge: phishing has evolved from mostly content-based attacks to highly personalized, context-aware, multilingual AI-crafted messages, making social engineering vastly more convincing.
While security has evolved in many domains, EDR extending to XDR, analytics emerging from SIEM, email security, and DLP have lagged in transformation. Proofpoint’s AI/ML-powered context analysis moves beyond legacy pattern or content filters to confront today’s socially engineered threats with better efficacy.
CIO&Leader: Many vendors claim AI superiority. How do you differentiate yourself through AI-powered prediction, automation, and user defense to stand out in this crowded market?
Bikramdeep Singh: AI’s success depends on data scale and quality. We analyze roughly one-third of global email traffic, granting deep training data unavailable to many competitors.
Running large-scale AI models is costly, and this limits many. Because of our focus on email and data security, we deploy advanced models efficiently and with precision, balancing scale and operational costs.
More importantly, our layered human-centric approach spans email, cloud, and endpoint channels, providing cross-channel visibility and protection. This wide lens, combined with deep AI models, sets us apart significantly.
CIO&Leader: Which Indian sectors are adopting your tech fastest, and how is agentic AI changing their risk landscape?
Bikramdeep Singh: Government remains a top priority at both the central and state levels, followed by BFSI, with IT/ITES supporting global clients also heavily engaged. These sectors are early adopters of generative and agentic AI, raising new security risks.
Agentic AI signals a massive shift; the relevant question changes from “What is the content?” to “Who created it: human or agent?” Proofpoint plays an integral role in identifying and curbing AI-driven threats by distinguishing human activity from agent activity.
“Data residency laws have increased the demand for autonomous data classification and protection. Our classification engine not only tracks initial tagging but also reclassifies data at exit points, mitigating leaks even if users manually alter classifications, a critical control for regulated sectors“.
CIO&Leader: Agentic AI promises automation gains, but many pilots falter. How do you see enterprise adoption evolving, especially for human-intensive tasks?
Bikramdeep Singh: Agentic AI transcends prior automation approaches like RPA and generative AI by enabling autonomous decision-making, real-time adaptation, and complex workflow execution. It can act swiftly, generate benign or malicious outputs, and continuously improve using context.
This fundamentally transforms the threat landscape. Organizations must now distinguish human-driven behavior from agent-driven actions. Our AI models analyze intent, language patterns, and behavioral trends over time to detect subtle anomalies that traditional tools miss.
Though many pilots currently fail, the relentless pursuit highlights agentic AI’s compelling value in terms of speed, cost reduction, and enhanced customer experience. Adoption will inevitably accelerate despite challenges.
CIO&Leader: How are you building the partner ecosystem in India to facilitate broad technology adoption and support?
Bikramdeep Singh: We are fully partner-driven in India. Cybersecurity success requires not just deployment but deep adoption, which demands skilled partners capable of unlocking the platform’s full power.
Over the past quarter alone, we’ve trained over 100 partner engineers across India and SAARC, ensuring customers are supported locally for deployment, adoption, and scaling. Partners are critical as we expand reach and service quality across all regions.
CIO&Leader: India faces diverse threats globally and locally. What unique attack patterns and security concerns do you observe?
Bikramdeep Singh: India faces a full range of global threats, including phishing, BEC, QR-code phishing, telephone-oriented attacks (TOAD), and others. Given our vast population and enterprise base, we see all types of threats at scale. A distinctive demand emerging from Indian CISOs is risk-based security. Not all employees pose equal risk; developers, CXOs, and finance personnel face different threat profiles.
Proofpoint identifies three key personas: Very Attacked People (VAPs), Very Important People (VIPs), and Very Vulnerable People (VVPs). Focused resources on those overlapping profiles, e.g., frequently attacked and prone to clicking malicious links, can enhance defense efficacy significantly.
CIO&Leader: In many of my conversations with CISOs, a recurring challenge is demonstrating the business value of cybersecurity investments. With evolving threats and complex risks, how do you help boards and business leaders translate human risk intelligence into clear, actionable metrics that justify cybersecurity spending and directly link to business outcomes?
Bikramdeep Singh: That’s a fascinating question and a real problem organizations face. They want examples of attacks that could have threatened them, because the unique challenge with security is that nothing is truly breached until it is identified. Otherwise, you live in blissful ignorance. You don’t grasp the loss until the data has already gone.
What we provide to organizations is a “health check” capability that identifies threats landing inside the organization—without disrupting ongoing business operations—that are not detected by existing tools. These threats aren’t limited to phishing; they include BEC, TOAD attacks, and internal propagation, such as an employee sending a malicious email to a colleague. We identify these threats and present customers with specific details: if this got through and was clicked, here is the type of data at risk.
With our DLP capability, we not only identify threats but also assess which data may have leaked. Data valuation is critical. For example, a USB drive is only as valuable as the data it holds: a CEO’s data has far greater cost impact than a movie or picture. Knowing how to value your data helps quantify threats and their associated costs.
“We provide metrics that help organizations understand the threats and their business impact, enabling them to develop holistic security strategies that address both insider and external risks”
Although we have expanded into DLP, cloud security, and insider risk management, our business remains heavily anchored in email protection.
CIO&Leader: Many enterprises are moving towards zero trust and consolidated security platforms. How are you preparing to diversify without diluting your core strength?
Bikramdeep Singh: I would answer that in two ways. First, Proofpoint is the most significant player globally in email security, a position we’ve held for a long time. On DLP, too, we lead globally by revenue according to Gartner, a fact not widely known in India due to our historic presence gaps.
The key is how we stitch together data from phishing and email security with DLP—email DLP, endpoint DLP, cloud DLP, and DSPM (data security posture management). This covers data categorization and monitoring across channels to prevent data exfiltration via USB, Bluetooth, email, and other vectors.
Our platformized and human-centric approach applies consistently across email, DLP, and all channels, making us unique for organizations seeking integrated, data-centric protection. While providers like Microsoft, Google, and other OEMs offer diverse products, we provide a laser-focused data-centric solution for the largest risk vector—people and their data handling.
“Our threat intelligence, based on the largest dataset, coupled with our AI/ML models, empowers customers to apply insights across their entire organization”