Deep Chanda of Ampcus Cyber on Building AI-Driven, Human-Centric Cybersecurity Solutions

StartupTalky presents Recap'25, a series of exclusive interviews where we connect with founders and industry leaders to reflect on their journey in 2025 and discuss their vision for the future.

In this edition of Recap’25, StartupTalky speaks with Deep Chanda, Chief Officer at Ampcus Cyber, who reflects on building a cybersecurity company focused on proactive, intelligence-driven defense in an era of rapidly evolving digital threats and tightening regulatory landscapes. With a vision to move organisations beyond reactive security and compliance-only approaches, Chanda shares how Ampcus Cyber is combining AI-assisted technologies with deep human expertise to help businesses operate securely and with confidence.

He goes on to discuss how the company has adapted to shifts in the cybersecurity landscape through AI-powered threat detection, proactive risk management, and compliance-focused security frameworks such as its T-SAMA approach. The conversation also explores Ampcus Cyber’s expansion across global markets, its use of AI across service delivery and operations, its emphasis on education and community engagement, and the company’s roadmap for strengthening cyber resilience through scalable, human-centred, and technology-led security solutions.

StartupTalky: What service does Ampcus Cyber provide? What was the motivation/vision with which you started?

Deep Chanda: At Ampcus Cyber, we offer cybersecurity services that combine expert knowledge with AI-supported technologies. Our primary services include managed detection and response, cybersecurity assurance, compliance and risk management, offensive security testing, and cybersecurity education and training. We began with the goal of helping organizations stay ahead of rapidly evolving digital threats by moving beyond reactive security. Our goal has been to develop intelligent, proactive, and human-centered security frameworks. These frameworks protect systems and data, anticipate risks, support compliance, and improve long-term cyber resilience. By helping organizations work securely and with confidence, we want to build trust in digital environments and raise global cybersecurity standards.

StartupTalky: What new services have been added in the past year? What is/are the USP/s of your service?

Deep Chanda: Over the past year, we have enhanced our portfolio by introducing offerings in AI-assisted threat detection and response, digital forensics, and cybersecurity training and workshops. These additions strengthen our proactive cybersecurity approach. They enhance visibility into security practices, facilitate faster incident investigation and response, and improve preparedness against evolving attack methods. Our key unique selling point is the innovative blend of automation and deep human expertise.

This mix enables AI to manage monitoring, detection, and analysis, while skilled security professionals provide contextual judgment, thorough investigations, and strategic advice. We deliver this through our T-SAMA proactive framework (Train, Scope, Assess, Mitigate, Audit). This framework enables organizations to build resilience, meet regulatory and compliance requirements, and maintain ongoing security oversight through solutions tailored to each client’s specific business environment and risk profile.

StartupTalky: How has the industry you are in changed in recent years, and how has your company adapted to these changes?

Deep Chanda: The industry has undergone significant changes in recent years, driven by increasing cyber threats, digital transformation, cloud adoption, and stricter regulatory requirements. Organizations now demand proactive, intelligence-driven security rather than reactive, compliance-only solutions. We have adapted by integrating AI-powered threat detection, predictive analytics, and human-led expertise into a comprehensive cybersecurity framework. By expanding our services to include cloud security, third-party risk management, and offensive testing, we provide adaptive, proactive, and tailored solutions that empower businesses to operate securely in an increasingly complex digital landscape.

StartupTalky: What key metrics do you track to check Ampcus Cyber's growth and performance?

Deep Chanda: As a cybersecurity company serving clients worldwide, we monitor a balanced set of business, operational, security, and customer-focused metrics to measure growth and performance in different regions. From a business perspective, we look at revenue growth, the quality of our sales pipeline, customer acquisition and retention, and expansion within our existing global accounts. Operationally, we monitor security-specific metrics, including threat detection and response times, incident resolution efficiency, compliance readiness timelines, and the effectiveness of our automation. This enables us to deliver a consistent service at scale. At the same time, we track people and capability metrics, including certifications, skill depth, and the readiness of regional teams. This ensures we can deliver secure and reliable services to our clients across various locations.

StartupTalky: What were the most significant challenges Ampcus Cyber faced in the past year, and how did you overcome them?

Deep Chanda: Over the past year, we faced several significant challenges. These included the rapid growth of cyber threats, rising client expectations for proactive and results-oriented security, and the need to expand operations across different regions without lowering service quality. We addressed these challenges by enhancing our compliance and risk management offerings, augmenting our AI-assisted threat intelligence and detection capabilities, and expanding our range of in-house cybersecurity products to better address new risks and client needs. At the same time, we invested in training and certifying our cybersecurity professionals, streamlined our delivery processes, and established scalable operating models through strategic partnerships. By combining our technology with extensive human expertise and a strong focus on client needs, we successfully navigated these challenges. We continued to deliver reliable, compliant, and trusted cybersecurity solutions to our clients worldwide.

StartupTalky: What are the different strategies you use for marketing? Tell us about any growth hack that you pulled off?

Deep Chanda: We follow a content-led, credibility-driven marketing strategy focused on education, trust, and early engagement with decision-makers through thought leadership, targeted account-based marketing, and partner-led amplification. A strong differentiator is our active collaboration with industry bodies such as ISACA and ISC2 chapters, where we co-create practitioner-led sessions, expert talks, and community forums. We also host large-scale in-house cybersecurity conclaves and conduct a mix of online and offline workshops to engage security leaders with practical, real-world insights. One of our most effective growth levers has been a value-first approach—offering free assessments, executive-ready explainers, and hands-on compliance and AI risk resources. This shift transformed conversations from sales-led outreach to problem-led engagement, driving higher-quality inbound interest, facilitating CXO-level conversations, and accelerating pipeline conversion.

StartupTalky: What are the key technologies you use as part of your cybersecurity offerings?

Deep Chanda: Our cybersecurity offerings combine AI-driven Managed Detection and Response, predictive analytics, cloud and identity security, automated monitoring, and advanced offensive security testing, supported by strategic technology partnerships with innovative, AI-driven cybersecurity product vendors. These capabilities are further strengthened by ComplyX, the product arm of Ampcus Cyber, which delivers intelligent, automated security to simplify compliance, enhance protection, and improve operational efficiency. Through ComplyX, we enable compliance automation, continuous risk visibility, and structured third-party risk management, seamlessly integrated into our service delivery. By combining proprietary products, trusted partner technologies, and expert human oversight, we ensure regulatory alignment, faster incident response, and adaptive, business-aligned cyber defense for our clients.

StartupTalky: What opportunities do you see for future growth in your industry in India and the world? What kind of difference in market behaviour have you seen between India and the world?

Deep Chanda: The cybersecurity industry presents strong growth opportunities globally and in India, driven by rapid digital transformation, widespread cloud adoption, increasingly sophisticated cyber threats, and tightening data protection regulations. In India, the market has progressed rapidly in maturity, supported by accelerated digitisation across banking, healthcare, government, and critical infrastructure, along with growing awareness and investment in cybersecurity; regulatory initiatives such as the Digital Personal Data Protection Act (DPDPA) are further strengthening data governance, compliance discipline, and long-term cyber resilience.

Globally, the market is witnessing a sharp rise in AI-driven attacks, prompting organizations to move beyond reactive security toward cyber resilience, predictive analytics, proactive risk management, continuous monitoring, advanced threat intelligence, and third-party risk management. While Indian enterprises are actively strengthening compliance-aligned security and advancing cyber maturity, international organizations are investing more heavily in intelligence-driven defense and measurable risk reduction. At Ampcus Cyber, we address both needs through AI-driven, human-led security solutions designed to adapt to evolving threats and regulatory expectations.

StartupTalky: How are you using AI, whether in service delivery, internal processes, or customer experience, and what impact has it created?

Deep Chanda: We use AI as a core enabler across service delivery, internal operations, and the overall customer experience. In service delivery, AI-assisted threat intelligence and analytics support early risk identification, anomaly detection, and faster triage of security events, helping teams move from purely reactive response to more proactive and informed decision-making. Internally, AI is applied to streamline activities such as risk assessment, compliance monitoring, evidence analysis, and reporting, improving consistency, efficiency, and scalability without replacing human judgment. From a customer perspective, AI enhances visibility by delivering clearer insights, prioritised alerts, and improved response timelines, which help reduce exposure and operational friction.

StartupTalky: How do you plan to expand the Customers, service offering, and team base in the future?

Deep Chanda: We plan to expand our customer base by increasing our presence in regulated and fast-growing sectors. We will use a value-focused, consultative approach that includes thought leadership, strategic partnerships, and targeted account engagement.

Our services will continue to improve with a stronger focus on AI-assisted security operations, compliance automation, third-party risk management, and cyber resilience. This development will be backed by ongoing enhancements to our own product line under ComplyX. At the same time, we will grow our team by investing in continuous skill development, certifications, and leadership training. We will also create specialized roles in threat intelligence, compliance, and cloud security. This balanced growth of customers, capabilities, and talent will help us succeed in the long run while keeping a high level of service quality, domain expertise, and client trust.

Explore more Recap'25 interviews here.