India’s cyber landscape a testbed for next-gen AI security: Diwakar Dayal, SentinelOne

India’s cybersecurity landscape is evolving rapidly, and Diwakar Dayal, Managing Director and Area Vice President of SentinelOne India & SAARC, offers a detailed view of this transformation. 

In a conversation with TechCircle, he explains how enterprises are balancing legacy systems with digital-first operations, the growing adoption of AI to counter advanced threats, and how Indian talent and innovation are shaping the country’s role in global cybersecurity. Dayal also outlines how AI-driven platforms and strategic acquisitions are helping organizations stay ahead of emerging risks while positioning India as a future hub for security solutions.

Edited Excerpts: 

How do you view the current state of India’s enterprise security landscape, and what stands out as most different compared to three to five years ago?

India has a unique position. On one end, there are enterprises that were born in the cloud and operate entirely on digital infrastructure. On the other, many large enterprises and even conglomerates still rely on outdated systems that run critical operations. This mix means that while some organizations are among the fastest adopters of digital technology, others are tied to legacy infrastructure.

Securing both ends of this spectrum is complex. Adversaries use the latest tools and constantly target corporations, but defenders often face limits, starting with budgets and extending to the tools available to protect their assets. As a result, defending both legacy infrastructure and digital-native systems requires platforms that are agile and aware enough to cover both.

India is also in a phase of rapid progress, trying to catch up after decades of slower growth. This creates another challenge: assets are used to their limits. Applications, business systems, and infrastructure often run at 95 to 98 percent capacity. This constant strain pushes both IT and security teams to operate under intense conditions.

That combination, the coexistence of advanced digital enterprises, outdated infrastructure, and assets pushed to near maximum capacity, is what makes India’s security environment distinctive.

How are Indian enterprises balancing the use of AI for growth with the need to defend against AI-driven threats such as deepfakes and malware?

There is growing awareness, supported by portals and leading publications, that change is necessary. We have moved through the internet era, the cloud era, the mobile era, the digital transformation era, and are now in the AI era. Enterprises that fail to reimagine their infrastructure and applications through the lens of AI risk being left behind.

Because of this, organizations are adopting solutions that help them manage the challenges of AI. Just as adversaries are using AI technologies and tools for attacks, Indian enterprises are beginning to use AI to innovate in operations and customer experiences.

At the same time, the market is filled with noise. It is easy to copy and paste value propositions thanks to AI tools, but this creates confusion about what companies and products actually deliver. Enterprises are cutting through this noise by identifying platforms that provide a genuine AI-native experience. They are doing this through extended proofs of concept, market validation, third-party analyst input, and customer feedback. The goal is to find AI-native platforms that can deliver autonomous cybersecurity and protect infrastructure with confidence.

When discussing sectors like BFSI, energy, and telecom, often cited as top targets for AI-driven cyber attacks, how do you see these industries responding?

These sectors are increasingly caught up in what has become a geopolitical conflict. The battlefield has shifted from physical weapons to drones and cyber operations. Cyberattacks are now a tool for nation-states, often targeting critical infrastructure such as telecommunications, banking, and energy, which makes these sectors highly vulnerable.

Many organizations are aware of this. For example, the banking and financial services sector has some of the most advanced cybersecurity capabilities, with experienced CISOs who understand the risks. They are adapting by investing in AI-powered platforms that can respond to AI-driven attacks. This is no longer a case of humans defending against machines, but machines defending against machines. These platforms support detection, protection, and remediation across endpoints, cloud systems, and everything in between.

Still, it remains a constant struggle. Telecom and energy sectors face particular challenges because of outdated hardware and critical applications developed decades ago. Protecting these legacy systems with modern AI tools is essential if they want to stay ahead of attackers.

Do you see agentic AI as a full replacement for traditional security operations, or more as a tool to enhance human-led teams?

This is a fast-evolving area within security and deserves a discussion of its own. Traditional security operations centers (SOCs), which have long been the core of cybersecurity operations, are now overwhelmed with thousands of alerts every minute. This leads to fatigue and slower response times.

New approaches such as agentic AI platforms, including systems like Purple AI and Athena, are addressing these challenges. These tools use reasoning to triage, investigate, and respond to threats at machine speed. They reduce the workload on SOC teams by handling routine investigations and containment, allowing human analysts to focus on more strategic tasks.

This model combines human expertise with automation, which forms the basis of what is now known as the autonomous SOC. An autonomous SOC uses AI platforms to scale and proactively manage operations across industries such as telecom and banking. It helps stop attacks across multiple vectors while enabling real-time response through collaboration between humans and AI systems.

How do you see AI-driven approaches improving cost efficiency in cybersecurity for mid-to-large enterprises in India?

From my conversations with customers, prospects, and organizations, I see adoption of AI steadily improving. AI is not treated as an add-on investment but as a replacement for older, outdated systems. Many CEOs, CIOs, and CTOs are reallocating budgets from legacy systems to AI-enabled ones.

Including AI in a product does not mean higher costs for customers or higher prices for the product. Instead, it makes companies more efficient in delivering the same capabilities at the same cost. Organizations investing in AI are not duplicating expenses; they are replacing older technologies with newer ones. This means budgets are being reallocated rather than expanded, and the shift is happening smoothly.

For example, in cybersecurity, an organization with 10,000 or 20,000 endpoints currently protected by traditional antivirus software would not spend extra on a completely separate AI-enabled EDR solution. Instead, they would replace and upgrade their existing tools with AI-enabled endpoint security. This is the approach many mid-sized and large organizations are already taking or preparing to take.

What's unique about the threat landscape and enterprise priorities in India compared to the global markets you oversee?

India continues to be one of the fastest-growing markets. We keep investing here, not only by making products available in India but also by developing products locally that are then used worldwide. India is unique because it combines legacy technologies with large-scale demand. This allows us to design and test products for scale within the country.

Many segments in India, especially digital-native companies and fintechs, are adopting next-generation security solutions. Our recent acquisitions, such as Prompt Security and Observo, strengthen our AI-driven security portfolio. These technologies address issues like generative AI security and SaaS risk management—areas that Indian enterprises already see as critical.

India gives us the opportunity to develop and scale products across multiple sectors, which supports our continued growth in the country.

With acquisitions like Prompt Security and Observo AI, how do you decide which adjacent technologies to fold into your platform? Is the strategy more about anticipating future attack surfaces or solving immediate customer pain points?

When we built our first product 10 to 15 years ago, we disrupted the antivirus space with our first generation of EPP and EDR, which were fully AI-driven protection systems. In recent years, we introduced Purple.AI, the first security solution that applies generative AI for SOC analysts. Our approach has always been to stay ahead, because AI itself has now become a threat vector. Many organizations use shadow AI without realizing the risks. Some are aware, while others are not.

For example, our acquisition of Prompt Security allows us to help Indian organizations adopt AI safely. Many of them are already using AI but are unsure if they are doing it securely. This includes protecting employees who use third-party AI tools, securing developers who rely on code assistants, and safeguarding homegrown AI applications. These needs are emerging now, and acquisitions like Prompt position us to address them.

Another challenge comes from managing the huge amount of telemetry generated by AI systems. Storing all this data is expensive, so organizations often compromise by reducing the telemetry they collect, which risks losing important signals. To solve this, we build real-time data pipelines that filter and enrich telemetry before storage. This reduces cost and volume while keeping the fidelity needed for strong security.

We know attackers are adopting next-generation tools at speed, so we must do the same for defense. Acquisitions like Prompt and Observo, along with innovations such as Purple.AI, help customers strengthen security, improve efficiency, and achieve more with fewer resources. The goal is to combine human expertise with an AI-powered platform to stay ahead in this evolving battle.

Where do you see India’s cybersecurity innovation going in the near future? Will India become a tech exporter of AI-driven security solutions, or remain primarily a consumer market?

As an Indian citizen, I see a future where India becomes a leader in areas such as AI and cybersecurity. The cybersecurity market in India is large, but much of it is still served by non-Indian companies. At the same time, a significant portion of the talent working in global cybersecurity, whether in multinational companies abroad or in development and research centers in India, comes from India.

I believe this talent will eventually contribute to building more India-focused companies. These companies can meet the country’s massive domestic demand while also serving international markets. India has one of the largest talent pools in the world and operates in one of the most complex environments, with active cyber activity in the region. This combination means that both the country and its companies will continue to invest in cybersecurity talent to strengthen defenses and seize the opportunities ahead.