COMPASS helps clients manage multiple compliance requirements in a single portal: J. Manoj Kumar, CyRAACS

Cyber Risk Advisory and Consulting Services (CyRAACS) is founded by industry veterans, Suresh Iyer and Murari Shanker. CyRAACS was established to provide robust and sustainable cyber security solutions to organizations. Its focus is to tailor and integrate solutions into client environments seamlessly, so they can focus on their core business completely.

J. Manoj Kumar, VP, Sales & Marketing, CyRAACS, tells us more. Excerpts from an interview:

DQ: Give a brief introduction to CyRAACS and its offerings.

J. Manoj Kumar: In the cyber security compliance landscape, challenges encompass adherence to diverse standards, ongoing audits, intensified regulations, lack of consolidated risk visibility, managing assessment issues, and tracking security requirement exceptions. In response, Cyber Risk Advisory and Consulting Services (CyRAACS), founded in 2017 by industry veterans Suresh Iyer and Murari Shanker, with nearly three decades of experience in various technology and security domains, offers robust cybersecurity solutions and tailoring services for seamless integration.

CyRAACS meets customer expectations by being agile and nimble for SMEs, focusing on quality and timelines for enterprises. The company’s ethos of empathy, excellence, continuous learning, and a client-centric approach ensures tailored solutions. The company has seen increasing demand for its Enterprise Risk Management and Compliance Services, adapting to a wider range of risk-based approaches. Since its inception, CyRAACS has achieved leadership status, catering to diverse client portfolios with robust cybersecurity solutions.

DQ: How is CyRAACS enabling CISOs to build and sustain the ISMS setup?

J. Manoj Kumar: The Chief Information Security Officer (CISO) is charged with driving an organization's security strategy and planning to create a robust and pragmatic information security program. The role of a CISO requires both executive leader skills and technical savvy.

CyRAACS initiated a niche service line called CISO Services, where they manage the complete information security-related activities for customers as part of the Managed Security Services. These services include indulging and monitoring Information Security Strategy, Information Security Governance, Audits and Compliance.

Their approach to delivering CISO Services is simple and highly effective by implementing a baseline program which includes understanding the complete current ISMS Setup, applicable frameworks based on the client business line, and getting the client compliance to all policies and controls. CyRAACS ensures to sustain the new ISMS setup throughout the year. This service is extended to many enterprise level clients like TATA, Croma, and so on.

DQ: Throw some light on the various services on your flagship offering, and explain your USP.

J. Manoj Kumar: We are offering several services. These include: CERT-In Empaneled, tailor-made sustainable solutions, etc. We have a quick turnaround and proactive approach.

DQ: What are the major customer expectations, and how do you meet them?

J. Manoj Kumar: Agile, nimble is the key expectation in the SME market segment. The enterprise segment has expectations on quality and timelines. CyRAACS’s approach has always been a combination of both. The ethos of CyRAACS clearly defines: Having the Highest Empathy Towards Clients, Excel in Whatever we do, Learning Every Day and Service with a Smile.

DQ: Given CyRAACS’s specialization in offering numerous Enterprise Risk Management and Compliance Services respective to requirements like client portfolio management, regulatory consulting, and more, how do you find the increasing demand for the services?

J. Manoj Kumar: Largely, the risk consulting practices in the SME segment have always been compliance driven. With the increase in enterprise clients, we are seeing a shift in pure-play risk consulting. We foresee a wider range of adopting risk-based approaches in the business environment. We, at CyRAACS, have a clear focus on understanding the client's needs and tailor make the approach that suits them right.

DQ: What is the core team's expertise by which the company is excelling in delivering its services to clients?

J. Manoj Kumar: CyRAACS team possesses a diverse range of expertise that forms the foundation for providing exceptional Best-in-Class Consulting Solutions to clients. The team is built of members holding decades of experience in the Cyber Security Domain with various Certifications such as – CISSP, CISA, CISM, CEH, ISO 27001 LA, OSCP and so on.

DQ: Provide some insights on your latest GRC product.

J. Manoj Kumar: With CyRAACS prominently being a cyber security service provider from its initiation, they understand the shortcomings of every client, while they helped them build their ISMI setup, and comprehend these vulnerabilities with continuous tracking of items, documentation, and automating the process.

CyRAACS invested in their resources for 2 years in developing the GRC Product that could successfully solve these issues -- COMPASS “Designed & Built by Consultant with years of Audit and Consulting Experience”.

CyRAACS, being a services provider for many years, built COMPASS to address the high level challenges of their clients, like Compliance to multiple Standards and Frameworks, the need for continuous audits, keeping up with the increased Regulatory Scrutiny, creating multiple views of risk and security program, continuous tracking of issues from assessment, audits and exceptions to security requirements.

COMPASS can help clients manage multiple compliance requirements in a single portal and allows them to build a custom framework based you’re their business and compliance requirements with complete visibility of security controls and a clear understanding of the compliance posture with actionable recommendations to remediate issues.

DQ: Tell us about your Middle-East venture global expansion.

J. Manoj Kumar: CyRAACS has successfully expanded into the Middle-Eastern region with a branch setup in Dubai and a custom built line of services that includes technical services, such as VAPT, Code Review, Configuration Review, API Testing, etc.

We offer audit services, such as Global Compliance (ISO 27001, PCI DSS, NIST -CSF, IEC62443/ISA99, SWIFT custom security controls) Regional Compliance (SAMA, NESA/SIA, DFSA, GDPR, ISR). Even before establishing a branch on Dubai, CyRAACS was working with multiple middle-east companies, and got a highly positive response. This encouraged the leadership of CyRAACS to spread its wings into the Middle-East region.

CyRAACS aims to place itself as one of the best cyber security consulting firms with its tailor-made customized solution, and with COMPASS in the Middle-East region by the year 2024.