Prashant Kate

CIO 2023

Forging a Path of Excellence

Prashant Kate

Associate Director

(Information Security), BDO

Dreams do come true when they are fuelled by perseverance and commitment. Prashant Kate stands as a testament to the transformative power of hard work and dedication. From humble beginnings as a storekeeper, he has ascended to the prestigious position of Associate Director of Information Security at BDO. Prashant’s remarkable journey commenced with a bold decision to explore new horizons following closures in the textile industry. This pivotal moment led him to secure a role as an Information Security Analyst at HP, marking the genesis of his captivating odyssey in the realm of information security.
Starting at Level 1, Prashant fearlessly embraced various troubleshooting tasks, tackling minor issues like scripting problems and key decryption. With each triumph, his technical acumen flourished, and he fearlessly confronted more intricate cases involving customisations within the Pointsec software, deftly unravelling the mysteries behind blue screen errors and PC booting issues. His spirit and resolve propelled him to Level 2 and eventually Level 3.
It was during this arduous journey that Prashant’s passion for information security was ignited, forged amidst encounters with hacking, malware, and virus infections. The captivating intricacies of this field enthralled him, serving as pivotal moments that kindled an insatiable curiosity and a profound longing to forge a career in safeguarding digital landscapes.
Currently serving as the Head of Information Security, Prashant continues to orchestrate notable improvements in access management, vulnerability management, risk management, penetration testing, and security policies. His technical foundation is robust, encompassing an expansive range of disciplines, including security technology, risk assessment and management, vulnerability assessment and management, IT security awareness, SIEM solutions, and more. Prashant’s formidable repertoire is further augmented by his expertise in esteemed projects like BEGOC, A.P. Moller Maersk, Shell, CEDS, Black and Veatch, Affinia, Verigy, and Allegheny.
Educationally, Prashant holds a bachelor’s degree in information technology (B.Sc. IT) and a Diploma in Materials Management. His quest for knowledge and professional growth is evident through his acquisition of esteemed certifications, including CEH, ECSA, LPT, CHFI, and ITIL v3 Foundation. These accolades not only validate his exceptional expertise but also underscore his unwavering commitment to staying at the forefront of industry advancements.
In an interview with TradeFlock, Prashant uncovers several of his life lessons and secrets.

How did you acquire certifications in ethical hacking, security analysis, and forensic investigation?

At HP, the CISO recommended the Certified Ethical Hacker certification from the EC Council, which covered scripting, networking, and infrastructure. I completed the certification after studying the provided materials. Later, I pursued the EC Council Certified Security Analyst and Computer Hacking Forensic Investigator certifications to further enhance my skills. Additionally, I had the opportunity to implement a comprehensive information security system for Shell in Malaysia, where I designed the architecture and implemented security measures. As the Head of Information Security for the International Games Committee, I oversaw the implementation, testing, and decommissioning of security systems during the Olympic Games in Baku, Azerbaijan.

What are the two major lessons you've learned throughout your career?

Throughout my career, I have gained two major lessons. Firstly, the continuous learning process in information security has been my top priority. I thrive on studying new attacks and exploits through reverse engineering, staying updated, and honing my skills as a security professional.
Secondly, setting up a Security Operations Centre (SOC) was a significant learning experience. From design to implementation, testing, and real-time monitoring, I had the opportunity to be involved in the entire process. This hands-on experience equipped me with a deep understanding of SOC functions and operations, providing me with the confidence to establish future SOCs.

What are your strengths and weaknesses as a security professional?

As a security professional, my strength lies in my passion for continuous learning. I am driven to expand my knowledge and skills, keeping up with the latest exploits, vulnerabilities, and security techniques. I actively share my findings with others, fostering a culture of knowledge sharing.
On the other hand, one of my weaknesses is occasionally prioritising the growth and development of my team members over my personal growth. However, I am actively working on finding a balance between supporting my team and investing in my professional development.

What were some of the initial challenges you faced as an Associate Director at BDO?

As an Associate Director at BDO, I encountered initial challenges in convincing government organisations in India about the significance of information security. Their reluctance to adopt security solutions due to perceived costs was a major hurdle. Furthermore, working with domestic clients posed distinct challenges compared to international clients in terms of their maturity and understanding of information security practises.

How do you view the impact of AI as an Information Security Officer, and how do you leverage it in your work?

AI is both an opportunity and a field that requires attention. While it brings automation and advanced tools, it can’t replace the intuition and expertise needed in cybersecurity. However, AI has expanded the scope of cybersecurity, creating new opportunities. I leverage AI as an automated tool to enhance security measures, but I always validate and refine its results with human insights. This combination strengthens our defences against evolving threats while leveraging AI’s capabilities.

How do your team members perceive you as a leader and inspiration in the field of cybersecurity, and how do you ensure their growth and learning path?

My team members view me as an approachable and supportive leader who treats them as friends and valuable resources. I prioritise knowledge sharing and pass on my learnings to my juniors and colleagues, offering guidance and solutions not only in information security but also in personal challenges. I take pride in their growth and success, encouraging their professional development through certifications and mentorship.
To ensure their growth, I actively engage with each team member, providing guidance and conducting knowledge-sharing sessions. I support their pursuit of relevant certifications and leverage my network to assist them in finding new opportunities. I emphasise the importance of building a strong foundation before considering transitions. Their growth and success are paramount to me, and I strive to be a mentor and facilitator in their professional journeys.