With over 26 years of experience in cybersecurity across New Zealand, Singapore, and India, Sandeep Sengupta has been at the forefront of ethical hacking, cybercrime investigation, and cybersecurity education. As the Director of the Indian School of Ethical Hacking (ISOEH), he has not only contributed to strengthening cybersecurity defenses but has also mentored the next generation of cybersecurity professionals. In this exclusive Q&A, he shares his journey, insights, and advice for aspiring ethical hackers.
Having a 26-year career in cybersecurity across multiple countries, what initially drew you to this field?
It all started with curiosity and, to be honest, a bit of mischief. A friend and I worked on a project together, but when it was time to share the final file, he refused. That was enough motivation for me to figure out how to access it on my own. After some trial and error, I succeeded, and that experience opened my eyes to the vast world of cybersecurity.
Cybersecurity is constantly evolving. How do you keep yourself ahead of the curve?
I make it a point to study every single day. The moment you stop learning in this field, you fall behind. Cyber threats are always evolving, and so must we. That’s why, even now, I’ve enrolled in an LLB program. Understanding the legal side of cybersecurity is just as important as the technical aspects.
Have you ever faced a major professional setback? How did you overcome it?
I don’t believe in setbacks—only lessons. Life is all about ups and downs, but every challenge teaches you something valuable. If you view obstacles as opportunities for growth rather than failures, you’ll never truly experience what people call a "setback."
What has been the most thrilling or unexpected experience in your work with law enforcement on cybercrime cases?
There have been many, but a few stand out. Being part of the Pegasus inquiry team was a significant experience, as was assisting the police during cyber raids. I’ve also had the privilege of conducting cybersecurity audits for organizations like ONGC, the Bangladesh national data center, PWC, ITC, and IIT Kharagpur. But one of the most rewarding experiences has been mentoring students who are now in top positions across the industry. Seeing them succeed is one of the greatest rewards of my career.
If you had to give one piece of advice to young professionals looking to build a career in ethical hacking, what would it be?
Start with the basics—Wikipedia is your best friend. Then move to YouTube, where you can find endless resources to sharpen your skills. Once you have a strong foundation, pursue global certifications like CCNA, CEH, and OSCP.
most knowledge is for free if you know where to look for it. If you’re truly passionate and enough internet-savvy, you can learn almost everything without spending any money.
Since you have a demanding schedule, how do you ensure you stay physically and mentally fit?
I keep things simple. I don’t take stress. Stress is terrible for your progress. Also, eat healthy, do light exercise, and unwind with movies. No matter how busy my day is, I make sure I’m in bed by 12 midnight everyday anyhow.Â
Working in cybersecurity means long hours in front of screens. Do you have any wellness habits to counteract the negative effects?
Yes, and I wish I had been more aware about it earlier. Staring at screens for long hours has affected my eyesight, my eyes hurt a lot. which is something I’m actively trying to manage by looking at distant objects from time to time to reduce eye strain. But I admit—this still is a big concern for me right now.Â
A field revolving around cybercrime can be intense and high-pressure. What strategies do you use to manage stress and maintain mental clarity?
I firmly believe that stress is a result of being inactive. If you complete your work on time, there’s no reason to feel overwhelmed. I’ve always been disciplined about time management, and that has helped me handle pressure without feeling burned out.
Do you have a morning or nighttime routine that helps you stay focused and productive?
Yes. I make sure I never stay up beyond midnight, no matter how busy I am. Waking up early and having a structured day keeps me productive.
What role does fitness or physical activity play in your life? Do you follow any specific workout or sport?
Fitness is extremely important for growth but here’s the truth for my life—80% of health is controlled by what you eat, and only 20% by exercise. I’m very disciplined about my diet and make sure I do light exercise regularly.Â
As the Director of ISOEH, what’s your vision for the future of ethical hacking education in India?
The way people learn is changing in current times. In the future, education will be free. People will no longer be judged by certificates but, by their skills. The internet has democratised knowledge by a good lot. and those who know how to leverage it will definitely thrive.
You’ve worked with major corporations like PWC, KPMG, and Tata Steel. What’s one leadership lesson you’ve learned from working with such industry giants?
Three things—be process-oriented, define clear Key Result Areas (KRA) and Key Performance Indicators (KPI), and most importantly, be disciplined. That’s the foundation of leadership.
AI is disrupting many industries, including cybersecurity. What are your thoughts on the intersection of AI and cyber threats?
AI is both a powerful tool and a potential threat. One of the most alarming developments is deep-fake technology, which can be used for highly sophisticated cyber crimes.
But here’s something even more concerning—a robot in China recently "kidnapped" 12 other robots without human intervention. If AI can communicate and act independently, we are looking at a future where machines could become the dominant species. It’s a scenario that cybersecurity experts need to prepare for.
Rapid-Fire Round
14. What’s your go-to productivity hack?
Learn and apply—stay ahead of time.
15. One gadget you can’t live without?
My mobile phone.
16. Your favorite way to relax after a long day?
Sleep and watching TV.