Repelling A Ransomware Attack: Purandar Das of Sotero On The 5 Things You Need To Do To Protect Yourself Or Your Business From A Ransomware Attack

This article was originally published:

– January 24, 2022

Basic security — Making decisions based on protecting information is critical. Acknowledging that legacy approach of securing the perimeter is no longer sufficient is critical. Protecting information(data) is the approach that is needed.

Ransomware attacks have sadly become commonplace and increasingly more brazen. Huge enterprise businesses, gas pipelines, universities, and even cities have been crippled by ransomware and forced to pay huge ransoms. What can an individual or a business do to prevent and repel a ransomware attack?

In this interview series, we are talking to cybersecurity experts who can share insights from their experience and expertise about the “5 Things You Need To Do To Protect Yourself Or Your Business From A Ransomware Attack.” As a part of this series, I had the pleasure of interviewing Purandar Das.

Purandar Das has founded a company called Sotero that is revolutionizing data security. It can protect data anytime, anywhere. He also holds a patent for system and methods for data encryption and application-agnostic querying of encrypted data and has two patent-pending technologies he helped cofound. Purandar has focused on using technology to solve business problems. Throughout his career, Purandar has been working on utilizing technology to solve complex business challenges. He adopts a pragmatic approach that enables business to leverage technology to achieve business goals and power growth.

Thank you so much for joining us in this interview series! Before we dig in, our readers would like to get to know you. Can you tell us a bit about how you grew up?

Thank you so much for having me. I grew up in Bangalore or Bengaluru, India. I majored in mechanical engineering right at the tim eteh software or technology revolution was changing my sleepy city in the “Silicon Valley” of India. I was fortunate to work with some the visionary pioneers of the tech revolution in India.

Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.

My interest in cyber security was driven by my personal experience in having been a victim of identity theft. Having dealt with the fall out of having my privacy violated I started to think about how better data security was needed.

Can you share the most interesting story that happened to you since you began this fascinating career?

There have been so many. From seeing our vision translated into a product, bringing on board our first investors, landing our first customer etc.

You are a successful leader. Which three-character traits do you think were most instrumental to your success? Can you please share a story or example for each?

Personally I value the following traits, integrity, resiliency and leading by action. We, as an organization, value integrity not just with our team but also with our customers. I really believe that being honest and transparent in interactions leads to building long-lasting relationships that are beneficial to both parties, whether they are with teammates or with customers. Resiliency is key to the industry we are in as well in general. Daily challenges abound whether they are personnel, technical or financial. The ability to think through these challenges is key to building a successful organization. As people say, talk is cheap. Leading by action is critical when you want others to follow your direction. Be the one showing the way.

Are you working on any exciting new projects now? How do you think that will help people?

I am working on what I think is one of the most impactful projects. We are working to redefine data security, by simplifying the process and the technology while at the same time elevating the level of security and protection. We are working to redefine data as the new perimeter and offer perimeter protection through a data lens. Where it will help people is by helping them trust the organizations that say they will “protect” the data. We want to be at the forefront of data protection by making it simpler to achieve and not impossibly complex.

For the benefit of our readers, can you briefly tell our readers why you are an authority about the topic of Ransomware?

I would balk at the “authority” label. I would rather be seen as someone that has a lot of knowledge on how ransomware works and what can be done to protect and organization and an individual against this. My knowledge and experience comes from having spoken with 100’s of security professionals that deal with these issues every day. Having heard their experiences and challenges and using that as input to come up with a solution is what makes us different. We are constantly soliciting their opinions on every step of our journey. We want to offer products that are meaningful and effective while solving everyday problems.

Ok super. Thank you for all that. Let’s now shift to the main focus of our interview. In order to ensure that we are all on the same page let’s begin with some simple definitions. Can you tell our readers about the different forms of ransomware attacks?

Sure. Ransomware as you can imagine refers to ransoming an individual or an organization. Attackers need to hold something of value to demand a ransom. There are two artifacts that they typically steal and hold organizations ransom. The first way is to make an application stack or data store unusable. This is done by encrypting the files and demanding a ransom for the key needed to decrypt the files and make them usable. The second mechanism is to steal a copy of the sensitive data and hold the data ransom.

Who has to be most concerned about a ransomware attack? Is it primarily businesses or even private individuals?

Most people don’t realize this or don’t make the connection. Individuals were the first to be attacked. These have been going for many years. The process of infecting via website or an email to drop a payload on a laptop or desktop and the demanding payments for the decryption key has been used widely in the past. The evolution from attacks on individuals to organizations is relatively new, although this has been ongoing for many years now. So, everybody should be concerned.

Who should be called first after one is aware that they are the victim of a ransomware attack? The local police? The FBI? A cybersecurity expert?

This depends on the victim. For an individual the process is to reach out to the local authorities and use their guidance for escalation. For organizations, the notification path is determined by the process in place. Typically you notify your executive team, then the authorities and your legal teams. The escalation process will include reaching out to pre-determined cyber security experts to both figure out a recovery pattern as well as preserving evidence to help the authorities.

If a company is made aware of a ransomware attack, what are the most important things they should do to protect themselves further, as well as protect their customers?

The preparation starts well in advance of such an event. Security and operational practices to both ensure that data, if stolen, is rendered useless via encryption as well tested secure backups are key. These two basic steps will help any organization protect their data and ensure that they can recover quickly in the event of an attack. Preserving evidence is also key to help the authorities trace the attackers.

Should a victim pay the ransom? Please explain what you mean with an example or story.

This is an often asked question and really has no clear answer. The short answer is that ransom should never be paid. Commercial realities often dictate otherwise. The even more critical issue in these scenarios relates to protecting the customers of an organization. Often when the privacy and security of your customers are at risk, because the data is in the hands of these attackers, the answer is rarely as simple. Lives of private citizens are at risk because the attackers can expose details that could cause irreparable harm.

What are the most common data security and cybersecurity mistakes you have seen companies make that make them vulnerable to ransomware attacks?

Underinvesting in cyber security is the most often cause. Organizations tend to focus on budgets and bottom lines while implementing security. Product development that drives revenue is often prioritized at the expense of security. Relying on providers (software & services) is another common mistake. Lack of training is yet another cause. Reluctance to deal with legacy technology stacks is one more. Continuing to believe that perimeter security is effective and sufficient is probably the biggest mistake.

What would you recommend for the government or for tech leaders to do to help limit the frequency and severity of these attacks?

The government is engaged in a lot of activity to raise awareness of these attacks and the adverse impact of such activity. They are recognizing the potential impact on both national security as well the commercial losses that such activity is causing. In addition they are both covertly and overtly applying pressure on criminal gangs as well as foreign governments that either openly or tacitly support such activity. They have also engaged in collaborating with the tech organizations to share and collaborate in curtailing such behavior. Mandating basic practices as well forcing companies to focus on basic security while providing information and resources is key.

Ok, thank you. Here is the main question of our interview. What are the “5 Things You Need To Do To Protect Yourself Or Your Business From A Ransomware Attack” and why? (Please share a story or example for each.)

The basic things that are needed to protect yourself or business are the following

  1. Awareness — Both individual and organizational behavior needs to be built on making individuals aware of malicious behavior and their activity. Training and information on modeling behavior that limits exposure is key.
  2. Basic security — Making decisions based on protecting information is critical. Acknowledging that legacy approach of securing the perimeter is no longer sufficient is critical. Protecting information(data) is the approach that is needed.
  3. Investments — Security can’t be crippled by decisions that are driven with the bottom line in mind. New investments are needed. Security is not stagnant. Criminals are evolving much faster than security investments.
  4. Backups — Making sure that all your systems are being backed up and can be restored quickly is critical. With this and ensuring that stolen data is rendered useless, most attacks can be dealt with. Attackers are relying on two weakness: inability to recover & restore and leaving data vulnerable.
  5. Planning — Assume that an attack will happen. Plan for it. All the way from notification, communication and recovery.

You are a person of enormous influence. If you could inspire a movement that would bring the most amount of good to the most amount of people, what would that be? You never know what your idea can trigger. 🙂

The most good that we as a generation can do is to preserve the planet for future generations. Whether it is reducing pollution, preserving land or preserving water. We, over many generations, have benefitted tremendously by technological progress and innovation. We should see it as our responsibility to ensure that future generations will have clean air, sufficient water, food and places to visit and enjoy the spectacular beauty that our planet has. Let’s start with something simple: Let’s make sure that everyone around the world has access to clean water by limiting use to what is essential.

How can our readers further follow your work online?

You can follow me at

@dasgp, @soterosecure, and of course on

This was very inspiring and informative. Thank you so much for the time you spent with this interview!