AI Security Leadership  ·  Mumbai, India

Tirthankar
Dutta

Director, Cybersecurity Engineering & AI Automation  ·  ServiceNow
CISSP  ·  CISM  ·  CISA  ·  Indian Patent Holder  ·  Forbes Technology Council

“I build autonomous security systems that eliminate risk before humans need to intervene.”

20+

Years in cybersecurity

−40%

SOC response time at Disney

4

Open-source AI security tools

1

Indian Patent granted

Director & Head, Cybersecurity Engineering & AI Automation — ServiceNow
Former CIO & CISO — The Walt Disney Company (APAC/EMEA)
Former Head of Security — Expedia Group India
Indian Patent No. 572069 — System & Method for Detection & Prevention of Data Theft by a Suspected Phishing Website
Founder — AIShield Labs (Open-source AI security toolkit)
Forbes Technology Council Member

About

Security leader.
Builder.
Architect of the agentic era.

I am a cybersecurity executive with over two decades of experience leading security transformations at some of the world's most complex organisations — including The Walt Disney Company, Expedia, Apple, and InfoEdge.

At ServiceNow, I lead enterprise security engineering and AI automation programmes — focused on building autonomous security agents and scalable governance frameworks for agentic AI systems.

I founded AIShield Labs, an open-source AI security toolkit comprising four zero-dependency Python tools mapped to MITRE ATLAS v4.5.2, OWASP LLM Top 10 2025, NIST AI RMF 1.0, the EU AI Act, and ISO/IEC 42001.

I hold Indian Patent No. 572069 — granted by the Patent Office, Government of India in October 2017 — for a system and method for the detection and prevention of data theft by a suspected phishing website, filed while at InfoEdge (India) Limited. I am also progressing a US patent application for the Dynamic Execution Governance System (DEGS), a runtime governance middleware for autonomous AI agents.

Certifications

  • CISSP — Certified Information Systems Security Professional
  • CISM — Certified Information Security Manager
  • CISA — Certified Information Systems Auditor
  • CAISP — Certified AI Security Professional

Recognition

  • Forbes Technology Council Member
  • Indian Patent No. 572069 — granted Oct 2017
  • US Patent application filed — DEGS (in progress)
  • Award-winning CIO & CISO
  • Published author in cybersecurity

Frameworks & standards

  • MITRE ATLAS v4.5.2 & ATT&CK
  • OWASP LLM Top 10 2025
  • NIST AI RMF 1.0
  • ISO 27001 · ISO/IEC 42001 · EU AI Act
  • GDPR · SOX · CCPA · DPDPA

Career impact

Twenty years of outcomes
across four continents.

−40%
SOC incident response time
Disney Star · GenAI integrated into security operations
20+
Years of cybersecurity leadership
Disney · Expedia · Apple · InfoEdge · ServiceNow
4
Open-source AI security tools
AIShield Labs · MITRE ATLAS · OWASP LLM Top 10 mapped
1
Indian Patent granted
Patent No. 572069 · Phishing detection & prevention · Oct 2017
5+
Industries secured
Media · Travel · Technology · Finance · Consumer internet
3
Published certifications
CISSP · CISM · CISA · CAISP

Career

Two decades across
the world's most complex organisations.

2025 – present
ServiceNow
Director & Head — Cybersecurity Engineering & AI Automation
Leading enterprise security engineering and AI automation programmes. Focused on building autonomous security agents, AI-first security operations, and scalable governance frameworks for agentic AI systems at enterprise scale.
2021 – 2025
The Walt Disney Company
CIO & CISO — Disney Star, Disney India, ESPN India (APAC/EMEA)
Enterprise-wide information security strategy across streaming (Disney+ Hotstar), parks, and studio businesses. Integrated Generative AI into SOC operations, reducing incident response time by 40%. Directed 24×7 SOC, third-party risk management, and regulatory compliance across APAC and EMEA.
2018 – 2021
InfoEdge (India)
SVP & Head of Information Security
Cybersecurity leadership across Naukri, 99acres, Jeevansathi, and Shiksha. Built enterprise security function from the ground up across India's largest online recruitment and real estate platforms.
2014 – 2018
Expedia Group India
Head of Information Security & CISO
Managed the Security Operations Center, business continuity planning, and cloud security transformation. Delivered measurable outcomes in operational resilience and PCI-DSS compliance across global travel technology operations.
Earlier
Apple · Religare · HCLTech · TCS · IBM
Security Leadership Roles
Progressive cybersecurity leadership roles across Fortune 500 organisations spanning financial services, technology, and consulting. Built expertise in risk governance, cloud transformation, and large-scale digital security programmes.

Projects & IP

Building the tools
the field doesn't have yet.

Open source · GitHub
AIShield Labs
An open-source AI security toolkit comprising four zero-dependency Python 3.8+ tools: AI Agent Security Auditor, LLM Security Scanner, AI Secure Development Checklist, and AI Supply Chain Scanner. Mapped to MITRE ATLAS v4.5.2, OWASP LLM Top 10 2025, NIST AI RMF 1.0, EU AI Act, and ISO/IEC 42001.
github.com/aishieldlabs
US Patent · Application filed
Dynamic Execution Governance System (DEGS)
A runtime governance middleware for autonomous AI agents — providing real-time policy enforcement, decision auditing, and constraint verification at the point of agent execution. US patent application in progress. Builds on foundational work from Indian Patent No. 572069 (granted 2017) in detection and prevention of malicious web activity.
Enquire about collaboration
Research & advisory
AI Agent Governance Framework
A practitioner framework for deploying autonomous AI agents in enterprise security environments — covering runtime policy enforcement, decision auditing, escalation boundaries, and human-in-the-loop override mechanisms. Informed by hands-on deployment of agentic systems at scale and the DEGS patent research.
Get in touch

Writing & thought leadership

Ideas worth
putting in writing.

May 2026 How to Build a Complete AI Security Program for Free — A practical guide for AI startups using open-source tools Medium May 2026 How to Build a Complete AI Security Program for Free — A practical guide for AI startups using open-source tools LinkedIn 2025 I've Been a CISO for 20 Years. Last Year, I Stopped Managing Security. LinkedIn Apr 2026 Security Automation as a Transformation Lever: Reducing MTTR, Lowering Cognitive Load, and Building Resilient Teams Medium Jan 2026 The Economics of Autonomous Operations (EAO): How Value Creation, Backlog Economics, SLA Math, and Exposure Risk Redefine Modern Ops Medium 2025 The Future of Jobs as AI Becomes the New Backdrop LinkedIn 2025 SEBI Cybersecurity Framework: What the FAQs Mean for Indian Enterprises LinkedIn Mar 2023 How ChatGPT Can Help You Improve Your Phishing Incident Response Forbes Jan 2022 Can We Predict a Cybersecurity Incident? Forbes 2022 Detecting Lateral Movement: The Hidden Threat Inside Your Network Forbes 2020 Breachsecurity — Only Hope is a Secure Breach LinkedIn
Coming soon Why Autonomous AI Agents Need Runtime Governance — and How to Build It In progress
All articles on Medium ↗

Contact

Let's talk about
what's next.

I am open to conversations about AI security strategy, autonomous agent governance, advisory roles, speaking engagements, and collaboration on open-source AI security tooling.

If you are a CISO, CTO, or security leader navigating the transition to agentic AI systems — I am particularly interested in those conversations.

LinkedIn linkedin.com/in/tirthankarduttaa Medium medium.com/@tirthankardutta GitHub github.com/aishieldlabs GitHub (personal) github.com/tirthankardutta1983 Email hello@tirthankardutta.com