Cybersecurity, M&A, and the Evolving Cyber Battlefield with Aniket Bhardwaj of Charles River Associates 4-22-25 - Becker Private Equity & Business Podcast

Summary6 min read

Becker Private Equity & Business Podcast Summary

Episode: Cybersecurity, M&A, and the Evolving Cyber Battlefield with Aniket Bhardwaj of Charles River Associates
Host: Scott Becker
Guest: Aniket Bhardwaj, Vice President and Global Incident Response and Services Leader at Charles River Associates
Release Date: April 22, 2025

Introduction

In this enlightening episode of the Becker Private Equity & Business Podcast, host Scott Becker engages in a comprehensive discussion with Aniket Bhardwaj, a leading figure in cybersecurity and incident response at Charles River Associates. Aniket delves into the intricate relationship between cybersecurity, mergers and acquisitions (M&A), and the evolving landscape of cyber warfare, offering valuable insights for businesses navigating these complex domains.

Cybersecurity and the Nation-State Battlefield

Scott Becker initiates the conversation by addressing the rising significance of cybersecurity in the context of national security and commercial operations.

Aniket Bhardwaj emphasizes the centrality of cybersecurity in today’s digital age:

“Everything we value from financial systems, healthcare infrastructure, energy grids, to intellectual property, elections, or even personal identity now lives in or depends on the digital domain. And as that dependency grows, so does the attack surface.”
[04:19]

He further elaborates on cyber warfare’s role in reshaping geopolitics, highlighting how nation-states utilize cyber operations to gain strategic advantages without physical confrontation:

“The overall objective is to gain strategic advantage, all without crossing a physical barrier. So it's really like the low cost, high impact and often deniable.”
[05:44]

Aniket underscores that the future is not just digital but also contested, with cybersecurity at the heart of business continuity, national stability, and social trust.

Cybersecurity in Mergers and Acquisitions (M&A)

Transitioning to the M&A landscape, Scott Becker probes into how cybersecurity is influencing deal-making processes.

Aniket Bhardwaj responds by outlining key trends where cybersecurity serves as a deal driver rather than an afterthought:

Quantifying Cyber Risk: Private equity firms are increasingly assessing breach histories, legacy systems, and shadow IT to evaluate downstream exposures.
Post-Acquisition Readiness: Firms now demand comprehensive playbooks for securely onboarding new portfolio companies and preparing for incidents like ransomware attacks, especially in regulated industries such as healthcare and fintech.
Attack Surface Management: There is a heightened focus on understanding publicly exposed vulnerabilities before finalizing deals.

He asserts:

“Cyber diligence has become a competitive advantage, not just another compliance checkbox. That's a key element to understand.”
[08:10]

Aniket highlights that effective cyber diligence can influence valuations, warranties, and integration timelines, providing firms with leverage to negotiate and protect their investments effectively.

Navigating the Cyber Insurance Landscape

Scott Becker brings up the topic of cyber insurance, questioning its reliability in the event of serious cyber attacks.

Aniket Bhardwaj clarifies the evolving role of cyber insurance:

“Cyber insurance really steps in to help organizations recover financially and operationally when those threats become the reality.”
[08:37]

He outlines the critical components of cyber insurance, including:

Coverage Elements: Incident response costs, forensic investigations, legal counsel expenses, and regulatory fines.
Response Coordination: Access to a panel of experts such as forensic firms, breach coaches, and PR specialists, with insurers often orchestrating the response.
Risk Incentives: Premiums and coverage are increasingly tied to the strength of an organization’s cyber posture, promoting better security hygiene.

Aniket emphasizes that cyber insurance should reinforce cybersecurity measures, akin to how car insurance complements safe driving practices.

Trends in Incident Response

When discussing incident response (IR), Aniket Bhardwaj identifies several emerging trends:

Geopolitical Activity: Persistent cyber espionage and state-sponsored attacks targeting global organizations remain a primary concern.
Complexity of Attacks: Modern incidents involve multipronged strategies combining extortion, data theft, and supply chain compromises. For instance, threat actors now conduct targeted extortion without encryption, focusing on data exfiltration and subtle threats rather than blatant ransom demands:

“It's not about recovering systems anymore. It’s really about the brand, the trust, and the overall legal exposure.”
[14:27]
Legal and Regulatory Stakes: Increased collaboration between organizations and external entities like legal counsel, insurers, regulators, and law enforcement is crucial during incidents, with shrinking timelines and escalating expectations.
Identity as the New Perimeter: Compromises often begin with vulnerabilities in identity management, such as weak multi-factor authentication or over-privileged accounts, underscoring the importance of robust identity controls.

Aniket concludes that incident response has evolved from a technical process to a form of crisis leadership, with well-prepared organizations better equipped to handle high-stakes situations.

Ransomware and Extortion Dynamics

Scott Becker raises concerns about the efficacy of paying ransoms in ransomware attacks, questioning whether it deters future attacks.

Aniket Bhardwaj responds by cautioning against the reliability of ransom payments:

“Paying the ransom might stop the bleeding in the moment. But it doesn't mean that the threat is gone for good.”
[15:09]

He explains that attackers often return unless the underlying vulnerabilities are thoroughly addressed:

“If you don't change the locks, what stops them from coming back?”
[17:11]

Aniket emphasizes the necessity of not just recovering systems but also hardening defenses post-incident to prevent recurrence, advocating for comprehensive measures like network segmentation, visibility, threat hunting, and timely vulnerability remediation.

Client Engagements and Case Studies

Aniket Bhardwaj shares illustrative examples of Charles River Associates’ work with clients:

Global Manufacturing Company Ransomware Attack: Facilitated prioritization of system restoration, coordinated forensic and legal efforts, and managed executive communications and insurer reporting to help the business survive the crisis.
Private Equity Firm’s Portfolio Assessment: Identified weak identity controls and traces of past compromises in a potential acquisition, influencing valuation discussions and providing leverage to protect the investment.
North Korean IT Workers Incident: Assisted a US-based software company in containing threats posed by embedded remote contractors, coordinating with law enforcement, and managing regulatory fallout.

He encapsulates the firm’s role as controller in high-stakes moments, helping clients regain control when margins for error are minimal.

Future Focus and Innovations

Looking ahead, Aniket Bhardwaj outlines his key focus areas:

From Reactive to Proactive: Transitioning organizations to resilience through proactive risk identification, simulation-based training, and enhanced collaboration between legal, security, and business units.
Cyber Diligence in M&A: Embedding cyber risk assessment earlier in the deal lifecycle and maturing portfolio-wide risk oversight.
Intersection of Cyber Risk and Innovation: Exploring how cybersecurity influences investment decisions, insurance models, and national security policies.
Advising Startups: Participating in ransomware advisory boards and integrating context-rich risk signals into decision-making processes to preempt incidents.

Aniket’s vision centers on anticipating threats and ensuring clients remain one step ahead in the cybersecurity landscape.

Personal Insights and Recognition

Scott Becker inquires about Aniket’s academic background and recent recognitions.

Aniket Bhardwaj reflects on his journey, attributing much of his expertise to his education at Johns Hopkins University:

“The program was deeply interdisciplinary, combining technical depth with national security, regulatory strategy, and real-world risk management.”
[23:25]

He credits his academic foundation and industry experience for his leadership capabilities, enabling him to handle both technical investigations and executive-level decision-making during crises. Aniket expresses gratitude for being recognized as one of the top cybersecurity professionals, attributing this honor to his family, clients, and colleagues.

Conclusion

In this episode, Aniket Bhardwaj provides a nuanced exploration of the critical interplay between cybersecurity, M&A, and national security. His insights illuminate the evolving threats and the strategic measures organizations must adopt to navigate the digital battleground effectively. For leaders in private equity and business, Aniket’s expertise offers invaluable guidance in safeguarding investments and ensuring operational resilience in an increasingly contested digital frontier.

Notable Quotes:

“Cyber diligence has become a competitive advantage, not just another compliance checkbox.”
[08:10] - Aniket Bhardwaj
“It's not about recovering systems anymore. It’s really about the brand, the trust, and the overall legal exposure.”
[14:27] - Aniket Bhardwaj
“Paying the ransom might stop the bleeding in the moment. But it doesn't mean that the threat is gone for good.”
[15:09] - Aniket Bhardwaj

Host:
Scott Becker
Becker Private Equity & Business Podcast

Guest:
Aniket Bhardwaj
Vice President and Global Incident Response and Services Leader
Charles River Associates

Loading summary

Transcript22 lines

[00:00]
Scott Becker
This is Scott Becker with the Becker Private Equity and Business podcast. We're thrilled today to be joined by a brilliant leader. We're joined today by Aniket Bargewaj and Aniket is vice president and global incident response and Services leader at Charles River Associates. Charles River Associates is one of the most elite, incredibly bright, gifted consulting firms out there. We are so thrilled to have Aniket with us today. We're going to talk some today about cybersecurity in the context of M and A and a lot more. Anikit, can you take a moment and introduce yourself and tell the audience a little bit about what you do and about Charles River Associates?
[00:46]
Aniket Bargewaj
Absolutely. Thank you, Scott. So at Charles River Associates, I lead the incident response and cybersecurity services practice along with other vice presidents in our team. It's a critically important function where we help clients respond to and recover from some of the most high impact cyber events such as ransomware, data breaches, business email, compromise, you name it. We also work closely with external breach coaches in house counsel boards and cyber insurers. Underwriters claims to really help organizations navigate through chaos with clarity in the event of an incident. For instance, most recently we were dealing with a cyber incident involving a nation state threat actor targeting a critical infrastructure organization. The attack wasn't just about systems being down. It was more on the lines of potential geopolitical implications, regulatory notification obligations, and really securing evidence for law enforcement in particular. So in situations like that, you are not just really solving a technical problem, you are really helping the leadership teams manage risk at the highest level under immense pressure. On a personal note, aside from my family, which is obviously the most important part of my life, I'm someone who genuinely enjoys the intersection of problem solving and people. I really make it a point to prioritize my health and wellness because being present and ready both mentally and physically is key to showing up for clients when they need you the most. In the end, I'm there for my clients and my loved ones when they really need it the most. So yeah, thank you.
[02:34]
Scott Becker
No, and I love that the focus particularly on physical and mental health. And you need to take care of those things if you want to take care of everything else. I couldn't agree with that more. Before we get into the heart of the discussion, let's talk about nation state actors. You know, we talk so much in World War II about the Maginot line, about the need now to be able to build planes and ships and industrial manufacturing and that all I think is still going to remain important. But how much is cybersecurity and cyber warfare the future of everything? And how much, both from a commercial perspective and a national perspective, do we have to be so ready to, to protect ourselves and be redundant as well? What's the sense of, is this the next battlefield? That the cybersecurity nation state actors acting in that regard?
[03:31]
Aniket Bargewaj
Sure, yeah. I mean, it is really central to the whole cyber discussion in particular. I mean, not just part of the future, but really the battleground that's increasingly defining it really from a nation state perspective. Think about it like, you know, everything we value from financial systems, healthcare infrastructure, energy grids, to intellectual property, elections, or even personal identity now lives in or depends on the digital domain. And as that dependency grows, so does the attack surface. Cybersecurity, again, is no longer just about protecting data, for instance. It's really about protecting the trust and continuity and in many cases, national stability, for instance.
[04:20]
Scott Becker
No. And the ability to take care of business, because if you're down, you can take care of business, you can't take care of whatever your business is as well. So it's not just about protecting data, it's about just the core ability to operate, isn't it?
[04:32]
Aniket Bargewaj
There you go. You know, bringing back the business in particular and ensuring that your business operations are running Absolutely. You know, without being impacted, for instance. But again, at the same time, I also want to highlight, like really, you know, on the global stage, we are already seeing cyber warfare reshape the overall geopolitics. You know, we are seeing nation states using cyber operations to influence economies or disrupt critical infrastructure. We have had many cases of walled typhoon, salt typhoon, which is pretty much, you know, in the same spectrum. But again, the overall objective is to gain strategic advantage, all without crossing a physical barrier. So it's really like the low cost, high impact and often deniable. And that really makes it incredibly attractive and incredibly dangerous. So whether you are, you know, talking about the future of business or diplomacy or warfare or even social trust, you know, cybersecurity is right at the center of it. So from my perspective, the future isn't just digital, it's really contested. And those who can secure it are going to shape it.
[05:44]
Scott Becker
Thank you. And you do a ton of work in sort of the mergers and acquisitions ecosystem, a lot with various private equity firms and funds. What are some of the key trends you're watching as people look at cybersecurity in the context of mergers and acquisitions?
[06:02]
Aniket Bargewaj
Absolutely. Great question. So one of the biggest trends we are seeing is that cyber security is no longer an afterthought in M and A, it's becoming a deal driver. So PE or private equity firms are getting more sophisticated about quantifying cyber risk. Before the deal closes, they want to know, is there a breach history, are there legacy systems or shadow IT that could create downstream exposure? And most importantly, how much will it cost and how long will it take to bring the target company up to the acquirer's security standards? Another trend is around post acquisition readiness. So for instance, PE firms are starting to ask for playbooks such as how do we onboard a new portfolio company securely? How do we prepare for ransomware incidents or regulatory scrutiny, especially if the target is in a highly regulated space, again like healthcare or fintech or biotech. We are also seeing more interest in attack surface management as part of the overall due diligence. Really, firms want to understand, for example, like what's publicly exposed before they even inherit the risk. Now when it comes to cyber risk, it's now firmly a business risk. And then in the context of M and A or M and A ecosystem, it's really affecting valuations, warranties and integration timelines. The smartest firms are using it as leverage really, both to negotiate and to protect their investment post close. But again, really, at the end of the day, cyber diligence has become a competitive advantage, not just another compliance checkbox. That's a key element to understand. Now the firms that get it right don't just avoid the downside. They really, you know, move faster, pay smarter and sleep better at night.
[08:10]
Scott Becker
And take a moment, you mentioned a moment ago, insurance. I think there's, there's this perspective in business that the cyber insurance, you need to have it for various different reasons. But if you actually have a real serious cyber attack, it may or may not pay. What's your sense of the cyber insurance world and do you help people navigate through that? Companies navigate through the cyber insurance world.
[08:37]
Aniket Bargewaj
So with the respect of cyber insurance, it's becoming increasingly important. We are hearing more and more organizations really ensuring that insurance needs to be in place. Now, with respect to insurance in general, it's definitely about transferring risk is what we have historically heard. But again, no matter how strong your defenses are, no organization is immune to cyber threats either. So whether again it's ransomware or data theft or any regulatory fallout, I mean, insurance or cyber insurance really steps in to help organizations recover financially and operationally when those threats become the reality. So how it typically works, I mean, there are various elements to keep in mind. You know, there is the coverage element, you Know, does the cyber insurance policy cover things like incident response costs, forensic investigations, you know, costs of engaging a legal counsel, again, ensuring that regulatory fines, you know, there are too many coverage elements that we need to really keep in mind. Then they really help in the element of response coordination. So most insurance policies, they really give you access to a panel of experts, for instance, like forensic firms that they have on panel, breach coaches, PR specialists. So again, you're not alone in the whole crisis situation. In fact, it's often the insurer who activates and coordinates the whole response, which is the whole beauty of it. Then you also have risk incentives like in my opinion, many insurers are now like tying premiums and coverage to the strength of your cyber posture. So better controls, better coverage, better hygiene, you know, obviously you'll pay more if none of that is effective. And then obviously at some point may even become uninsurable if the ultimate hygiene of your IT environment is not looking good. Now, beyond the money aspect, you know, what people often miss is that it's not just about the payout, it's about readiness. And from our perspective, the best carriers and brokers work with clients to run simulations or improve their IT and security controls and really reduce the risk before anything happens. So yes, from my perspective, you absolutely need it. Not because it replaces cybersecurity, but because it really reinforces it. So just like you wouldn't drive without car insurance, you shouldn't run a digital business without cyber coverage.
[11:06]
Scott Becker
Thank you very, very much. And talk about trends in incident response. I mean, I know prior to an incident people do tabletop exercises, all kinds of things to figure out how they're going to deal with things when an incident happens. But talk about trends that you're watching, an incident response, what are you seeing there?
[11:24]
Aniket Bargewaj
So incident response trends, definitely a growing economy at scale with respect to multiple incidents that are really being impacted. So from our perspective, the key trends that we really observe are really in the space of geopolitical activity. As I briefly mentioned, the whole cyber espionage efforts or state actors continuously targeting the overall organizations across the globe, which continues to be the key element. You know, when we, when we are seeing different threat actors operating, we are also seeing a noticeable shift in both the frequency and really the complexity of incidents. So again, it's no longer just about ransomware. You are really talking about multipronged attacks that blend extortion, data theft and supply chain compromise all in one hit. So threat actors are really more calculated. They're spending weeks inside networks and learning about different business models or let's say understanding vendor relationships and then really striking with different surgical procedures. For instance, one major trend maybe I should talk about is the rise in targeted extortion without encryption in ransomware events. So in these cases, threat actors slightly exfiltrated sensitive data and skip the whole encryption phase. So no splashy ransom notes. Not that it happens a lot, but still just a quiet threat to publish unless paid. And that really changes how executives think about visibility and response because it's not about recovering systems anymore. It's really about the brand, the trust, and the overall legal exposure. The other trend maybe I should also cover is around the legal and regulatory stakes. They are again getting higher and higher. So every response is now a coordinated play involving outside counsel, insurance, privacy regulators, and really the law enforcement agencies. Their involvement is key to the whole response process. But ultimately the timelines are shrinking and at the same time, expectations are growing. And one more I should maybe highlight is the overall identity, which is again becoming the new perimeter. So we are seeing compromise after compromise that starts with meek multi factor authentication or stale administrative accounts or over privileged service accounts or identities. So again, it's not flashy, but that's where the real risk lives. So we used to really think of incident response as a fire drill. Now it's more like crisis leadership. And companies that do, well, they're the ones who already rehearsed the play. And maybe I'll just say this in the end, you know, the most prepared clients are rarely the ones calling us for the first time.
[14:28]
Scott Becker
I bet that's right. I mean, clients have spent a lot of time in this up front, probably also have better defenses and they know you well and they're in a better spot when something happens. Talk for a moment about this. When somebody pays for extortion or pays for ransomware, they pay these, these, these amounts to stop the extortion or live with the extortion or stop the ransomware. How often does the same actor come back against that customer or that client or company so that it, you know, or what's, how do you stop when you've paid ransomware or paid extortion payment? Having them not come right back at you and doing it again. How does, how does that, what do you see there? How does that happen?
[15:10]
Aniket Bargewaj
Yes, I mean, I think now you're getting in one of the most uncomfortable troops of ransomware. Paying the ransom, again doesn't guarantee closure. So really, I mean, I think we could spend hours and hours discussing this, but from my perspective, paying the ransom might stop the bleeding in the moment. But it doesn't mean that the tractor is gone for good. In fact, we have seen multiple cases where the same group or ransomware affiliate returns within months, sometimes even weeks. Either because the organization didn't fully close the back door, or worse because word got out that they were willing to pay. Think of it like this. If a burglar breaks into your house and you quietly pay them to leave, but you don't change the locks, what stops them from coming back? Now, sometimes it's not even the same group. The data from the first breach might be resold on underground forums and a second group sees you as an easy target. Now, in the event of cyber, sort of like underground, for instance, a willing pair becomes a high value lead. So that's why a critical part of any ransomware response isn't just recovery, it's hardening, making sure you have a solid IT security, hygiene. You have full understanding of your digital ecosystem, full understanding of how many assets you have in the environment. Are they patched, are they vulnerable? Are you taking enough steps in a timely manner so that threat actors don't end up exploiting those vulnerabilities. Really identify clean up network segmentation, visibility, threat hunting to really ensure that you are ahead of the game before a threat actor successfully infiltrates your environment. So all of that needs to happen quickly after the whole containment because if it doesn't, you're not just closing out an incident, you're opening the door to the SQL.
[17:11]
Scott Becker
Exactly. That makes sense. So you have to incident response. If you are going to pay ransomware that doesn't do you any good. It might stop the beating for the moment, but you better fix the problem or you're going to be right back at it, maybe with that same threat actor. And I take it these, these extortionist, these ransomware people, it's not like the mafia where you could trust them, you know that they, you could trust their word. I take it that's the last thing you could do with criminal activity and criminal gangs is to trust that they're not going to come at you again. Because quite frankly, once you pay, they're going to do so again. There's not a code that says, okay, you've paid us, we're not coming after you again. I take it it doesn't. That's not the world we live in. Let me ask you another question. You know etique, how do you work with clients? How does and maybe give us a couple examples of what you've looked so you don't have to Mention specific names. But. But how does Charles river in your group. Amazing, fascinating work with clients and maybe some examples.
[18:03]
Aniket Bargewaj
Absolutely. So at Charles River Associates, within the incident response practice, we work with clients across the full spectrum of cyber events, from urgent breach response to proactive resilience planning. A big part of our work is helping organizations navigate the technical, the legal and business dimensions of an incident, all in real time. So we are not just fixing systems, we are helping leaders make high impact decisions under pressure. So let me share a few examples. In one case, a global manufacturing company was hit by ransomware that crippled their operations across three continents. Every hour offline was costing millions. Our team helped prioritize system restoration, coordinated with the forensics and legal teams, and supported the overall executive communications and even the insurer reporting. So once again, we weren't just restoring it, we were helping the business survive the whole critical moment. In another matter, we worked with a private equity firm assessing a potential portfolio company. Everything looked fine on the surface, but our review uncovered weak identity controls, shadow it, and traces of past compromise. That was a big one. That really changed the entire valuation discussion and gave the acquirer critical leverage to really protect their investment. And then there was a sensitive case involving suspected ties to North Korean IT workers posing as remote contractors. They essentially had quietly embedded themselves inside a US based software company's development pipeline. So from the overall investigation, the risk wasn't just critical, it was legal, reputational, even geopolitical. For instance, our team guided the client through threat containment. We also coordinated with the law enforcement agencies and ultimately helped manage the overall regulatory fallout as well. So whether it's again recovering from a breach, supporting a transaction, or navigating complex risks within the nation state activity, our team really built to step in when clarity really mattered the most. In the end, our job is to help clients take back control when the stakes are high and the margin for error is very small.
[20:39]
Scott Becker
Thank you. And fascinating. What a fascinating set of examples. What a crisis situation that you live in that must be stressful. And thank God you take care of your physical and mental health. That's got to be stressful. And a client has this emergency and calls you folks to be ready to respond in a calm, thoughtful way and not have your stress go through the roof. Fascinating talk for a second about what are you most focused on and excited about this year? When you look at this year, in the next several months, what are you most focused on and excited about?
[21:10]
Aniket Bargewaj
Absolutely, absolutely. So this year I'm most focused on really helping organizations move from reactive to more resilient proactive. We have really spent the past few years responding to some of the most complex cyber incidents globally. Now the question is how do we take those hard earned lessons and turn them into muscle memory for the future? So at Child Silver Associates, we're building new playbooks proactively that really go beyond traditional incident response, focusing on proactive risk identification, simulation based training, and tighter collaboration between legal security and the business. I'm also working closely with clients in the M and A and private equity space to really embed cyber diligence earlier in the deal life cycle and to then help firms mature their portfolio wide risk oversight. So on a personal level, I'm also excited about the intersection of cyber risk and innovation, especially the role cyber plays in shaping investment decisions, insurance models and national security policy. I'm also advising emerging startups, really sitting on the ransomware advisory board and exploring new ways to bring context rich risk signals into the overall decision making before an incident ever occurs. So whether it's helping a company prepare for tomorrow or investing in the next generation of solutions this year, for me it's all about being one step ahead.
[22:56]
Scott Becker
And that's gotta be just critical for clients to be one step ahead. I'm gonna ask you about a couple other things. You did a master's at Hopkins, Johns Hopkins. Talk about Johns Hopkins a little bit. One of the great institutions in the world. Your thoughts on that? And then second, you were also honored recently and for several years in a row is one of the top cybersecurity professionals in the world. Talk a little bit about that. Is that meaningful to you? How does that feel to be recognized like that and talk about the Johns Hopkins experience being on mind?
[23:25]
Aniket Bargewaj
Absolutely, absolutely. So maybe I'll cover the Johns Hopkins part. I think that was a big turning factor in overall. So my overall journey into Cybersecurity started roughly 20 years ago. During my undergraduate degree in computer science back in India. I got deeply interested in how systems authenticate users, especially the mechanics behind Windows authentication in general, and really started playing around with intrusion detection systems before it was mainstream. That early curiosity about how things break and how we can build smarter defenses was the spark for me. Fast forward a few years and doing my Master's at Johns Hopkins back in Baltimore really helped sharpen the passion and ultimately expand my thinking also. At the same time, the program was deeply interdisciplinary as well, really combining technical depth with national security, regulatory strategy and real world risk management. What stood out most was that many of the professors were active practitioners, people who were shaping government policy or running security programs at major organizations or even responding to global incidents in real time. That really helped to gather that experience from people who I studied with back in the days. So yeah, it gave me a much broader lens, not just how to defend systems, but also how to advise executives or guide legal response or connect security to the bigger picture of business and policy. But that academic foundation really combined with almost two decades in the industry and consulting has shaped the way I lead today. So from hands on technical investigations to advising boardrooms during crises, every step has built on that original spark from my undergrad days. So for me it has come full circle. What started as fascination with how things work and how they break has become a purpose driven career and really helping others navigate complexity with confidence. So this all was the whole baseline with respect to how I again got nominated for top cybersecurity consulting leaders for two, three years in a row. So that is definitely a big achievement. And really I thank my family, I thank my clients for believing in me and really taking that feedback to the global agencies with that respect to them really position me as one of the key leaders in the industry with other fellow people across.
[26:18]
Scott Becker
Thank you very much. Again, we're visiting today with Aniket Barzwaj, who helps head up global security, cybersecurity and incident response at Charles River Associates. He's ranked constantly as one of the top cybersecurity professionals in the world. Tremendous career and I've got a daughter going to Johns Hopkins. I'm a huge fan of Johns Hopkins. Aniket, I can't thank you enough for joining us today on the Becker Private Equity and Business podcast. We're honored to have you on. Thank you very much for joining us.
[26:47]
Aniket Bargewaj
Thank you for your time, Scott. Really appreciate it.