TAC Infosec CEO On The Post-Listing Acquisition Playbook, AI Opportunity

Amid the IPO frenzy of new-age tech stocks this year, none has emerged as successful as TAC Infosec. The NSE Emerge-listed cybersecurity firm’s stock has rallied over 2X since its listing. The stock is currently trading X.

Founded in 2016, TAC is one of the early innovators of cyber scoring. Its first product was launched in 2018 to help chief information security officers and CEOs of companies quantify and understand the risk of cyber threats. The company offers risk-based vulnerability management and assessment solutions and other SaaS cybersecurity solutions to enterprises and small businesses.

At the time of its incorporation, the company raised a small seed amount from ace investor Vijay Kedia. Since then, TAC has refrained from raising any external funding, all while maintaining strong cash flow and remaining profitable.

TAC’s client base includes names like the National Payments Corporation of India (NPCI), for whom it conducts end-to-end security assessments for the UPI, as well as both the Bombay Stock Exchange and the National Stock Exchange. Globally, it serves giants like Microsoft, Salesforce, Freshworks, Autodesk, BlackBerry, Nissan Motor, Toshiba, and HP.

Before the IPO, the company’s customer base stood at 100 clients, which has doubled since its listing. In Q1 FY25, TAC reported a 93.8% increase in revenue to INR 5.1 Cr from INR 2.6 Cr in the April quarter (Q4 FY24). Its net profit also surged 94.4% sequentially to INR 2.3 Cr in Q1.

Following its success in the public markets, TAC has made strategic acquisitions to broaden its presence . Recently, TAC Infosec acquired US-based cybersecurity firm CyberSandia for $25,000 to strengthen its presence in the region and expand its global footprint. In addition, it acquired WOS — a wholly owned subsidiary of TAC Cyber Security Consultancy LLC in the UAE to cater to the growing demand for cybersecurity services in the GCC region.

Amid the wave of expansion and tailwinds of growth, Inc42 spoke with TAC’s founder and CEO Trishneet Arora on an array of topics, including AI, M&As and the company’s next growth lap.

Here are the edited excerpts:

Inc42: TAC Infosec’s shares have more than doubled since its listing. Did you expect such a strong response from investors?

Trishneet Arora: To be honest, I was surprised to see the investor interest during our IPO. Against more than 18 Lakh shares on offer, we received bids amounting to approximately $1 Bn, and it felt like a dream.

Now that the dream has come true, we feel that we are under a huge responsibility, we are working towards making that $1 Bn turn into a reality.

I don’t focus much on the share price jump, but whatever we have delivered since the IPO has helped gain more interest confidence.

Post the IPO, we gained 100 customers in just a month versus 100 customers in 10 years, and this is a significant value leap.

Inc42: Why did you choose to list on NSE Emerge instead of the mainboard listing?

Trishneet Arora: First of all, we wanted to set an example within the industry and we did, as we are the first pure-play cybersecurity company to go public in India. There are a lot of companies that went public before us, but some of them have either been acquired or shut down.

Listing on the Emerge platform felt like the right step for a startup like us. Despite several leeways, we follow the mainboard practices. For instance, since we’re listed on the Emerge platform, we aren’t required to disclose quarterly results, yet we’ve done so.

Moreover, we are in the business of trust. As a listed firm, there is more trust from all our customers, partners, and even employees. In addition, if you look historically, the success of Emerge is higher compared to the mainboard. Having said that, TAC’s ultimate goal is to list on the Nasdaq one day.

Inc42: How has going public changed the startup’s market position, especially among your potential clients?

Trishneet Arora: I think there is a change. For example, we are doing a vendor risk management project for SAP, which takes at least six to eight months to onboard a new vendor.

Now, we are able to achieve this in just one month. The same is the case with companies like HP and Microsoft. Being a listed company has helped us manage our bigger clients in a better way.

Inc42: You have done back-to-back acquisitions recently. Tell us more about them. Also, are you taking the M&A route to grow the business?

Trishneet Arora: Our mission is to onboard 10,000 customers by March 2026. We aim to achieve this by helping companies of all sizes manage cyber risks through a single platform. If anything is aligned with our vision, we will be happy to explore it.

For instance, New Mexico-based CyberSandia has been our partner for the last one year. To work in the state of New Mexico, you have to agree with the state government on a statewide basis. CyberSandia was onboarded by the state government there. The firm can work with the state government on cyber security projects, which is a good market size. Therefore, we explored an M&A opportunity.

Though TAC Security had a presence in the country, we could not work directly with the state government there. By acquiring CyberSandia, we can directly work with the state government.

These are strategic decisions that we will take in the future, too, wherein if something adds value from a business, technology, or location point of view, we will be happy to explore.

For context, we don’t have a presence in the UK currently. If some acquisition scope comes up tomorrow in the UK, we will explore it.

Inc42: Do you have any set targets for future acquisitions?

Trishneet Arora: There are no numbers per se, but we have goals within the organisation. However, we are currently in talks with more than five to six companies. Two of these companies are in India and one is in the UK.

Inc42: How are you planning to fund these acquisitions?

Trishneet Arora: We aim to fund acquisitions through cash flow rather than raising funds. We’re also open to exploring external funding if an opportunity aligns with our vision.

Inc42: Does the increased usage of AI pose a threat to cybersecurity?

Trishneet Arora: AI has definitely raised the threat. For instance, with tools like OpenAI, anyone can build exploits and penetrate someone’s network.

However, on the flip side, we can also utilise AI to mitigate all such risks and threats. We can fight with those vectors through AI itself. I believe that if an organisation is not using AI, it will not remain in the business in the next two to three years. The same applies to us. We have to use AI. Everybody has to use AI.

AI has become a hot topic of conversation today. We have been using our algorithm on the back end with machine learning and AI since 2018.

Inc42: Which is your biggest market right now?

Trishneet Arora: Larger revenue and customer domination come from the US. More than 50% of our customers are in the US and the remaining are from other parts of the world. Today, we have a customer base in over 60 countries, including Japan, Canada, Israel, China, Singapore, and the UK.

In revenue terms, 70-75% comes from the US and 25% comes from our parent company in India. Now we have four subsidiaries, one of them we just started in the UAE. Also, there is one more company we acquired in the US. If we work with any of the customers outside India, we prefer to work through our US entity.

Inc42: What’s your next big goal?

Trishneet Arora: Our goal is to become the largest vulnerability management company in the next two years, and we are on track.

While we are also looking to add 3,000 customers by March 2025, we will add 10,000 customers by March 2026. I’m happy to say that within six months, we have already added more than 1,300 new clients.

[Edited By Shishir Parasher]

The post appeared first on .