Life post-breach: How Prasad Tharippala left a security incident with a unscathed career

It’s safe to say that Prasad Tharippala, Asia–Pacific field CISO at Versa Networks, is no stranger to security incidents, having made it through a breach and the aftermath with his career intact.

From 2017 to 2020, Tharippala ran his own cybersecurity company, helping clients navigate cyberattacks. He recalled one early case in which one of the largest textile firms in India had been attacked.

“I went there, and then I took charge of the situation where the company is being completely ransomed,” Tharippala said, adding that he helped operations resume within one and a half days.

Gather around, it’s storytime. We caught up with Tharippala to talk about when, as a CISO, he helped a global company thwart a third-party breach. (One in three breaches in 2025 involved a third party, according to a recent Verizon report.)

“One of the companies who was serving almost 50 countries got breached,” Tharippala said. “And we were using their services, and eventually some of our data also went through them, which went to [the] actor’s hand.”

By posing as a buyer, Tharippala said he was able to communicate with a threat actor selling some of the retrieved data on Telegram. During that interaction, Tharippala convinced the actor to call his bluff and reveal if he actually had access to the vendor’s control panel dashboard.

“At one of the conversations, he started showing me the dashboard of that particular company,” Tharippala said. “And that is where we finally concluded, ‘Okay, this is the point where the data is getting leaked.’”

Into the thick of it. After that confirmation, Tharippala updated his leadership team and got to work on incident response.

“Whenever there is a breach in an organization, the first motive would be to contain it and address it, and then make sure that the right level of controls are placed as a guard,” Tharippala said. “Then come to the next level: keep the business alive.”

Tharippala believes the company’s sales team helped him to “drive conversations from the sales side,” and have the “right conversations” with customers about the incident. Tharippala’s background as an ethical hacker, he added, gave him the appropriate technical knowledge to communicate.

“I could explain the whole thing, which could bring confidence into the customer,” Tharippala said.

Getting things back to normal. Tharippala said the incident gave him a busy month of meetings and investigations. Fortunately, the company was able to navigate the incident without any major media coverage.

A security incident can even make or break a CISO’s career, depending on the severity of the event, how an individual’s company represented them to the public, and one’s own resilience, according to Olivia Rose, CISO and founder of Rose CISO Group boutique consultancy firm.

“I have seen many CISOs bounce back…However, there are CISOs that do have a mark against their name,” Rose said. A 2025 Sophos report found that about one-quarter of leadership teams were replaced following a security incident.

Following the security incident, Tharippala never felt “scapegoated” in the industry. “If you have to cover up things, that is when you end up in trouble,” he said. “Luckily, in my career, I never had to cover up things. So, that is good news.”

Tharippala believes the event even helped him to become a stronger security professional, with a new viewpoint that allowed him to “really evaluate every step” of security implementation in the companies he worked for.

Today, at Versa, Tharippala helps to bolster the internal security posture while also helping customers integrate security solutions in the “right fashion.”

“My journey has been good,” Tharippala said. “So, all these experiences have been really flourishing, and my overall career as well.”

He advises other CISOs who are currently going through a security incident to maintain a balance with other C-suite professionals on the team, and to make sure they have a good understanding of their company’s customer base, product offering, and technical landscape: “I would expect as a CISO to have complete knowledge about basic vulnerabilities and the ethical hacking scene.”

Are you an IT pro who has served as CISO at a company during a security incident? Email [email protected] or ask Brianna for her Signal.