Nepalese start-up seeks to break into global cybersecurity market
Naresh Lamgade loved playing football during his school days. In 10th grade, he injured his leg while playing his favorite game and the doctor told him he couldn’t play football or participate in other physical sports for a year.
Effectively grounded, Lamgade turned to computers, one of the few things he had for entertainment. It didn’t take him long to get hooked; and from then on, he and his computer became inseparable.
“I love playing football,” Lamgade said. “After the injury I suffered in 10th grade, I moved away from football and became more attached to my computer. That’s when I found technology fascinating.
Lamgade was born and raised in Jhapa, in the southeast of Nepal. In 2011, he passed the 10th grade and completed the 11th and 12th grades in Gomendra Multiple Campus management in 2013.
His love for technology deepened over time. After completing his intermediate level, he came to Kathmandu and enrolled in the Bachelor of Computer Science at Islington College, which is affiliated with London Metropolitan University.
Right from his university studies, he started doing debugging work for various international organizations, finding and removing errors or bugs in computer systems.
He also got part-time jobs at eSewa, one of the most widely used digital wallets in Nepal, and at Kantipur Media Group as a security analyst.
After graduating with a bachelor’s degree in 2017, he founded Cynical Technology; and in March last year he launched Bugv.
“Both Cynical Technology and Bugv provide a cybersecurity service,” said Lamgade, 28. “But Bugv is more advanced. Bugv is a crowdsourced cybersecurity platform powered by human intelligence that connects businesses with ethical hackers and cybersecurity experts. We provide results-oriented service,” he said.
“Once a company builds a program on our test platform, we assign registered ethical hackers to our platform to find bugs and other security threats,” Lamgade said.
“However, unlike most other platforms, we only pay ethical hackers when they find a bug. This improves our service as our customers pay based on the number of bugs found.”
Bugv has gained more than 40 customers in a short time and more than 5,000 ethical hackers are registered on the platform, according to Lamgade. “We can provide our services to domestic and international clients,” he added.
Merojob, hamrobazar, edusanjal and gyapu were among its first users, according to Lamgade.
The 2020 Global Cybersecurity Index found that many countries were lagging behind in key areas such as cybersecurity skills training in micro, small and medium enterprises, and there were gaps in measures dedicated to filling cybersecurity gaps in finance, healthcare, energy and other key sectors.
Nepal ranked 94th out of 182 countries in the Global Cybersecurity Index 2020, according to the International Telecommunication Union, the United Nations’ specialized agency for information and communications technology.
ATM robberies resulting from compromised switching systems, SWIFT system hacking and individual data theft from online platforms like online shopping are the most notorious cases of data breaches in Nepal in the recent past.
As digitalization grows in Nepal, it is inevitable that the growing amounts of data in both public and private domains will come under threat, experts say.
The global cybersecurity market is expected to grow from $155.83 billion in 2022 to $376.32 billion by 2029, according to Fortune Business Insights.
Bugv recently won the best start-up award at the CNIYEF Nepal Start-Up Fest 2022 organized by the Confederation of Nepalese Industries Young Entrepreneurs Forum.
“The recognition we received for our work certainly made us happy and proud,” Lamgade said. “Winning the Best Startup award has given us even more motivation to contribute more to the cybersecurity field in the days to come.”
Bugv organizes live bug squashing programs with the aim of motivating ethical hackers.
In such programs, companies put their products on our platform and Bugv’s ethical hackers and bounty hunters hunt bugs. “Companies that are going to launch new products often contact us to organize such programs.”
Although bounty hunters in Nepal are paid very little compared to their counterparts in foreign countries, such programs encourage them to continue working in the field.
Lamgade, who has about 10 years of professional experience in cybersecurity, has received annual research grants of 1.5 million rupees from Google for the past two years.
We have approached government institutions to use Bugv, and so far the feedback has been positive.
“We have approached several government institutions to use our product,” Lamgade said. “One modality we’ve asked them to adopt is providing bounty hunters with a certificate instead of money for their work. While many may find the lack of monetary reward discouraging, others might find the certificate issued by the government recognizing that their work is worthwhile.In this case, I think it will be a win-win situation for ethical hackers and the government.
Despite this achievement, Lamgade believes that many people in Nepal are not so serious about cybersecurity. And those who find it important are hesitant to ask for the crowdsourcing service because it allows many people to participate.
“People are concerned about data security on platforms that operate through crowdsourcing,” Lamgade said.
He thinks Bugv has a great opportunity to break into the Asian cybersecurity market.
“There are only a handful of platforms like Bugv in Asia,” Lamgade said. “Secuna, a Philippines-based company, and BugBase, based in India, are among our toughest competitors in the region.”
Bugv currently employs 18 people. Lamgade said the plan for the coming days is to take the platform globally.
“We are currently hiring more staff and expect to attract international investors to launch Bugv globally in the coming days,” Lamgade said.