Anyone having experiences with computers back in the late 90s and 2000s in Bangladesh would remember the slew of problems that accompanied the nascent stage of computer security at that time. Licensed software itself was not a ready option those days, and security software more particularly was not an easily available or budget friendly option as well.
The man who changed the perspectives of the licensed software market in Bangladesh is Prabeer Sarkar. His company, Officextracts revolutionized the endpoint security solution market by making available Bangladeshi users the opportunity to get and buy security software at a completely locally compatible price. He brought licensed software to the mass in Bangladesh.
He pioneered a new market with endpoint security software, paving the road for other software to follow. The way he did that will remain a story of not just success, but a precedence for what can be done when someone has the passion to chase a vision. Prabeer Sarkar sat with Fintech at his cozy office room in DOHS, Mohakhali, to talk about the intriguing story of how he worked out Kaspersky Lab in the Bangladesh market.
Packed with interesting information and insights about the IT industry, the interview became even more stimulating because of Mr. Sarkar’s flare for storytelling and his self-deprecating humor. “You just can’t ever get me looking good, you will need Photoshop” he guffawed out to our camera crew. For someone dealing with serious matters like cyber security, Prabeer Sarkar is refreshingly high spirited.
The man has a remarkable flare for marketing and has a golden hand in establishing brands in the local market. He is known for Kaspersky Lab, but probably few know that he is behind the popular firewall brand Barracuda Networks. And shockingly even for us, we discovered him to be the owner of Preetom. Well, if you are into burgers you could not have possibly missed that. Preetom is raving in the fast food market in Dhaka. A very successful name. “Staying alive between IT and Roti”, exclaimed Prabeer Sarkar. Energy and confidence radiating in his eyes. For Kaspersky Lab he is also the distributor for Bhutan and he developed the market in Myanmar over two years before the country got reallocated to South East Asia region under APAC business territorial identifications.
Engaging, eloquent and funny, Prabeer Sarkar has a different thinking process. His observations and understanding are unorthodox. He has the experience and is confident. He talked about the start of his company, his struggles, how Officextracts went on to become two times award winning distributor of Kaspersky Lab in the APAC region, his understanding of the state of cybersecurity, and a lot more. Here is the full interview for Fintech readers.
FiNTECH: Your primary identity is of a software industry professional and entrepreneur. But you are known for your remarkable achievements in marketing and branding. We want to understand this a little later, but first, could you start by telling us about your success in the local software industry? What happened with Kaspersky? What did you do right?
PS: First, I did nothing special. Nor do I see any achievements. I guess I did what was required at that moment. Anyone could have done that.
I started business in 1994. Around 2006/07, I was a system integrator. Already a decade into IT business in the local market. The first wave of hardware selling business was, more-or-less, over and even the system integration business was fading out. An unhealthy battle of price reductions in a so called local competitive market was eating away survival margins. Situations were getting desperate and I was intensely searching for a safety zone. I understood only one business – IT. And I was looking only around IT. It was becoming hopeless till one day I observed something annoying. We had quite a few maintenance contracts at that time. The PCs and systems were constantly demanding a lot of support services. It was getting hectic supporting the customers. So, I wanted to get to the root of the issue and resolve the situation. I discovered that nearly 70% of the support calls were related to virus issues. I also found that customers were using pirated or free versions of antivirus software which was not helping at all. And it was simply impossible to buy licensed security software in the market. Even if someone was to buy, the prices were beyond expectations. The same was applicable to any licensed software those days. Not available and beyond the reach of buying capacity.
That was it. I found my ‘Blue Ocean’ the day I realized that the IT industry had a demand for licensed security software. And it was one empty space. I had found my market within the saturated market. Some say I gambled. I did not. It was a market analysis. And what followed was a calculated business step. Those days Bangladesh was marked for 92% piracy in software. No. 1 in Asia. No. 2 in the world. There used to be seminars and sessions on piracy in Bangladesh. A lot of beating around the
bush. Accusations and threats. But no solutions. When I started to scout around for distribution of security software for Bangladesh in 2006, no established brand agreed. I started bringing in small quantities of various software and selling in the market. The experience helped. But I never gave up pursuing for distribution rights. Finally, in 2007 I came across Kaspersky Lab and that changed everything for me. They listened to me and teamed up to materialize a market the way I had felt and planned. I launched Kaspersky Lab in Bangladesh in 2008. The first official and properly planned distribution system for an internationally acclaimed endpoint security software in Bangladesh. The first door to open for licensed software for the mass people of Bangladesh. The first revelation in the local market that software is for the mass to use and not a niche.
What went right? I guess between Kaspersky Lab and me everything was planned right. From how we branded and campaigned to the mass in Bangla for a software, to the pricing, highly acceptable in terms of the local economy, right up to providing the first coordinated local tech support system in local language, moving on to creating a strong reseller channel throughout the entire country. We made it available to everyone. We made it affordable. And we provided technical support. On top, we made it known to all. I will always be indebted to Kaspersky Lab for supporting me and making this happen. Together, we created a new market.
Then there is also a little pride for me in all of this. Not because of a successful and fruitful marketing strategy, but because of what I was able to extract out of the whole process. The people of this nation are not compulsive software pirates. Give the price they could afford; the IT users of Bangladesh are willing to buy licensed software. People have laughed when I first went out to try and sell licensed software in this market. Everyone thought it won’t sell. Let me be very clear, out of the many challenges in establishing Kaspersky Lab in Bangladesh, at least piracy was never one. My challenge was more to convince my industry colleagues that people would buy licensed software.
FiNTECH: You are an accomplished market strategist. On one hand, you lead Kaspersky Lab and Barracuda Networks, two powerful brands in the local cybersecurity market. On the other you lead the distribution business for Kaspersky in Bhutan. You developed the market for them in Myanmar to a point. And then you diversified and you established your own brand of a burger in the Dhaka market which has been an instant hit. How do you do it? What is your take on a business in Bangladesh.? Is it common sense, luck or analysis of the market?
PS: Take on business? It’s like mathematics. And I would not sprinkle luck over it.
I see business as an understanding of a demand or the possibility of creating one in the market with customers, fulfilling it by placement of a quality product or service delivered at the right pricing, smooth logistics, professional after sales services, and all that covered in proper branding. Mix the elements with passion and there should be a successful venture. Add vision and adaptability for long term sustainability. Of course it requires common sense and a lot of analysis. We are talking about business. Not a gamble. So, luck is not a variable in the combination.
I see branding as a prelude to a successful marketing process. It’s about catering the right content with simple messages totally focused on the product to the focused customer group. The choice of media is always important. Not all campaigns run well on any media. Local language is vital in Bangladesh for branding.
One more important thing is honesty. Only an honest business sustains. I will not bore anyone with examples but I am sure everyone understands that. A customer will choose an honest business anyday over even the most currently hyped one.
I find that business in Bangladesh is very much traditional which makes it a highly potential market for business. Whether old or new. The style. The norm. This market can be re-explored and re-launched. I believe I can take a tea stall in this country. Re-launch it all over again and make it a successful business. The same applies for the service sector. Nearly a virgin territory. The opportunities, scopes of innovation are immense. Our society has changed. The people have changed. The internet has changed us a lot. Our exposures have been wider in the meantime. The demand has been created for a little bit more. I see too many opportunities and space for aspiring entrepreneurs to redo a business in Bangladesh. Pick a business. Any that you see around you. Rethink. Redesign. Give it a new feel. Give better services. Make it clean. Make it better. Promote it. There is a business there. Or come up with a service business plan. Be innovative. Deliver what you promise. Call it a startup or a revival. Doesn’t matter. Come forward for a change. A new presentation. This generation has so much scope.
FiNTECH: You give a lot of emphasis on local support. Why?
PS: To provide longevity and sustainability to my business. Local support on a product or service to me is a primary business commitment and its fulfillment ensures not only the growth of the business, but stability as well. My areas of business– IT and even the fast food outlet, both demand services. For example – how comfortable will a customer feel taking technical support on a software from a country in a different time zone and in English which could be poor in either the case of the customer or the support provider? It does not work. The customers lose faith in the product or service even though they need it. I provided local support for my products and services in Bangla. My team is trained and certified. It needs investment and time. But is a pay off in the credibility of the business.
FiNTECH: You started talking about cybersecurity quite early. You had to overcome the challenges in establishing a market for that. But in the period, you have also evolved into a cybersecurity solution provider. How do you summarize this?
PS: It’s not only me evolving over time. Cybercrime has evolved into a more dangerous phenomenon. Security product selling companies have evolved into solution technology providers. The customers’ demand for security platforms have evolved. The change has been everywhere and I adapted accordingly. Maybe I was one of the very first to start talking and working on the local cyber security market. Next year would be a decade for Kaspersky Lab in Bangladesh. That has given me an advantage. I could grow with the happenings, experience and knowledge. The early market positioning challenges were over and I could focus on the shift. The time in between also helped in creating the awareness required in this field.
Even before you ask, let me say that we are already in plans for introducing more solutions and services in cyber security for the local market. We are also planning to have a professional managed service center and training facilities for cybersecurity in the local market. This is technology. And we never run out of the future.
FiNTECH: Three keywords – cybercrime, cybersecurity, Bangladesh. What do you say?
PS: I say it is huge topic (smiling).But, being asked, let’s try to narrow it down to an understandable point.
Cybercrime is a global concern and a core fact of everyday life. It is evolving very fast and becoming more and more dangerous. It concerns the individual, society, politics, business, terrorism, industrial facilities and national security. The wars of the future will be on cyber fields. We are getting technologically advanced every day. IoT is about to boom. Everything is connected and on the Internet. There is nothing that cannot be hacked. We are facing criminals on a much larger and intelligent scale on the cyber space compared to the physical world. The threat is real. And I believe that people are now in general hearing of cybercrime incidences.
Cybersecurity is the response to cybercrime. Take 3 most important topics of discussion globally. One will be common. Cybersecurity. In the recent years, this is one of the prime concerns of humanity. Unfortunately, as I would state, this topic is addressed and explained by either technical people or technology companies. And that is where it gets complicated. The everyday technology users don’t understand the technical language coming from technical people. It becomes voluntarily or involuntarily a scareware and people tend to avoid understanding it. This is my main concern. The issue of cybersecurity should not be used as a scareware. It kills the opportunity for cybersecurity itself.
There is cybersecurity for the security professionals and cybersecurity for the everyday technology users. For the professionals, it is a technical world of solutions and trainings and policy implementations. But for the everyday IT users it is all about IT hygiene. 80% of the cybercrime incidences are initiated by human factors, intentional or unintentional. IT security in general is about precautions and nurturing safe computing practices. It is very much comparable to diseases in the real world. Say we compare Chikungunya to WannaCry. Our prime response is to try and prevent both. Only that the hygiene practices are different. But not obscure.
The foremost element of cybersecurity is awareness. Awareness of prevention. And prevention is better than cure.
Putting cybercrime and cybersecurity in context to Bangladesh is very much relevant. Look at the statistics. In 2016 we experienced the Bangladesh Bank heist, various incidences of ATM scams, a survey report suggesting 50% of the children in this country are victims of cyber bullying, antisocial groups using the propaganda machine on social media, spread of terrorism and radicalism on the social media and many more. In 2017, in the first half of the year we faced Ransomware attacks like WannaCry and Petya. Kaspersky Lab quarter 1, 2017 reports marks Bangladesh as number 2 in the world with highest number of malware infections on android devices; number 8 in the world with probabilities of online attacks and number 14th in local malware infection. Bangladesh is moving into the digital space. It is a government initiative. We have a nuclear power plant coming up, the new transport sector will be an automated one, mobile banking transactions are reaching new heights. Banks are getting online. Utility services are getting online. A lot of digital inclusion. And the threat is hovering around us.
We are vulnerable. Best in our interest that we acknowledge this fact. And this vulnerability is continuous. Drives and concern for security have been initiated. But we are not ready. Technology moves at a very fast pace. And there is nothing called partial security. It is a continuous process and implementing the right multilayer security solutions take time.
We lack trained IT security personnel.We lack the exercise of budgeting for such security. We lack security solutions integrated in systems. And overall we lack the general awareness in safe computing practices. We need to have threat intelligence reports and services. We need to understand how much we have already been compromised. We need to analyze the source and patterns of attack . We need a team to analyze threat data. We need a central body to report cyberincidences. A hub to handle cybersecurity. Not just a CERT. And around all this we need the cyber law. A legal framework to tackle the crime.
Cybercrime victims are reacting like rape victims in Bangladesh. Not coming forward. An attempt to protect organizational reputation. This is a wrong start. This needs to change. Being a victim of cybercrime does not shame or undermine the establishment. It is a part of our digital life. We need to share incidences for the protection of others.
If you ask me whether Bangladesh needs to think about cybersecurity, I would say we needed it since yesterday. We are in threat. And this is not to scare. But to pass a message that we need to be ready with cybersecurity. Avoiding it, ignoring it, delaying it or running away from it is no option.
FiNTECH: It’s a grim and grave situation. How do you see cybersecurity in the Bangladesh banking and financial sector?
PS: Crime is where the money is. So, this sector is an obvious target choice. Only ironically, last year we experienced the Bangladesh Bank heist which till today is the largest bank loot in the history of both physical and virtual world. In 2016 we also saw incidences of ATM hacks. First quarter of 2017 Kaspersky Lab reported that Bangladesh is the second most malware infected country in the world on android devices. Alarming if you consider the fact that Bangladesh also transacts 8.44 billion Taka on the mobile banking platform each day.
Is the situation grave? It is. But not for Bangladesh alone. The recent years have been about incredible growths in banking malware and ransomware. The threats are regular and the criminal can be as young as 14.
The financial and banking sector of Bangladesh is going through a change. An upgrade to the online systems. This is the most vulnerable and crucial stage. So the gravity of situation for the Bangladesh financial sector has its own dimension also. This sector needs the same attention and policies as we discussed about cybersecurity in general a while back. Only that in addition I strongly advocate the need of a specialized CERT for the sector alone alongwith a defined legal framework. We are moving ahead to a digital era. Already we are hearing about a cashless society for Bangladesh. These are all possible and justified only if we have the right start and foundation with cybersecurity in the sector. We have to remember also that the banking sector is not supposed to be concerned about the security of the establishments, but also for the customers that it serves. Security is a 2 way traffic. Let me add with an information. Even two factor authentications is not safe anymore. Only last month it was confirmed, in details, that two factor authentications are completely hackable.
FiNTECH: Is Ransomware a major concern today? Any remedies?
PS: Yes. Yes and Yes! Ransomware is a foremost threat in the cyberspace today. It has evolved dangerously in the last couple of years at an amazing speed. There was an incidence last month in the UK where they arrested a minor boy aged 14 creating ransomware. But most alarmingly the world has experienced 2 major ransomware attacks on an international scale most recently this year. The first one was WannaCry and the second called Petya. The latter one has been more dangerous as the criminals did not aim for money but rather wiping out data. Petya has raised
concerns over industrial cybersecurity in a big way. Such attacks can cripple a nation’s operation all together.
Bangladesh is a victim of ransomware and continues to be so. Even WannaCry and Petya. Only that the victims are not coming forward. This is alarming for cybersecurity. If the crime is not reported there won’t be solutions to stopping it. IT hygiene is the first solution to Ransomware. Then there is the IT culture and there are multilayered solutions for protection. And this is a continuous crime. Not that it gets over.
Remedy for ransomware is in awareness of its prevention. It can be minimized by practicing the rules of IT hygiene.
FiNTECH: How is the Bhutan market in cybersecurity?
PS: Small yet. But developing. Not much to add to the scenario. But I can see they are developing in a planned way.
FiNTECH: Do you find the enterprise market growing in Bangladesh?
PS: Oh yes. My business figures also indicate a steady growth in the enterprise or corporate space. This is a positive signal for the Bangladesh market. However, at the same time the demand for awareness and measures in cybersecurity is also growing. The enterprise will not grow without technology. And we cannot let our enterprises be vulnerable to threats.
FiNTECH: What about the legal framework? Cyber laws? Isn’t that an integral part of cybersecurity?
PS: Thank you for bringing that up. We were almost skipping on some details on this vital part. Cybersecurity is not complete without the support of a legal framework. Bangladesh is working on an ICT and cybersecurity law. But I would say that it is just the beginning. Look, Our physical world and digital world merge in many areas. The law for our digital existence is about a mirror image of the The lines are getting thinner day by day. We live a physical life in a digital space and vice versa. So, when it comes to law, the size and volume of cyber law will be as big as the law in our real world. It will take time. The view, evidence and interpretations will differ. But the goal will be to deliver justice. Law is not about punishment. It is for prevention of crime also. When we actually start going to court with complains involving digital elements, we will start to formulate. Right now it is on a very basic understanding. Take for example the UK. It is ok to watch a pirated movie streaming, but a crime to download and watch. The law will come with culture and practices. Is an email acceptable as a valid document in court? Is a digital photo acceptable evidence in the court? If a person looses money on mobile banking due to malware in his smart device is the bank liable to compensate? Should the banks warn the customers on their digital responsibilities? Thousands of situations can be raised.
For cyber law I think we need a precisely professional board compromising of cybersecurity specialists, IT people, legal experts and intellectuals along with a team of professional cyber law experts and build up a legal framework with logical basics which can be extended and annexed over time to make a good digital law for the citizens. We need to start right in this area. And we need to start now.
FiNTECH: If we had no more questions and asked you to freely say from your experiences what would you say?
PS: That’s a tough one. (Laughing Ok, in this case I would take like to the opportunity to pass a message. Cybercrime is a real and imminent threat for Bangladesh. We need to address this threat. For the everyday IT user prevention is better than cure. Following an IT culture and practicing IT hygiene is that precautionary measure. This is for today and tomorrow. No options apply.
FiNTECH: Thank you so much for your time.
PS: I thank the readers and Fintech.