SecureRoot Risk Advisory LLP

I'm Sachin Shirish, co-founder of SecureRoot Risk Advisory LLP — a cybersecurity, privacy, and compliance services firm headquartered in Kanpur, India.

My brother Sandeep and I started SecureRoot in December 2021 with a specific thesis: that Indian mid-market enterprises and Middle Eastern enterprises were being underserved by existing cybersecurity firms — too expensive, too Bangalore-centric, too disconnected from the actual operational realities of regulated mid-market companies. Five years later, SecureRoot serves enterprise clients across India and the Middle East, including the Ministry of Justice (Kuwait), OmanTel, FCI CCM, and BFSI/fintech firms across India.

My personal practice focus is compliance program design — particularly the structural choices that determine whether compliance programs survive multiple audit cycles or deteriorate after initial certification. Over 2022-2026, I've supported approximately 50 compliance engagements across ISO 27001, SOC 2, PCI DSS 4.0, HIPAA, GDPR, and India's DPDP Act, alongside sectoral regulations from RBI, SEBI, and IRDAI. The patterns I've observed inform both my client work and my published practitioner research.

SecureRoot is ISO 27001 certified, FICCI member, MSME registered, and DPIIT recognized.

If you're working on Indian enterprise cybersecurity compliance — particularly multi-framework engagements across BFSI, fintech, healthcare-tech, or SaaS — I'm happy to talk. Visit secureroot.co for our service offerings, or reach me directly at [email protected].