TrustVault: Safeguarding Growth in Uncertain Times

Buddhika De Alwis, Co-founder and Director of TrustVault, shares insights into building a global company that focuses on value-added cybersecurity solutions and how TrustVault can help Sri Lankan businesses navigate the unfolding economic crisis and unlock growth opportunities.

Can you share the story behind the inception of TrustVault? What inspired the formation of the company and its journey to its present status as an IT and cyber security consultancy firm?

In 2017, we identified a clear market gap for specialized cybersecurity consulting services. Although numerous advisory firms provided a range of services in the market, none focused solely on cybersecurity. This realization catalysed my co-founders and me to establish a company exclusively committed to cybersecurity consultations, underlining our unwavering commitment to delivering exceptional value to our clients.

Our second objective was to introduce internationally proven cybersecurity services to the local market and unite the regional cybersecurity community to enhance the local landscape. Over the past six years, we’ve successfully achieved these goals. We now serve prominent banks and financial institutions, telecom companies, software development companies, manufacturers, and BPOs, both locally and internationally. Our mission is to provide top-tier cybersecurity advisory services tailored to the local context, and our expanding clientele reflects our success.

Our expertise lies in mitigating cybersecurity threats and strengthening security measures. We have three primary verticals catering to diverse aspects of cybersecurity:

Governance, Risk, and Compliance: We assess companies’ information and cybersecurity risks and provide proactive solutions that prioritize practical implementation. Our unique approach ensures that recommendations are both budget-friendly and yield a return on investment. We help organizations navigate compliance requirements while addressing security risks effectively. 

Technical Assessments: We evaluate infrastructure to ensure adherence to controls, benchmarks, and best practices. Our services include vulnerability assessments and penetration testing to identify and rectify potential threats.

Training: Our comprehensive training programmes cover various organizational levels, from IT teams to senior management and boards. By emphasizing end-user awareness, we tackle the root causes of cyber threats. Our tailored training solutions address specific needs and promote proactive cybersecurity approaches.

At TrustVault, we are committed to understanding each client’s unique challenges and delivering practical solutions, going beyond mere product marketing.

With the Sri Lankan economy at a turning point, how can TrustVault help enterprises navigate the challenges ahead and unlock opportunities?

Enterprises may possess ample resources, but their endeavours may not succeed without recognizing opportunities. To address economic challenges, particularly in budget allocation, cybersecurity often takes a backseat. Yet, its significance cannot be quantified in monetary terms, considering the potential impact of breaches.

It’s essential to impart this understanding to the management. When recommending solutions, we focus on their effectiveness, value, and investment. We emphasize a practical approach, identifying the most cost-effective solutions for organizations. Smaller or startup entities must allocate resources wisely to see value.

Regulatory and legal requirements must also guide investments. Like purchasing a phone with unnecessary features, investing in security solutions without justifiable value is counterproductive. Therefore, we assess the best investment options.

Implementing security measures not only safeguards organizations but also opens up opportunities, especially for startups. European customers scrutinize how well businesses protect their data, seeking certifications as proof of readiness. By ensuring compliance and building customer confidence, organizations can expand their markets and clientele.

Despite economic constraints, practical approaches aligned with legal and regulatory requirements are essential. As organizations digitize and rely on IT infrastructure, cybersecurity becomes paramount to prevent exposure to cyber threats. It’s crucial to instil this perspective within corporate boards, emphasizing the value of IT assets and the necessity for robust protection mechanisms.

What sets TrustVault apart in the industry?

TrustVault’s differentiator lies in our highly skilled team of advisors. Unlike relying solely on IT systems for infrastructure, we focus on cultivating a talented team. Our advisors undergo rigorous training, qualifications, and overseas training to stay updated. With this skilled team, we understand customer requirements better, leading to superior service delivery.

TrustVault has expanded its services internationally, with offshore offices providing expertise from both local and global contexts. Our team doesn’t just sit idly; they immerse themselves in clients’ businesses, engage with stakeholders, and offer tailored advice. We ensure that our recommendations translate into tangible results and benefits for our clients.

We believe in value addition, ensuring our clients proactively prevent attacks and boost customer confidence. By demonstrating a robust information security management system and best practices, we foster customer trust and encourage them to seek more services. It’s a team effort, and our proactive team works closely with clients to provide customized solutions that address their specific requirements.

What is your vision for TrustVault for the next five years? 

Since its inception, TrustVault has contributed positively to the local economy by acquiring foreign customers and bringing foreign revenue into the country. Our primary business goals involve expanding to new markets to generate foreign income and nurturing a robust information security talent pool locally. We offer training programmes to the community voluntarily to bolster this talent pool, addressing the shortage of information security professionals in the country. By building a strong resource pool and attracting foreign services, we aim to enhance the overall experience and growth prospects. 

We continue to focus on expanding our global reach and attracting external services to Sri Lanka, increasing our resource pool, and uniting the community. We believe Sri Lanka can become a hub for cybersecurity professionals and advisory services, similar to India’s success in IT services. TrustVault aims to bring global expertise to the local context and contribute to the country’s economy while fostering cybersecurity excellence. Our differentiation factor is our unwavering focus on information security and the transfer of global skills and knowledge to the local market, driving our commitment to empowering our customers with superior solutions and enhancing the skills and capacity of the cybersecurity community in Sri Lanka.