“From Battlefield to Cyber Frontlines: Insights from Ex-Army Officer and Cybersecurity Strategist Jaimandeep”

Today, we are honored to feature Lt Col Jaimandeep Singh (Retd), a distinguished ex-Army officer and a cybersecurity specialist. He also holds a PhD in cybersecurity from National Forensic Sciences University, Gandhinagar. Having served in the defense forces, he brings invaluable first-hand experience in national security, which he later combined with his deep expertise in cybersecurity strategy and solutions architect. He has led security teams, driven industry–academia collaborations, and contributed significantly to strengthening digital defenses.

Professionally qualified with undergraduate and postgraduate degrees in computer science, he also holds globally recognized certifications such as CISSP and CEH (Master), which include extensive hands-on expertise. His unique journey of bridging defense and technology makes him a thought leader in how cybersecurity and IoT can reshape modern defense systems.

With his rare blend of Army experience and cybersecurity expertise, Mr. Jaimandeep offers valuable perspectives on the evolving defense landscape. In this conversation, he shares his views on cybersecurity challenges, the role of IoT in defense, and guidance for the next generation.

Q1. Did your cybersecurity strategy experience begin during your Army service, or did it evolve after your transition into the industry?

My cybersecurity journey began during my service in the Corps of Signals. In the Indian Army (IA) we deal with extensive computer and telecommunication networks, where strict security practices are built in. We have well-defined defensive security posture, with perimeter defenses, vetted websites and internal CERTs within the Army, Navy and Air Force, much like CERT-IN at the national level. These CERTs issued policies and conducted regular exercises, the military equivalent of penetration testing to ensure networks and systems were secure.

We also had Security Operation Centers (SOCs) that monitored the entire network. For example, plugging in a USB device was not allowed; if attempted, logs were generated at the SOC and necessary action was taken. Recently, the Defense Cyber Agency (DCyA) was set up, which is a tri-services agency to handle cybersecurity threats and to ensure that the armed forces cover the full spectrum of cyber operations. Even mobile communication is tightly controlled. SAMBHAV/SAM is a secure mobile ecosystem developed in collaboration with IIT Madras. It is highly secure and leverages Indian cellular service providers.

So, yes, my grounding in cybersecurity started very much during my Army service itself.

2. From your experience, how does IoT help in making defense operations more efficient and reliable? Could you share a specific example from your work?

IoT today covers a broad spectrum, but one of the most impactful applications in defense has been the use of drones. In fact, the Army has recently reorganized its structure to include drone platoons at the Infantry battalion level formally. Additionally, artillery batteries for loitering munitions, also known as suicide drones have been introduced. Earlier, drones were carried into operations on an adhoc basis; now, they are becoming a standardized and integral part of operations. This change reflects how IoT technologies like drones are transforming defense strategies, making operations more efficient and adaptive, even at very tactical levels.

3. How would you describe the difference in defense operations before and after the introduction of IoT? In your experience, has it made operations more effective or efficient?”

IoT in defense is not just about drones; various sensors deployed across units also qualify as IoT devices. Additionally, technologies like LoRa devices are being used for secure, low-power communication. Interestingly, even adversaries, including terrorists, have used LoRa for untraceable communication. This highlights how IoT technologies have expanded the spectrum of operations, both for monitoring and strategic communications, making defense systems more aware and responsive.

4. In critical situations, such as recent terror attacks, is it possible to detect or anticipate cyber-related activities before a physical attack occurs? Can cybersecurity measures help sense threats in advance?

It is very difficult to detect terrorist attacks in advance, as intelligence is primarily handled by police and agencies like the NIA. The Army typically comes into play as part of NSG, responding once an attack occurs, such as hostage situations or active threats.

Modern operations are evolving with technology: robots and drones are increasingly used to scout buildings and assess open areas before human entry. The most challenging task is room-to-room clearing, where attackers may be hidden or have set traps. Robotics currently play a supporting role, helping reduce risk, and are expected to become more involved as the technology matures.

5. Could you share an experience from your career where you dealt with a cybersecurity attack or incident?

We encounter cybersecurity attacks frequently, and the armed forces also employ offensive strategies as part of their operations. However, these activities are ongoing and dynamic, and specific examples cannot be shared due to security reasons. Generally, there are well-established practices in place to manage and respond to such incidents effectively.

6. Does technology like IoT or cybersecurity help in all aspects of defense operations, or are there still areas where its role is limited?

The role of technology in defense will always be incremental. Robots and drones currently handle limited tasks—drones were once mostly used as toys, but now are evolving into platforms capable of carrying out offensive operations. Similarly, small robots can scout rooms today, and as their capabilities improve, they may eventually perform remote operations, including firing. Technology gradually moves from a support role to an offensive capability, so its impact grows over time rather than covering every aspect immediately.

7. Do you think there are any advancements in IoT or cybersecurity technologies that still need to happen to make defense systems even stronger and more effective?”

In the IoT and cybersecurity space, having Make in India capabilities is crucial especially for hardware and software, so that in times of conflict, supply chain disruptions or reliance on foreign components do not compromise defense operations.

For example, consumer devices like smartwatches or mobile phones of foreign origin can inadvertently reveal troop locations or movements through data analysis, as has happened in the past. Therefore, controlling the design, production, and software of IoT devices and secure mobiles is essential to prevent unintentional leaks and maintain operational security. This ensures that all technology used in defense remains trusted and fully under national control, reducing vulnerabilities from supply chain or data-related attacks, such as the recent high-profile pager supply chain attack by Israel Defense Forces (IDF).

8. Would you like to share any advice for younger generations aspiring to build careers in cybersecurity and defense?

I would advise that defense is an excellent option for anyone aiming to advance in cybersecurity because it offers exposure to both offensive and defensive technologies at an enterprise level, something most private-sector roles do not provide.

Cybersecurity is an interdisciplinary field. People from technical backgrounds, auditing, legal, or policy roles can all transition successfully into cybersecurity, as it involves both technology, regulations, and understanding human nature. While systems may be technically secure, the human element is often the weakest link, as attackers exploit human behavior rather than the technology itself.

The essence of cybersecurity, therefore, is to support human users: systems should detect and mitigate mistakes before they cause significant harm, much like guiding a child learning to walk safely. Understanding this interplay between humans and technology is critical for anyone entering the field.

9. What is your current role and how can anyone get in touch with you?

Presently, I am working as a consultant at IIT Madras, focusing on the development of advanced AI based cybersecurity products and the delivery of training programs spanning from technical, hands-on courses to executive-level (CISO) modules. You can reach me out on my email <spc701@imail.iitm.ac.in> or whatsapp 8287431529.

Technical Content & Editor-in-Chief, IoT Watch

Soumya Mukthavaram