Cylance acquisition added 100 India employees, new Noida and Bengaluru offices: Arctic Wolf’s Jeff Green

US-based cybersecurity firm Arctic Wolf established its first global capability center (GCC) in India last year in October. The new office in Bengaluru is expected to help Arctic Wolf in tapping into the vast cybersecurity talent in the country. 

At the time of its inauguration, the company had set out a target of hiring a workforce of about 150 employees at the center in 2025. The company has, however, managed to achieve the target within the first quarter of the calendar year, said Jeff Green, the senior vice president of engineering in interaction with TechCircle. He said that the India team has a mix of talent, comprising software engineers, QA engineers, data scientists, and data engineers, among others. 

Green is an industry veteran with a career spanning two decades. Not privy to the burgeoning tech talent base in India, Green said that the deep cybersecurity expertise in India has been growing since the 2000s when companies like Symantec and McAfee first set up shop here.

“We're not just supporting global teams — we're building products right here. We have teams working on a variety of focus areas, including Managed Detection and Response (MDR), threat intelligence, detection engineering, and artificial intelligence. The work happening here is innovative and exciting, and it touches many aspects of our business,” Green said about the Bengaluru GCC center.

As per the latest data available from industry body Nasscom, India has over 1,700 GCCs. This number is steadily growing, with industry watchers projecting the emergence of over 2,500 such centers by 2030. Along with Arctic Wolf, other cybersecurity firms such as Sophos, Rapid7, and McAfee have also established their centers here.

With more entrants into this market, the companies compete for the best talent. Devendra Rath, head of the India center said that Arctic Wolf operates in a niche space and is not necessarily too perturbed about growing competition. 

“Interestingly, the presence of other cybersecurity companies in the region is a positive — it helps us attract individuals who already have relevant experience. That prior exposure to the industry makes a big difference, because the learning curve in cybersecurity is steep. Having someone join who already understands threat landscapes, mitigation techniques, and the domain-specific language is a huge advantage,” he added.

Beyond organic hiring, Arctic Wolf has gained over 100 employees in India and additional offices in Bengaluru and Noida with its December 2024 acquisition of cybersecurity firm Cylance. Notably, Arctic Wolf acquired Cylance from Blackberry for $160 million in cash; Blackberry acquired Cylance in 2018 for $1.4 billion in cash. Arctic Wolf expects to benefit from adding Cylance’s endpoint security solutions to its native platform.

Since 2022, Arctic Wolf has made an acquisition (or two) every year. In 2022, the company acquired the incident response firm Tetra Defense and cyber threat intelligence company vxIntel. In 2023, Arctic Wolf bought the cybersecurity automation platform Revelstoke, followed by the Cylance deal the following year. 

When asked about the technology team integration challenges following such acquisitions, Green said, “When you’re going through an acquisition like that, one of the most important things that comes up early in the diligence process is alignment—not just technological alignment, but also cultural and people alignment. It’s critical to evaluate both.”

Once the deal closes and the two companies become one, the real work begins, he added.

“One common mistake we’ve seen (and experienced ourselves in the past) is acquiring companies but keeping them too siloed—separate teams, separate cultures, minimal integration. That approach rarely works in the long term. So, with Cylance, we were very intentional about integrating the team quickly—organizationally and culturally—and just as importantly, bringing their technology into our broader product portfolio as fast as possible.”

Future M&As will be driven by expanding to new markets that seem promising from a technology standpoint. “We're focused on identifying markets that complement our existing product suite—places where our customers need support in managing their security more effectively,” said Green.

Along with adding talent to Arctic Wolf’s existing team, Cylance’s acquisition helped built its AI portfolio by adding a suite of models. These include models that analyse PE (Portable Executable) files—common on Windows systems—to determine whether they're malicious.

Beyond that, Arctic Wolf has various models that evaluate files, URLs, IPs, and other data points to assess their security posture. “We also use AI extensively for threat detection, and within our Security Operations Center (SOC), we deploy AI models to automate many of the analysis tasks that a SOC engineer would typically handle,” Green concluded.