Dr. Sarbari Gupta is the founder and CEO of Electrosoft, a federal cybersecurity and enterprise modernization firm, and a recognized thought leader and speaker on cybersecurity; zero trust; identity, credential, and access management, and more. She is an active NIST collaborator and co-author, helping to shape cybersecurity standards and guidelines that improve federal cyber resilience.
Q1: Tell us about yourself and your company, Electrosoft.
I’m an engineer turned entrepreneur and now a business leader. From the start, I was drawn to engineering as a career path. I liked the logic and problem-solving dimensions of the field. I also wanted to be my own boss one day. In 2001, I founded Electrosoft as a federal technology services firm — and quickly had to learn about running a business, which is much more than being a subject matter expert. Today, Electrosoft is a fast-growing $55 million company delivering mature, innovative technology-based services and solutions to power critical federal IT programs and keep our nation safe from cybersecurity attacks.
Q2: Why cybersecurity?
I’ve always been interested in cybersecurity, even before it was called that. In the late ’90s, I started working with a new technology called public key infrastructure (PKI). I was helping federal government customers implement PKI to solve business problems. When I became an entrepreneur, it was a natural choice to continue assisting federal customers and to build on the PKI experience with identity management and, at a broader level, cybersecurity for systems and data.
Q3: What questions about cybersecurity are federal customers asking themselves?
Recent mandates and regulations have directed federal agencies to help improve the nation’s cybersecurity by implementing best practices like moving to a zero-trust architecture, strengthening digital identity management, and securing cloud services. Many agencies are considering how best to accomplish these things while keeping operations humming — and wondering if they are doing enough. Also, as more cybercriminals are using artificial intelligence to bolster the frequency and severity of their attacks, government leaders are looking to harness AI to stop them.
In every agency, there’s a balance point between budgets and missions and the need for updated systems and security. Part of the challenge is that there’s no single solution that works for everyone. The good news is that the federal guidelines and emerging technologies provide both guidance and tools that help address prioritized risks.
Q4: What’s your take on CMMC and the role that contractors play in helping secure the country’s infrastructure?
CMMC is the minimum that contractors should be doing. We started building our cybersecurity posture before CMMC was ever introduced. We’ve implemented strong cyber hygiene all along. As federal contractors, we all know that we need to take these controls seriously so, together, we are strengthening the resilience of our own companies, our government customers, and the citizens they serve.
Q5: You’ve talked about viewing users as high-value assets. Why is that perspective helpful to federal customers?
I have been in cybersecurity for a long time, since we called it computer security or information assurance. Traditionally, the focus of cybersecurity protection has been on the data and systems owned by organizations. However, users also need to be protected, whether they are working remotely or in their office. Taking a broader perspective on cybersecurity can help us protect people as they work and use identity as a key factor for securing other assets.
Q6: Electrosoft regularly publishes white papers, speaks at conferences, and authors articles. Why do you put so much effort into thought leadership activities?
Our team is uniquely expert at both government cybersecurity guidelines and federal defense and civilian customer programs and environments. Electrosoft personnel have co-authored several NIST Special Publications. And, we have the practical experience of guiding big defense zero trust programs, building and staffing modern SOC operations, running a federal PKI testing lab, and designing and implementing modern identity management solutions like passkeys.
I’m a firm believer that knowledge not shared is lost. In fact, we’ve just formed a new Technology and Innovation Directorate to share our knowledge more formally. When we consume and share knowledge, it enlightens us, our customers, and our community.
Q7: What are your plans for Electrosoft’s future?
Electrosoft is a strong and growing company with a loyal customer base and an engaged team. In the past few years, we’ve been positioning ourselves for success as a mid-tier contractor. We’ve expanded our executive, back office, and growth teams. We’ve just launched a new Advisory Board that is helping guide our long-term growth efforts.
And we continue to build out the breadth and depth of our expertise. Last year, for example, we appointed one of our zero trust program leaders to guide a cohort of us through gaining ZT knowledge and credentials. We also continue to be guided by our core values: integrity, customer service, excellence, innovation, and success. They set a high bar on how we work, how we treat each other, and how we serve our customers.
My job as CEO is to identify any constraints that might be holding us back and decide how to invest so we can achieve our goals.
Q8: Let’s close by talking about leadership.
Company leaders have thousands of things on their to-do lists that can eat up days or pull you in different directions. I’m fortunate that Electrosoft has grown to the point that we can attract quality leaders, and we have a high-performing leadership team today. That allows me to focus on my role.
My advice to other entrepreneurs is to find ways to do your best. For me, that starts with yoga, healthy eating, and time management habits. Surround yourself with people who share your values and your mission and who can do their jobs better than you ever could. And look for ways to give back and support the next generation of leaders.
At the end of the day, leadership is about lifting others up. I’m grateful for the opportunity to do that and excited to see what the next generation will accomplish.
