Operations Playbook - Engagement Strategies

HIGH

State police engagement sequence, DGP-level pathway protocol, cyber cell minimum standards framework, central government navigation (MeitY/MHA/CERT-In/NSCS), and corporate engagement strategy for BFSI and healthcare sectors.

DGP Engagement Pathway - 5 Step Protocol

CRITICAL
Cardinal Rule: No cold outreach to DGP-level officials. Every contact flows through an established network introduction. The pathway must not be shortened or bypassed.
1

Network Activation

4-8 weeks

Activate Brigadier Chhillar retired officer network. Warm introduction to DGP office through trusted institutional relationship.

2

Pre-Briefing Credentialing

2-3 weeks

Submit one-page capability summary referencing defence credentials. Establish elite positioning before meeting.

3

DGP Strategic Briefing

60-90 minutes

NOT a sales call. Strategic threat briefing at DGP level covering national landscape, state-specific vectors, capability gaps.

4

ADGP/IGP Cyber Handoff

1-2 weeks

DGP refers to cyber cell leadership. This handoff grants permission to engage without circumventing chain of command.

5

Technical Negotiation

Ongoing

Cyber cell engagement negotiated within DGP-established framework. Retainers, SOC managed services, training programs.

IPS Officer Transfer Consideration

DGP/ADGP tenures run 18-24 months. Engagement timelines should assume 12-18 month window per officer cycle to establish and convert a DGP-level relationship. Relationships must survive officer transfers by establishing institutional relationships, not individual ones.

State Priority Tiers

MEDIUM
TIER 1 - IMMEDIATE PRIORITY
Maharashtra
Budget:INR 75-100 Cr
Cyber Cell:35 personnel
Priority:
Highest GDP, most cyber crime volume
Pathway:
Brigadier Chhillar network via DGP office
Timeline:
SOC partnership (12-18 months)
Karnataka
Budget:INR 40-60 Cr
Cyber Cell:20 personnel
Priority:
Tech sector targeting, startup ecosystem
Pathway:
Political-BJP/IT Ministry network
Timeline:
Innovation cell partnership (6-12 months)
Telangana
Budget:INR 30-50 Cr
Cyber Cell:Rapidly expanding
Priority:
Digital governance, IT Minister access
Pathway:
IT Minister (CM-aligned) direct pathway
Timeline:
Managed services retainer (6-12 months)
TIER 2 - SECONDARY PRIORITY
Kerala
Budget:INR 15-25 Cr
Cyber Cell:12 personnel
Priority:
Professional police force, resource-constrained
Pathway:
Academic network (IIIT Thiruvananthapuram)
Timeline:
Training partnership (6-9 months)
Gujarat
Budget:INR 50-70 Cr
Cyber Cell:18 personnel
Priority:
Industrial targeting, defence adjacency
Pathway:
Industrial network + BJP political
Timeline:
Industrial cyber crime retainer (6-12 months)
Uttar Pradesh
Budget:INR 20-30 Cr
Cyber Cell:8 personnel
Priority:
Largest population, catastrophically understaffed
Pathway:
CM Office + Home Dept + Finance Dept
Timeline:
Phased 3-year capability building

Cyber Cell Minimum Standards Framework

Every state cyber cell engagement proposal should anchor to this framework. It provides diagnostic assessment of current state AND a structured menu of specific offerings to address each gap.

Tier 1: Immediate capability gaps
Tier 2: Significant gaps
1

Digital Forensics Capability

TIER 1
Requirement:
Collect, preserve, analyze digital evidence admissible in Indian courts
Current Gap:
<10 trained examiners per state, equipment years out of date
CryptoMize Offering:
2-week basic + 4-week advanced forensics training, remote forensic analysis service
2

Ransomware Response

TIER 1
Requirement:
Respond within 24 hours, contain spread, engage support without dependence on unavailable vendors
Current Gap:
No ransomware response framework, no established vendor relationships
CryptoMize Offering:
24/7 hotline (2hr response), quarterly threat briefings, on-site incident response
3

Threat Intelligence Access

TIER 1
Requirement:
Receive state-specific threat intelligence calibrated to local profile
Current Gap:
No state-specific TI; generic CERT-In advisories, no commercial feed calibration
CryptoMize Offering:
Monthly state-specific report, dark web monitoring, quarterly DGP briefings
4

Cyber Crime Investigation Support

TIER 2
Requirement:
Investigate full range: UPI fraud to cyber espionage
Current Gap:
Malware analysis, crypto tracing, dark web investigation exceed all state capacities
CryptoMize Offering:
Dedicated investigation support (2-week on-site), remote forensic analysis, expert witness
5

SOC Operations Framework

TIER 2
Requirement:
Clear architecture, staffing model, operational framework before technology investment
Current Gap:
Most states procure technology without understanding requirements; technology sits underutilized
CryptoMize Offering:
SOC architecture design, staffing model, operations playbook, managed SOC services

Central Government Engagement Pathways

Correct Sequence: MeitY First, MHA Second, CERT-In Concurrently, NSCS Long-Term. MeitY creates the policy framework that MHA implements. Approaching MHA before MeitY risks positioning as law enforcement vendor rather than national capability partner.

MeitY(Ministry of Electronics & IT)
TIER 1
Decision Maker:
Secretary MeitY + JS Cyber Security
Budget:
INR 500+ Cr annually
Engagement Pathway:
Political/governance network; intelligence briefing format
Timeline:
Establish contact 90 days; first meeting Month 6
Key Offerings:
Cyber Surakshit Bharat trainingI4C analytics supportPolicy framework contribution
MHA(Ministry of Home Affairs)
TIER 1
Decision Maker:
Home Secretary + JS Internal Security
Budget:
INR 200+ Cr (I4C, cybercrime initiatives)
Engagement Pathway:
Law enforcement network; credentials framing
Timeline:
BPRD training pathway 60 days; programme alignment 120 days
Key Offerings:
BPRD training modulesCBI/NIA investigation supportI4C threat analytics
CERT-In(Indian Computer Emergency Response Team)
TIER 1
Decision Maker:
Director CERT-In
Budget:
Limited operational budget
Engagement Pathway:
Empanelment process + governance network; national capability framing
Timeline:
Empanelment 12 months minimum; concurrent relationship cultivation
Key Offerings:
Surge capacity partnershipMonthly threat intel sharingAnalyst exchange programme
NSCS(National Security Council Secretariat)
TIER 2 (indirect)
Decision Maker:
NSA / Cyber Coordination Centre
Budget:
Policy coordination only
Engagement Pathway:
Governance network only; thought leadership circulation; unclassified framing
Timeline:
Long-term cultivation; no direct commercial pathway
Key Offerings:
Strategic assessment circulationPolicy alignmentAdvisory relationship

Engagement Calendar - Budget Cycle

Jun-Aug
Initial relationship cultivation - officials more available outside budget cycles
Sep-Oct
First formal proposals submitted - aligned with budget planning
Nov-Dec
Follow-up engagement during budget formulation - actively seeking solutions
Jan-Mar
Maintenance only - focus on relationship maintenance, NOT new initiations
Apr-May
Post-budget debrief - assess new initiatives funded, approach aligned ministries

MOD/DRDO Pathways

CRITICAL

Defence cybersecurity contracts require DPSU prime contractors with appropriate clearances. BEL and L&T serve as prime; CryptoMize as specialist sub-contractor.

BEL
Bharat Electronics Limited
Role:DPSU Prime Contractor
Clearance:Full defence clearances
Value to CryptoMize:
Defence electronics SOC, secure comms architecture, DPP contracts
Revenue Share:
70-80% BEL, 20-30% CryptoMize
L&T
Larsen & Toubro
Role:Engineering Partner
Clearance:Partial defence clearance
Value to CryptoMize:
OT/ICS security, power grid cybersecurity, critical infrastructure
Revenue Share:
70-80% L&T, 20-35% CryptoMize
DRDO
Defence R&D Organisation
Role:Research Partner
Clearance:Classified access
Value to CryptoMize:
Network infrastructure security, missile development systems
Revenue Share:
Consulting basis

BFSI Corporate Engagement

MEDIUM
HDFC BankTIER 1

Largest private bank, post-breach board authorization, 95M+ customers

Pathway:Political/HNI network
Timeline:6-18 months
State Bank of IndiaTIER 1

Most complex environment, 24K+ branches, political pathway via Finance Ministry

Pathway:CM/Finance Ministry
Timeline:12-24 months
ICICI BankTIER 2

Peer sophistication, willing to engage boutique premium vendors

Pathway:Political relationships
Timeline:6-12 months
Axis BankTIER 2

New cyber leadership, nation-state awareness, government credentials interest

Pathway:Intelligence credentials
Timeline:6-12 months
CISO Engagement Methodology
Intelligence Briefing Model
Offer private briefing on specific APT infrastructure targeting their sector. Giving model: provide value before asking.
Board-Level Risk Framing
Confidential nation-state risk assessment in business language the CISO can present to board risk committee.
Crisis Partnership Model
Position as firm to call when crisis hits. Establish relationship before incident, maintain through intel sharing.

Healthcare Corporate Engagement

HIGH

2022 AIIMS ransomware fundamentally changed calculus. Healthcare now board-level risk priority. Patient data = highest black-market value. OT/ICU network security = unique gap no vendor addresses.

AIIMS DelhiTIER 1

2022 breach exposed paradigm shift need, political pathway via Health Ministry

Pathway:Health Ministry network
Apollo HospitalsTIER 1

70+ hospitals, 10K+ beds, wealthiest patient base, HNI network access

Pathway:HNI/Political connections
Narayana HealthTIER 1

Dr. Devi Shetty Karnataka political connection, scaled approach

Pathway:Karnataka political network
Sun PharmaTIER 2

Largest Indian pharma, global operations, R&D data protection

Pathway:Industry associations
Healthcare Service Menu
Patient Data Protection Assessment
Data flows across hospital IT infrastructure, exfiltration vectors
OT/ICU Network Security
Networked medical devices = primary attack surface (unique offering)
Ransomware Response Retainer
24/7 hotline, 24hr on-site response, negotiation support
Board-Level Crisis Briefing
When breach occurs, help board understand and respond
Healthcare Engagement Nuances
IP Protection Focus (Pharma): Pharma: formulations, clinical trial data, R&D
OT/ICU Attack Surface (Hospitals): No vendor addresses networked medical devices
DPDP Act Compliance (All): 2023 law creates patient data protection mandate
Crisis Response Speed (Hospitals): Patient care disruption = existential impact

State Police Pricing Philosophy

Entry Engagements (Months 1-6)
Objective: Reference establishment, NOT margin optimization
Cost + 10-15%

Successful Maharashtra/Karnataka = reference credential enabling premium pricing elsewhere

Retainer Engagements (Months 6-18)
Threat intelligence + ransomware response
INR 15-30 Lakh/year

40-50% below multinational vendor pricing; premium positioning maintained

SOC Managed Services (Months 12-36)
Architecture, implementation, operations
INR 1.5-3 Cr/year

Premium-priced but fraction of in-house build cost; state receives operational SOC

Segment 23 | Operations Playbook - Engagement Strategies | CryptoMize Proprietary Research | March 2026