Naresh Lamgade loved playing football during his school days. In grade 10, he injured his leg when playing his favourite game, and the doctor told him he could not play football or participate in other physical sports for a year.
Effectively grounded, Lamgade turned to computers, one of the few things available to him for recreation. It did not take long for him to get hooked; and from then on, he and his computer became inseparable.
“I love playing football,” said Lamgade. “After the injury I sustained in grade 10, I stayed away from football and got more attached to my computer. It was then that I found technology fascinating.”
Lamgade was born and brought up in Jhapa in south-eastern Nepal. In 2011, he passed grade 10, and completed grades 11 and 12 in management from Gomendra Multiple Campus in 2013.
His love for technology deepened with time. After completing his intermediate level, he came to Kathmandu and enrolled in the Bachelor in Computing at Islington College, which is affiliated to London Metropolitan University.
Right from his college days, he began doing debugging work for various international organisations, finding and removing errors, or bugs, in computer systems.
He also secured part-time jobs at eSewa, one of the most used digital wallets in Nepal, and the Kantipur Media Group as a security analyst.
After completing his Bachelor's degree in 2017, he founded Cynical Technology; and in March last year, he launched Bugv.
"Both Cynical Technology and Bugv provide cybersecurity service," said the 28-year-old Lamgade. “But Bugv is more advanced. Bugv is a web-based crowdsourcing cybersecurity platform powered by human intelligence that connects businesses with ethical hackers and cybersecurity experts. We provide result-oriented service,” he said.
“Once a company creates a programme on our platform for testing, we assign ethical hackers registered with our platform to find bugs and other security threats,” Lamgade said.
“However, unlike most other platforms, we pay the ethical hackers only when they find a bug. This makes our service better since our clients pay as per the number of bugs found.”
Bugv has gained more than 40 clients in a short period, and over 5,000 ethical hackers are registered with the platform, according to Lamgade. “We can provide our services to national and international clients,” he added.
Merojob, hamrobazar, edusanjal and gyapu were among its early adopters, according to Lamgade.
The Global Cybersecurity Index 2020 had revealed that many countries lagged behind in key areas like cybersecurity skills training in micro, small and medium sized enterprises, and there were gaps in dedicated measures to close cybersecurity holes in finance, healthcare, energy and other key sectors.
Nepal ranked 94th among 182 countries in the Global Cybersecurity Index 2020, according to the International Telecommunication Union, the United Nations specialised agency for information and communication technologies.
ATM heists resulting from compromised switching systems, the hacking of the SWIFT system, and theft of individual data from online platforms like online shopping are the best known cases of data breaches in Nepal in the recent past.
As digitisation grows in Nepal, it is inevitable that the increasingly vast amounts of data across the public and private domains will be at risk, experts say.
The global cyber security market is projected to grow from $155.83 billion in 2022 to $376.32 billion by 2029, according to Fortune Business Insights.
Bugv won the best start-up award at the CNIYEF Nepal Start-Up Fest 2022 organised by the Confederation of Nepalese Industries Young Entrepreneurs Forum recently.
“The recognition we have received for our work has certainly made us happy and proud,” said Lamgade. “Winning the best start-up award has further motivated us to contribute more to the cybersecurity field in the coming days.”
Bugv has been organising live bug hunting programmes in a bid to motivate ethical hackers.
In such programmes, companies put their products on our platform and ethical hackers and bounty hunters from Bugv hunt for bugs. “Those companies who are going to launch new products often approach us for organising such programmes.”
Though bounty hunters in Nepal are paid very little compared to their counterparts in foreign countries, such programmes encourage them to continue working in the field.
Lamgade, who has around 10 years of professional experience in cybersecurity, has received annual research grants of Rs1.5 million from Google in the past two years.
We have approached government institutions to use Bugv, and the feedback so far has been positive.
“We have approached several government institutions to use our product,” Lamgade said. “One of the modalities we have requested them to adopt is providing bounty hunters a certificate instead of money for their work. Though many might find lack of monetary award discouraging, others might find the certificate issued by the government recognising their work worth having. In that case, I think, it will be a win-win situation for ethical hackers and the government.”
Despite the achievement, Lamgade believes many people in Nepal are not that serious about cybersecurity. And those who consider it significant hesitate to ask for crowdsourcing service because it allows many people to participate.
“People are concerned about data security on platforms that function via crowdsourcing,” Lamgade said.
He believes Bugv has a great opportunity to penetrate the cybersecurity market in Asia.
“There are only a handful of platforms like Bugv in Asia,” Lamgade said. “Secuna, a Philippines based company, and India-based BugBase are among our toughest competitors in the region.”
Bugv currently employs 18 individuals. Lamgade said the plan for the coming days is to take the platform on a global scale.
“We are currently hiring more staff and have plans to attract international investors to launch Bugv on a global scale in the coming days,” Lamgade said.