Sony Anthony is a Partner at KPMG in India, leading the firm’s Cyber Defence and Incident Response practice. With close to three decades of combined consulting and industry experience, Sony is a seasoned cyber security leader trusted by organisations to address complex cyber risk, resilience, and transformation challenges across the enterprise.
Sony has advised 200+ clients across diverse industries and sectors on cyber security strategy, cyber risk management, large scale security transformation, and incident response. His work consistently focuses on aligning cyber security with business outcomes - helping organisations derive value from secure digital transformation while managing evolving threat landscapes. He brings deep insight into the convergence of Information Technology (IT) and Operational Technology (OT) and the role of emerging technologies in enabling smarter, resilient, and outcome driven enterprises.
He has led and overseen large, multi year cyber security strategy, governance, and transformation programs, covering domains such as threat intelligence, red teaming, OT security, and automotive and connected systems security. His OT security experience spans critical infrastructure and regulated environments, including airports, power grids, oil & gas, and energy organisations, where cyber resilience is mission-critical.
Sony has extensive experience conducting Cyber Maturity Assessments for organisations, their subsidiaries, and investment or portfolio companies. He regularly engages with Boards and steering committees, providing clear, actionable perspectives on cyber risk posture, target state maturity, and strategic roadmaps. This includes designing and delivering Board level cyber awareness and sensitisation workshops, tailored for executive decision makers.
Sony has also contributed to the development of client specific and sector level cyber frameworks, including work with organisations and regulators in the Banking and Telecommunications sectors. He is an active member of a working group committee for the ISA/IEC 62443 standard, contributing to the advancement of global OT and industrial cyber security standards.
Academically, Sony holds a background in Electronics and Telecommunication Engineering and an MBA from the Indian Institute of Management, Bangalore. He also holds multiple internationally recognised certifications, including ISO 27001 (Information Security), ISO 22301 (Business Continuity), and ISO 20000 (IT Service Management). Additionally, he is a Postgraduate from the National Law School of India, specialising in Cyber Law and Forensics, giving him a strong interdisciplinary perspective across technology, risk, and regulation.
Sony has co authored multiple thought leadership publications, notably in areas such as Quantum Cryptography and Connected Car Security. Prior to joining KPMG in India, he worked with Wipro Technologies and also founded and led a security consulting firm in the U.S. and India, further strengthening his entrepreneurial and global consulting experience.
Outside of his professional pursuits, Sony has a keen interest in music, cooking, and refurbishing vintage motorcycles.