Sunil Gentyala is a Lead Cybersecurity and AI Security Consultant at HCLTech, where he leads an 11-person security team serving Fortune 500 clients including Uber, Disney, and Royal Caribbean. He serves as HCLTech's designated expert representative to the Cloud Security Alliance and is Security Architect and Framework Designer for HCLTech's AIDefendX initiative.

His research spans adversarial machine learning, Model Context Protocol (MCP) vulnerability analysis, post-quantum cryptography, and agentic AI governance. He is an IEEE Senior Member (No. 101760715), active ISACA Professional Member, and holds the 2026 Cybersecurity Excellence Awards Bronze (Cybersecurity Professional of the Year).

He is the creator of two open-source security frameworks — ContextGuard (zero-trust middleware for MCP security) and the GSH Framework (agentic AI threat hunting mapped to MITRE ATLAS and NIST CSF 2.0) — and has published across CSO Online, Dark Reading, SC World, Cyber Defense Magazine, BiometricUpdate.com, and the Cloud Security Alliance, with podcast features on Decoded: The Cybersecurity Podcast.

• Lead Cybersecurity and AI Security Consultant at HCLTech, managing Fortune 500 client security programs
• IEEE Senior Member (No. 101760715) with ORCID 0009-0005-2642-3479
• 2026 Cybersecurity Excellence Awards Bronze — Cybersecurity Professional of the Year
• Shortlisted, 2026 Cyber Security Influencer of the Year (Cyber Security Awards)
• National Cyber Awards Alan Turing Cyber Leadership Award nominee
• HCLTech designated expert representative to the Cloud Security Alliance
• Published researcher in post-quantum cryptography, MCP security, and agentic AI governance
• Active peer reviewer for IEEE, CSA, and international conferences
• Peer reviewer, Cyber Defense Review — peer-reviewed journal of the U.S. Army Cyber Institute at West Point (2026)

ContextGuard: Zero-trust middleware for Model Context Protocol (MCP) security

GSH Framework: Gentyala-Sovereign Hunt — Agentic AI threat hunting mapped to MITRE ATLAS and NIST CSF 2.0

A Post-Quantum Migration Taxonomy for Model Context Protocol — Multi-venue paper (IEEE TIFS, ACM QSec, Elsevier FGCS) applying RFC 9794 PQ/T hybrid constructs to agentic AI infrastructure

LLM Jailbreak Survey — Published to Zenodo (DOI: 10.5281/zenodo.19241166) and SSRN

Governing Agentic AI via MCP and COBIT 2019/NIST CSF 2.0 — ISACA Journal, co-authored with Praveen Kumar Mannam (Salesforce)

Zero-Trust Data Pipelines — JRTCSE, co-authored with Sunil Kumar Mudusu (Church Mutual Insurance)

Identity 3.0 and Zero-Trust for Critical Infrastructure — IEEE SmartNets 2026 submission introducing the IMM-CI maturity model

1,800+ MCP Servers Exposed Without Authentication: How Zero Trust Can Secure the AI Agent Revolution — CSO Online, May 2026 — warns that over 1,800 unauthenticated MCP servers expose enterprise AI infrastructure to critical security risks

MCP is the Backdoor Your Zero-Trust Architecture Forgot to Close — SC World, March 2026 — analysis of MCP security attack vectors, hidden AI attack surface, and zero-trust mitigations

The Sentinel Intelligence: A CISO's Guide to Sovereign Security in the Age of AGI — Cyber Defense Magazine, February 2026 — introduces the Sentinel Intelligence (SI) architectural framework for countering agentic AI threats

Why 2025's Agentic AI Boom Is a CISO's Worst Nightmare — CSO Online, February 2026 — examines indirect prompt injection, memory poisoning, and agentic denial-of-service exploits in enterprise AI deployments

Hardening Browser Security with Zero-Trust Controls — CSO Online, December 2025 — six-principle browser-centric zero-trust framework with NIST SP 800-207 and CISA Maturity Model alignment

Beyond Silos: How DDI-AI Integration Is Redefining Cyber Resilience — CSO Online, November 2025 — how DDI-AI integration transforms cybersecurity from reactive defense to predictive, automated threat detection

Zscaler-SquareX Deal Boosts Zero Trust, Secure Browsing Capabilities — Dark Reading — expert commentary on browser-centric enforcement architecture and browser zero-trust adoption

Non-Stop Agentic AI Action Has Teams Assembling to Face the Threat — BiometricUpdate.com, May 2026 — quoted on enterprise AI agent infrastructure security risks and deployment security gaps

Browser Zero Trust: Hardening Security Controls — Decoded: The Cybersecurity Podcast, December 2025 (41 min) — full episode based on his CSO Online browser zero-trust article; also on Apple Podcasts

Security Domains

Frameworks & Standards

Cloud & Infrastructure

Languages & Tools

• IEEE Senior Member — No. 101760715
• ISACA Professional Member — ID: 2297870 (active through December 2026)
• Cloud Security Alliance Expert Representative (HCLTech)
• ORCID: 0009-0005-2642-3479
• BCS Fellow (Experiential route, completed)
• Zenodo DOI: 10.5281/zenodo.19241166
• #FoundryExpert across IDG/Foundry publications (CSO Online, CIO.com, Computerworld)