Independent by design. Built for the work that matters.
Tasvika Ventures was founded on a clear conviction that organisations preparing for audits, building security capability, or navigating new risks deserve specialist support — focused, disciplined and accountable for outcomes. We work across regulated and mid-market sectors, helping organisations get audit-ready, strengthen security, and stay resilient through changing risks and regulations.
We measure ourselves by a single standard: the quality of the work we hand over.
The firm operates two specialist practices — Audit & Compliance, and Cybersecurity Advisory — covering SOC 2, ISO 27001, HIPAA, PCI DSS, and DPDP readiness, alongside a focused set of cybersecurity advisory services including Fractional and Virtual CISO leadership. Our independence is structural, not stylistic, we do not operate what we assess, and engagements are led and delivered by senior practitioners — not handed off after the proposal.
Our Vision
To be a trusted independent partner for organisations preparing for, maintaining, and strengthening audit, compliance, and cybersecurity capability.
To set the standard for senior-led, conflict-free advisory work in cybersecurity, audit, and compliance.
To grow long-term trust through specialist depth, honest assessment, and disciplined scope — engagement after engagement.
Our Mission
To prepare organisations for audits and certifications — SOC 2, ISO 27001, HIPAA, PCI DSS, DPDP — with rigour, clarity, and clean handover to the issuing body.
To strengthen cybersecurity programmes through specialist advisory — strategy, architecture, cloud, incident response readiness, Fractional CISO leadership, and personal data protection.
To deliver continuous internal audit between certification cycles, so control evidence holds up to customers, regulators, and boards year-round.
To grow the next generation of cybersecurity and audit talent in India through structured talent pipeline initiatives.
Our Core Values
These values guide everything we do at Tasvika Ventures
Independence
Independent by design. No reselling, no vendor commissions, no operating what we assess. Structural separation between advice and execution.
Senior-Led Delivery
Senior practitioners deliver every engagement — not just sell it. The quality of what we hand over is the only thing that matters.
Disciplined Scope
Clear deliverables, clean handover. We do what we said we would do, and we don't scope-creep into work that isn't ours to do.
Honest Assessment
We tell clients what they need to hear — including when our findings don't match what they hoped to hear. Honesty is the service.
Continuous Learning
Cybersecurity, audit standards, and regulations evolve. We invest in staying ahead — for our clients and for the cybersecurity community we contribute to.
Our Approach
A structured, repeatable approach across every engagement — readiness, advisory, or internal audit.
01
Understand
We start with your situation, drivers, and goals — not a generic template.
02
Assess
We evaluate posture, risks, and readiness against the relevant standard or framework.
03
Strategize
We design a clear, prioritised approach with defined scope and deliverables.
04
Implement
We deliver hands-on, alongside your team, with senior-led quality.
05
Improve
We hand over cleanly and stay available through the period that follows.
Meet the Founder
Mayenn Shivankuty is the founder of Tasvika Ventures, an independent cybersecurity, audit, and compliance advisory firm based in Hyderabad. With over 24 years of experience in cybersecurity, operational risk, and technology leadership across global financial, banking, and technology organisations, he established the firm to bring specialist, senior-led advisory work to organisations preparing for audits, maintaining certifications, and building genuine security capability.
His career has spanned senior leadership roles at Wells Fargo, HSBC, CSC, and GE — building and running large cybersecurity teams, driving vulnerability management and data protection programmes and shaping security strategy in environments answerable to multiple global regulators. He has built and led security functions and teams across multiple regions — including APAC, EMEA, and the Americas — and led audit-readiness and regulatory compliance programmes covering SOX, PCI DSS, ISO 27001, and GDPR. His domain depth spans cybersecurity strategy and governance, vulnerability and patch management, identity and access management, data loss prevention, threat management, security operations, and audit and controls assurance. He holds the Certified Information Security Manager (CISM) credential from ISACA.
After two decades working with global organisations navigating rising cyber and regulatory complexity, Mayenn founded Tasvika Ventures to build the kind of firm he would have wanted on the other side of the table — specialist, independent, and committed to genuine outcomes. Having sat in the seat of the organisation being audited, undergone regulatory scrutiny, and led teams through the realities of compliance work, he brings a perspective shaped not just by what advisors should know, but by what clients actually need.
He believes good advisory work is honest, senior-led, and free of vendor and operational conflicts. He works directly with every Tasvika engagement, supported by trusted specialists when scale requires. Outside the firm, he remains an active member of the professional cybersecurity and audit community, and is committed to growing the next generation of cybersecurity talent in India.
Based in Hyderabad, India.
Industries We Serve
We support organizations across diverse sectors
01
SaaS & Cloud-Native: SaaS, cloud, and managed service providers preparing for SOC 2 attestation or strengthening security posture for customer due diligence.
Healthcare & Health-Tech: Healthcare providers and health-tech companies handling protected health information, HIPAA Security Rule obligations, and ABDM-adjacent requirements.
04
Regulated Mid-Market: Growing mid-market organisations in regulated sectors — preparing for ISO 27001 or building security and audit capability for the first time.
Where Are You on Your Cyber & Compliance Journey?
Whether you're preparing for a first audit, maintaining a certification, or building security capability — we'd value the conversation. Free 30-minute scoping call. No pitch, no deck.
