Opinions expressed by Digital Journal contributors are their own.
Redmond, Washington. Three different conference organizers on three different continents invited the same cybersecurity researcher to speak between October 2025 and February 2026. Each time, the subject was a different published paper. Each time, the audience was a different professional community. The researcher was Karthikeyan Thirumalaisamy, a Principal Software Engineer at Microsoft, whose peer-reviewed work on artificial intelligence security threats and software supply chain vulnerabilities has gained rapid traction among academics and practitioners alike.
What makes his speaking schedule unusual is not its pace but its breadth. Cloud-native infrastructure engineers, academic artificial intelligence scholars, and enterprise security architects have all independently selected his research for their programs, a pattern that points to a body of work landing across multiple disciplines at once.
Why conferences keep calling
The first invitation came from Conf42 KubeNative 2025, an international cloud-native technology conference. Thirumalaisamy delivered a keynote in October 2025 on defense-in-depth security for mission-critical services running on managed Kubernetes. He presented a layered 4C model (Cloud, Cluster, Container, Code) that gives security teams a structured way to protect each tier of a Kubernetes deployment. Conf42 published the full recording on YouTube, making it permanently accessible to engineers who missed the live event.
Two months later, the IEEE selected him to present at its Global Leaders Summit in December 2025. The paper he delivered there tackled a problem few researchers had yet addressed in a formal, peer-reviewed setting. Model Context Protocol (MCP) servers, the infrastructure that allows artificial intelligence agents to invoke tools and communicate with one another, had no published threat taxonomy. Thirumalaisamy wrote one. His framework categorizes attack vectors into protocol-specific, authentication-specific, and prompt-specific classes, offering the first structured map of where these systems break down.
The practical interest was immediate. A startup founder building agent orchestration infrastructure reached out after the IEEE presentation to discuss adopting the taxonomy in a production environment.
In February 2026, Thirumalaisamy served as a keynote speaker at ICICAIA, the International Conference on Intelligent Computing, Artificial Intelligence, and Automation, where he presented mitigation strategies for threats to agent-based systems. The audience included international researchers, graduate students, and industry engineers from several countries.
“Traditional application security models do not account for the risks inherent in agent-based orchestration systems,” Thirumalaisamy said. “My framework explicitly models these attack surfaces and proposes layered mitigation strategies tailored for MCP-based infrastructures.”
What the numbers say
The academic reception backs up the conference demand. Thirumalaisamy’s ten peer-reviewed publications have gathered more than 820 reads, 32 citations, and 93 recommendations. His Research Interest Score of 56.8 ranks higher than 99 percent of researchers who first published in 2025, a measure of how quickly his work has been picked up relative to peers in the same publishing cohort.
Independent professional bodies have recognized his work separately. He received the 2025 Cybersecurity Excellence Award for leadership in cloud security and supply chain protection, and the Claro Gold Award the same year for applied artificial intelligence methods in security. He holds IEEE Senior Member status, which requires at least ten years of significant professional practice and endorsement from three existing Senior Members or Fellows. He is a Fellow of IETE, the Institution of Electronics and Telecommunication Engineers. He also serves as a peer reviewer for international cybersecurity journals and has judged global technology competitions.
Training the people who come next
Between keynotes and his engineering duties at Microsoft, Thirumalaisamy mentors students at two universities and one nonprofit. At the University of Washington Bothell, he serves as an official mentor through the Mentorship EDGE program, guiding students on secure software engineering, DevSecOps, and proactive threat detection. At Seattle University, he works with graduate engineering students on cloud security and secure system design.
He also volunteers with CodeDay, a nonprofit supporting young programmers and open-source contributors. His mentorship there centers on building security-conscious habits early, before students enter the professional workforce.
“I am dedicated to teaching students about leadership and problem-solving techniques which help them tackle actual workplace challenges,” Thirumalaisamy said.
The reason institutions keep inviting him, whether to speak or to mentor, follows a consistent logic. His published research addresses security problems that most organizations are only beginning to encounter. His IEEE-presented threat taxonomy for MCP servers, his Conf42 keynote on Kubernetes defense architecture, and his ICICAIA address on agent-based threats all deal with attack surfaces that did not exist five years ago. The students he mentors at UW Bothell, Seattle University, and CodeDay will be the engineers expected to defend against these threats in the years ahead. Thirumalaisamy is one of a small number of practitioners doing both the research and the teaching.
