Panellists discuss cyber resilience, cyber forensics and their ability to mitigate damages to systems, processes and reputation; and importance of governance in cybersecurity policies and processes
23 November, 2022, Bengaluru: The Centre for Corporate Governance and Citizenship (CCGC) at IIM Bangalore hosted an online panel discussion on ‘Cyber Resilience Strategy, Cyber Forensics and Governance’ on 17th November 2022 (Thursday).
The panellists were: Dr. Gulshan Rai, Chief Information Security Officer, Prime Minister’s Office, Government of India; K M Reddy, Chief Information Security Officer, Union Bank of India; Sujith Babu, Cyber Leader - India & SAARC, Cisco Systems, and Ajit Menon, Chief Information Security Officer, Tata Consultancy Services.
The moderator was Prof. S Sadagopan, former Director, International Institute of Information Technology, Bangalore. The session was chaired by Prof. Anil B Suraj, faculty of Public Policy at IIMB and Chairperson, N.S. Ramaswamy Pre-doctoral Fellowship as well as Chairperson, Committee on Diversity and Inclusion. The panel discussion was followed by a Q&A session.
Dr. Gulshan Rai described how Information Technology Security evolved in the country in the last 20 years. “The Indian Computer Emergency Response Team was formed in 2004 to promote IT Security systems, practices and awareness in the country. India loses around Rs.100 crores everyday due to bank fraud. In India, a lot of work has been done to strengthen the IT security system making it more resilient, but a lot more still needs to be done. Although India is better placed compared to many other countries in terms of handling cyber threats, there is an urgent need for every organization or institution to have a robust cyber security policy; for training of personnel on handling cyber threats, and to allocate 1% of the IT budget for cyber security alone. According to the Cyber Security Index 2020 of the United Nations, India is ranked at Number 10 and the aim is to bring the ranking below 10 in the coming years.”
K M Reddy listed the key principles to be followed by organizations to become cyber resilient. “Organizations need understanding of the exposure to cyber threats; incident preparedness; building capability and resources to handle such threats; holistic approach and a strong compliance framework; continuous review of systems and practices by an independent third-party organization; considered approach to legal and regulatory environment, and involvement with the community and spreading of awareness.”
Sujith Babu in his remarks underlined the importance of creating a cyber architecture by organizations. “Organizations must be aware of their current ability to detect cyber frauds. They should also cross the security poverty line to protect their data centre, network and cloud. There is also a need for sharing IT threat intelligence with the government.”
Pointing out that the Board of Directors of companies are now increasingly focusing on cyber threat resilience of organizations, Ajit Menon said, “The Chief Information Security Officer of any organization plays an important role in providing the Board members the right visibility, thereby making them understand the kind of business risks an organization would face if it does not implement a robust cyber resilient strategy.”
Overall, the session brought to light that effective cyber resilience must be an enterprise-wide collaborative approach, driven from top executives to everyone in the organization, partners, supply chain participants and customers. It must proactively manage risks, threats, vulnerabilities and the effects on critical information and supporting assets. For today’s technology-driven generation, the importance of cyber forensics is immense. Technology combined with forensics paves the way for quicker investigation and accurate results. A robust cyber resilience and forensic policy would also make an organization/institution to be well governed, transparent and accountable to all its stakeholders.
Watch here: https://youtu.be/pOM7ZVlb-J8
Panellists discuss cyber resilience, cyber forensics and their ability to mitigate damages to systems, processes and reputation; and importance of governance in cybersecurity policies and processes
23 November, 2022, Bengaluru: The Centre for Corporate Governance and Citizenship (CCGC) at IIM Bangalore hosted an online panel discussion on ‘Cyber Resilience Strategy, Cyber Forensics and Governance’ on 17th November 2022 (Thursday).
The panellists were: Dr. Gulshan Rai, Chief Information Security Officer, Prime Minister’s Office, Government of India; K M Reddy, Chief Information Security Officer, Union Bank of India; Sujith Babu, Cyber Leader - India & SAARC, Cisco Systems, and Ajit Menon, Chief Information Security Officer, Tata Consultancy Services.
The moderator was Prof. S Sadagopan, former Director, International Institute of Information Technology, Bangalore. The session was chaired by Prof. Anil B Suraj, faculty of Public Policy at IIMB and Chairperson, N.S. Ramaswamy Pre-doctoral Fellowship as well as Chairperson, Committee on Diversity and Inclusion. The panel discussion was followed by a Q&A session.
Dr. Gulshan Rai described how Information Technology Security evolved in the country in the last 20 years. “The Indian Computer Emergency Response Team was formed in 2004 to promote IT Security systems, practices and awareness in the country. India loses around Rs.100 crores everyday due to bank fraud. In India, a lot of work has been done to strengthen the IT security system making it more resilient, but a lot more still needs to be done. Although India is better placed compared to many other countries in terms of handling cyber threats, there is an urgent need for every organization or institution to have a robust cyber security policy; for training of personnel on handling cyber threats, and to allocate 1% of the IT budget for cyber security alone. According to the Cyber Security Index 2020 of the United Nations, India is ranked at Number 10 and the aim is to bring the ranking below 10 in the coming years.”
K M Reddy listed the key principles to be followed by organizations to become cyber resilient. “Organizations need understanding of the exposure to cyber threats; incident preparedness; building capability and resources to handle such threats; holistic approach and a strong compliance framework; continuous review of systems and practices by an independent third-party organization; considered approach to legal and regulatory environment, and involvement with the community and spreading of awareness.”
Sujith Babu in his remarks underlined the importance of creating a cyber architecture by organizations. “Organizations must be aware of their current ability to detect cyber frauds. They should also cross the security poverty line to protect their data centre, network and cloud. There is also a need for sharing IT threat intelligence with the government.”
Pointing out that the Board of Directors of companies are now increasingly focusing on cyber threat resilience of organizations, Ajit Menon said, “The Chief Information Security Officer of any organization plays an important role in providing the Board members the right visibility, thereby making them understand the kind of business risks an organization would face if it does not implement a robust cyber resilient strategy.”
Overall, the session brought to light that effective cyber resilience must be an enterprise-wide collaborative approach, driven from top executives to everyone in the organization, partners, supply chain participants and customers. It must proactively manage risks, threats, vulnerabilities and the effects on critical information and supporting assets. For today’s technology-driven generation, the importance of cyber forensics is immense. Technology combined with forensics paves the way for quicker investigation and accurate results. A robust cyber resilience and forensic policy would also make an organization/institution to be well governed, transparent and accountable to all its stakeholders.
Watch here: https://youtu.be/pOM7ZVlb-J8