 "Great Security Strategy Combines Several Apps")
In an interview with Biztech2.0 Captain Raghu Raman, CEO, Mahindra Special Service Group talks at length about information security, looking at it from various angles.
Could you highlight the latest trends in the information security space?
The entire scenario of information security has changed. With the growth of Internet penetration, online service providers and various services provided by mobile service providers, have compelled organisations to think about taking stringent security measures. There is a great degree of interdependency of applications. The concept of isolated applications is going to disappear soon. The problem in the entire security space is that there is no single industry standard. It is difficult to accurately judge specific tools or techniques, which would be suitable for specific areas. The best practice to follow is two-factor authentication.
What according to you are the drivers of information security management?
With the need for compliance standards, organisations are now looking seriously at various security solutions to protect their data. Governance is the primary driver of information security management, while compliance is the secondary driver. Competitive business advantage is another major driver of information security.
Two other important drivers of information security include the increasing dependency of the organisation on the employees and the high attrition rate. Businesses today primarily face four types of risks, namely, physical risks, risks relating to information, risk from the employee and technology risks.
How important is a security strategy for an enterprise?
A security strategy should be good a mix of a risk mitigation strategy and people strategy. A security strategy is a result of combinations of several applications into one. A good information security strategy checks the current position of an enterprise and also determines which position the enterprise needs to be at. The strategy then further integrates people, processes and technology into one single system. Most IT heads in India are not paying much attention to their security scenario, but it’s high time that they did so. Organisations should follow a strict governance policy to protect their information from outsiders. It is not only essential to compete with other players to stay ahead in the business but also to implement a strict GRC (governance, risk and compliance) policy. Profits and performance are a given hygiene factor, but what really differentiates a company with great potential from others is the way that it follows governance.
Your advice to CISOs who are planning to invest in information security management services
In order to remain competitive in the business, it is essential to look at the overall IT infrastructure. CISOs should assess their overall business scenario, data protection systems and processes already in place. If these are not sufficient in the present scenario, then the help of experts must be taken. Enterprises should deploy technologies, which will not only help them protect information but also prevent other technology breaches. We have a Technical Advisory Group, which works closely with our customers that not only educates them about the requirements of a proper information security management system, but also helps them avoid all types of technical breaches. We are helping our clients during their merger and acquisition phase, during product innovation stage and various other stages.
 "Vantage | Why are CEOs quitting in record numbers?")
 "Explained: Twitter's new CEO Linda Yaccarino and the 'glass cliff' debate")
 "Twitter starts to remove blue ticks which represented verified accounts")
 "Vantage | Why are CEOs quitting in record numbers?")
 "Explained: Twitter's new CEO Linda Yaccarino and the 'glass cliff' debate")
 "Twitter starts to remove blue ticks which represented verified accounts")