“Technology advancements are triggering greater collaboration between IT and business”

Niranjan Reddy

A solid cyber resilience strategy aims to protect the organisation from cyber threats, reduce the severity of attacks, and keep your business running in the event of an attack. Cyber resilience enables the company to manage a threat or breach effectively manage a threat or breach while maintaining critical business functions. To know how Cyber-resiliency has evolved from an IT Security initiative to a key business strategy, Nidhi Shail Kujur of Elets News Network (ENN) Interacted with Niranjan Reddy, Infra Head & Chief Information Security Officer, Polycab India Limited.

Cyber-resiliency has evolved from an IT Security initiative to a key business strategy. What is your take on this?

Today, it’s as important to be able to respond to and recover from security breaches as it is to be able to prevent them. Cyber resiliency enables organisations to manage, mitigate and rapidly recover from cybersecurity incidents with minimal or no damage. It allows you to defend against known threats and crises and survive and thrive in the face of unforeseen potentially disruptive events.

This is absolutely true. With the increasing business dependency on IT, Cyber resiliency has become critical and crucial. Attacks are inevitable, and 100% prevention is impossible, hence your cyber resiliency strategy is what determines how quickly you bounce back with minimal or no disruption to operations.

A sound cyber resilience strategy aims to protect your organisation against cyber threats, mitigate the severity of attacks and keep your business afloat despite an attack. Cyber resiliency enables your business to effectively manage a threat or breach while ensuring critical business functions remain unhindered.

Also Read | AI, ML will continue to dominate aviation industry: Vinod Bhat, Chief Information Officer, Vistara

What major cyber market trends would you forecast for 2023?

1. 30 per cent of enterprises will deploy cloud-based Secure Web Gateway (SWG), Cloud Access Security Brokers (CASB), Zero Trust Network Access (ZTNA), and Firewall as a Service (FWaaS), sourced from the same vendor.

2. 70 per cent of CEOs will build a culture of corporate resilience to protect themselves from threats from cybercrime, insider threats social events and political instability.

3. Organisations that adopt a cybersecurity network architecture will be able to reduce the financial costs of security incidents by an average of 90 per cent.

4. Cyber-attackers will be able to use operational technology environments as weapons successfully enough to cause human casualties. As malware spreads from IT to OT, the focus is shifting from business interruptions to physical harm, with the final responsibility resting with the CEO. Focus on asset-centric cyber-physical systems and ensure teams are in place to handle the appropriate management.

5. Blockchain, Quantum computing, AI, ML, and Automation would also make a big leap in 2023

How are next-gen techs like AI/ML impacting the cyber threat landscape?

Solutions enhanced with AI/ML simplify the protection of vulnerable data even in the most crucial and complex situations. It helps in personalising the mitigation approach depending on the business requirements, real-time threat identification, analysis, and prevention. An AI-based cybersecurity system relies on the continuous data flow to filter patterns and backtracks the attacks for smarter protection.

AI/ML-based solutions help organisations to protect their environment even before the attack has happened through predictive analytics.

During the current landscape, how do you see security challenges that organisations are facing as they shift to a hybrid environment?

The shift to remote working during the pandemic coincided with a significant rise in cybersecurity incidents as criminals sought to take advantage of both the stress and disruption of the pandemic itself and the increased “attack surface” available to target. This has forced employees and security teams alike to think about security in a way that was not required in the pre-pandemic landscape when work was predominantly conducted in a physical workspace.

Also Read | “Security is no longer an afterthought agenda in organisations”

How do you see the role of CISOs transforming toward business outcomes?

For today’s business leaders, the pandemic has emphasised the need for cloud readiness and digital modernisation. The new normal is driving organisations to act faster while maintaining business continuity and ensuring data security. Growth of remote work and acceleration of cloud adoption now challenge CISOs to ensure responsive protection against rapid change, while supporting new digital transformation (DX) and cloud computing initiatives. Technology advancements are triggering greater collaboration between IT and business, resulting in a cultural shift for modern executives. As businesses ramp up their modernisation plans, it’s up to CISOs to ensure a robust foundation that protects against the critical company and market shifts.