With the increase in cyber-attacks, an organisation’s security posture is jeopardised. A CISO in a mature organisation will need an agile strategy that focuses on cyber intelligence. While the baseline processes and technologies to defend are in place, continuous threat analysis of the environment, including every component or device, is required. To know about how CISOs braise the cyber defences as hackers continuously attempt to attack, Nidhi Shail Kujur of Elets News Network (ENN) interacted with Rohit Rane, Chief Information Security Officer, HDFC Pension.

The vulnerabilities of identity theft are posing challenges for the financial sector. What security revamps should CISOs implement?

Identity theft is on the rise which is leading to fraud related to financial transactions. With vulnerable ICTs being compromised to steal PII and put up for sale in the dark market for potential buyers, it has become imperative to safeguard PII. Other than ICTs, Identity Theft is also through direct social engineering calls, spyware & malware, MiM attacks, Phishing emails, Smishing, etc. While you can bring in technology controls like VPN, Anti Virus & Malwares, MFAs, Firewalls, use of strong passwords, secured website and data, and effective monitoring on who accesses data, however, educating the user continues to top the list of mitigating controls.

How should CISOs assess the risks involved in digital transformation before taking the plunge?

As a CISO, partnering with the business on all initiatives including digital transformation is a key success criterion. Especially for Digital transformation initiatives, understanding the risk areas is critical to identifying and dealing with all the risks that an organisation may be exposed to in a digital environment. An assessment covering Cyber, Third party risk management, Strategic, Data Leakage points, privacy, forensics and resilience is imperative. CISOs should focus on developing risk management frameworks that include automating assessments for the above-mentioned areas by leveraging AI & ML capabilities.

Also Read | “The demand for seasons CISOs is on the rise and this requirement is going to grow in future”

How is the field of Enterprise Security Management (ERM) killing the traditional security probe in Indian Organisations?

The ERM is focusing more on leveraging next-gen technologies and automation instead of the siloed traditional security probe mechanisms. With the increase in the sophistication of cyber-attacks, equally sophisticated defence technologies are required to counter these attacks.

Organisations are moving away from solely detection capabilities to a next-gen AI- based orchestration that not only detects fast but also contains and mitigates the risks automatically without wasting too much time in manual investigations. Organisations are more inclined to develop a pre–threat detection plan and protect their crown jewels. They have come up with more playbooks anticipating different scenarios and building up strong resilience.

How can a CISO braise the cyber defences as hackers continuously attempt to attack?

With the increase in cyber attacks, the security posture of an organisation is at risk. For a mature organisation, a CISO will need to have a strategy that is agile and focuses more on cyber intelligence. While the baseline processes and technologies are in place to defend, continuous threat analysis of the environment including every component or device is a must. Clearly identify the crown jewels and have a multi-layer strategy to safeguard them. Continuous monitoring, intelligence-based playbooks, automated orchestration and improved cyber forensics are also required to beef up the game against adversaries. It is also imperative that CISO clearly articulates the impact of cyber security measures on all users. When all stakeholders understand cyber security, the organisation’s security posture will automatically become more effective.

Also Read | “The more security controls, the less user-friendly a system becomes”

As a result, technologies such as digital mobile and online clouds are quickly emerging as business drivers. However, these deployments also increase the risk for businesses, so how should CIOs and CISOs assess the risk?

Technologies such as digital mobile and online clouds are emerging business drivers due to the flexibility in services and on-demand services it offers. While it helps businesses to deploy products or services to their customer within quick TAT it also brings in risks pertaining to visibility and control, unauthorised use or access, API governance especially the ones exposed to the internet, sharing or theft of credentials and more. CISOs and CIOs should focus on mitigating these risks by devising a policy that establishes baseline configurations and is regularly audited. Also, deploy continuous monitoring practices which track every change and investigate it promptly. Deploy a robust Identity & Access Management (IAM) practice that addresses unauthorised access risks. Develop a model where a continuous audit is conducted on such technologies that help to detect all risks and develop response procedures to address them.