Can you describe your current role, and what responsibilities do you undertake?
At my current role, I am responsible for developing, implementing IT & Security strategies; overseeing technology operations; evaluating and implementing technology solutions; ensuring data security; ensuring compliance and fostering innovation.
How will you describe your journey in the cybersecurity Industry?
It all started with learning Diploma in Computer Networking Technology in 90’s, post which I cleared CNE exams and started writing course ware for A+ certification. BS7799 & ISO 27001 implementation gave me clear understanding from basics, after which the learning and journey never stopped in the last 20+ years and today I have credentials like PMP, CCISO, GDPR, RISK, ISO 9001 LA, ISO 27001 LA, CISM & CISSP etc. There are situations where I have faced many issues and rewards, I never stopped upgrading my knowledge and thereby the tools, hardware & software. I believe, key to sustained success/growth is learning.
If you could make one recommendation to the next generation of cybersecurity leaders, what would it be?
For You: Always have the thirst to learn new things; Collaborate with good knowledgeable people; Get trained, face test & never fear of failure.
For your organization: Understand business requirements and map with IT & Information security strategies. Continuous monitoring & course correction through adopting to evolving tools & techniques is of paramount importance.
For Industry: Innovate or implement a secure and trusted digital environment where individuals, organizations, and governments can confidently operate, transact, and communicate
How do you stay current with the latest security threats and technologies?
Contributing to CIO & CISO communities on evolving industry topics; help peers in strategizing, planning & implementation; Awareness sessions to Kids at school; Involve in technology innovation round table, summits, trainings & programs. That’s how I share and learn from others.
Can you discuss a time when you had to handle a security incident, and what steps you took to resolve it?
Yes, this needs a cool and calm brain to move ahead, don’t approach the situation with fear & anger. Approach the entire incident with proper strategy and plan. Mostly this should be available with you already. 1) Assess the situation with necessary key stakeholders [Remember too many cooks spoil the broth] 2) Activate the crisis response team [Involve required people, with clear instructions and work procedures] 3) Implement the crisis plan [Ensure that certain traces are not deleted during implementation so take backup if data oriented] 4) Communicate with stakeholders [to generate unambiguous communication, involve Marketing, Legal & Operational Heads before communicating] 5) Contain the situation 6) Resolve the crisis [Update the learning’s and how it was resolved in a step by step manner] 7) Review and learn from the crisis [Update the apex documents and procedures if any changes required]
Are you ready for the Aspiring CXOs Awards 2024? Nominate now to win!