Can you describe your current role, and what responsibilities do you undertake? (Word Limit: 100 words)
Leading the IT function of the company, I am responsible for the entire gamut of the IT landscape, which includes security. I report directly to the Managing Director and am the sole decision-maker, with ownership and accountability for achieving the highest uptime and minimizing outages.
How will you describe your journey in the cybersecurity Industry? (Word Limit: 100 Words)
Cybersecurity has always been at the top of my list of priorities for the past 15 years, even when people weren’t giving any attention to this neglected area. Somehow, I foresaw the new upcoming dangers and became actively and seriously involved. The evolution of cyber attack scenarios, from signature-based virus infections to today’s modern AI and ML-enabled multi-form, multi-platform attack vectors, has changed the entire landscape with their ability to attack anywhere and everywhere, including satellites, missiles, aircraft, etc. It would not be a wonder if tomorrow the Space Station could be compromised.
If you could make one recommendation to the next generation of cybersecurity leaders, what would it be? (Word limit: 100 words)
Just like a half-baked cake is of no use, similarly, an ‘incomplete’ security solution is of no use. The defensive mechanism requires a 360-degree approach, wherein each and every identified threat point that can be used by threat actors for incursion into your infrastructure landscape needs to be put under a protective layer and deep surveillance. While patrolling the IT infrastructure manually is nearly impossible, the new-age detection and response tools with playbooks using AI-enabled engines help a lot to ease the job.
How do you stay current with the latest security threats and technologies? (Word limit: 100 words)
Through online and offline webinars, OEM’s regular feeds, Knowledge sharing platforms, Security Experts Groups, Cyber Incident real cases….etc.
Can you discuss a time when you had to handle a security incident, and what steps you took to resolve it? (Word limit: 100 words)
Faced a ransomware attack. Post receiving auto alerts from the AV system, the first thing done was to cut off the network immediately to stop proliferation. The interrupted connection immediately halted lateral movement, and thus, the hacker couldn’t succeed in encrypting our entire IT system. With this failure to impact our company, there was no demand for ransom by the hacker. We reinstated the entire IT landscape back to normal through backup snapshots within 10 days. However, critical business systems like SAP and email were back in operation within a day. ‘Time to act’ is the main ‘essence’ of this subject because every millisecond counts. Incident response and management strategy require deep insight with details about what to do, when to do, why to do, and who can do in case of facing any cyber attack.