“Identify your crown jewels, prioritize proactive risk assessments, and implement mitigation strategies to stay ahead of evolving cyber threats and effectively protect critical assets,“ says Anand Deodhar, Group CIO, Force Motors

Can you describe your current role, and what responsibilities do you undertake?

I currently serve as the Group CIO for Force Motors, Jaya Hind Industries, and the Force Rolls Royce JV, overseeing IT functions across nine plants in India. My responsibilities include developing technology roadmaps, driving digital transformation, and managing IT solutions and governance. I also focus on Industry 4.0 initiatives, IT operations, infrastructure, strategy, and cybersecurity. Additionally, I handle automation, cost optimization, SAP HANA, business applications, and dashboard analytics. My role encompasses IT policies, budgeting, MES, hardware/software procurement, vendor management, legal compliance, program management, new technology implementation, data management, talent acquisition, and team development.

How will you describe your journey in the cybersecurity industry?

My journey as a CIO in the manufacturing industry has been transformative and deeply rewarding. Overseeing IT operations across multiple plants in India, I have led digital transformation and Industry 4.0 initiatives, ensuring IT infrastructure and strategic technology advancements. In the cybersecurity domain, with a focus on CIA Triad— Confidentiality, Integrity, and Availability, I have implemented comprehensive security frameworks such as MDR, NGAV firewalls, IT compliance certification, SOD for SAP roles and responsibilities, user awareness programs etc. Apt in handling various critical scenarios, I am good at protecting sensitive data and systems from evolving threats. My focus has been on enhancing Governance, Risk Management, and Compliance, automating processes, optimizing costs, and developing business applications. By fostering a culture of continuous improvement and innovation, I’ve driven significant advancements in both operational efficiency and cybersecurity resilience.

If you could make one recommendation to the next generation of cybersecurity leaders, what would it be?

Here are a few recommendations:

1 – Identify your crown jewels, prioritize proactive risk assessments, and implement mitigation strategies to stay ahead of evolving cyber threats and effectively protect critical assets.

2 – User awareness is most important; together, we all need to defend, so foster a culture of cybersecurity awareness and education across all levels of the organization to empower employees as the first line of defence against cyber attacks.

3- Finally, technology is important as well, get the best defence system with the optimum cost & embrace a holistic approach to cybersecurity, integrating advanced technologies, policies, and continuous monitoring to ensure comprehensive protection of digital assets.

How do you stay current with the latest security threats and technologies?

Life is challenging, especially as a CIO. Unlike other roles where technology remains relatively stable and requires no major upgrades, the process I follow is:

1 – Try to engage in regular industry conferences, webinars, and forums focusing on cybersecurity trends and best practices.

2 – Have a focused group of technology leaders, wherein you can discuss with cybersecurity experts and connect with vendors to access timely threat intelligence and innovative solutions.

3 – Most important is conducting periodic security assessments and audits to identify vulnerabilities and implement necessary updates.

4 – I believe in team strength, I encourage continuous learning and skill development among the IT team to adapt to emerging threats and deploy cutting-edge security technologies effectively.

Can you discuss a time when you had to handle a security incident, and what steps you took to resolve it?

I can’t disclose any specific incidents, but here are some actions we need to normally follow:

1 – Isolate infected systems and perform active monitoring, such as through an EDR solution.

2 – Immediately respond by changing credentials, blocking administrative script execution, intensifying monitoring,

3 – Implementing MFA for critical systems (including AD), etc.

4 – Engage a specialized agency, separate from the current security service provider (preferably already onboarded).

5 – Notify regulators, CERT-In, etc.

6 – Ensure alternative communication channels are available.

7 – Thoroughly investigate and remediate the infection. Gradually rebuild systems and resume associated operations.

8 – Conduct a root cause analysis (RCA) and implement necessary controls.

9 – Maintain an approved and practiced plan for these actions.