Treat Security As a Business Problem FirstVeteran CISO Manoj Sarangi Shares Insights on Indian Practitioner Challenges
CISOs in India will not be able to develop mature information security programs until they address the formidable challenge of gaining the support of senior management, says Manoj Sarangi, vice president and CISO at HCL Technologies, an IT services company.
"Find a way to sell security as a business solution rather than a security solution," he says in an interview conducted at Information Security Media Group's Data Breach Summit. "Get down to the basics and break any initiative you are trying to push through into smaller pieces. At the end of it, it's not an IT or a security problem that you will be solving - it's a business problem that you are solving with any security program you want to run."
Winning support for security projects requires turning those projects into management initiatives, Saranji says (see: Security: How to Get Management Buy-In).
Based on his more than 20 years of experience, Sarangi advises CISOs just starting their careers in India to focus on the basics of security and keep learning about the changing environment, disruptive technologies and regulations.
"Never stop learning as this attribute is what will help a practitioner the most in coping with the dynamic threat landscape," he says."
In this interview (see audio player link below image), Sarangi also addresses:
- The major challenges for CISOs in India today;
- The security journey in India so far;
- Key issues for those new to an information security career.
Before joining India-based HCL Technologies in 2013, Sarangi was the group CISO at Indian conglomerate Aditya Birla Group. He has more than 20 years of experience in the technology domain, and formerly worked at Deloitte and IBM South Asia.