Security awareness regarding data privacy and impact of potential breaches needs to be spread, says Mohit Kalra, Head of Information Security at RattanIndia Group. With Masters in IT and Graduation in Engineering, he carries 16+ years of rich experience across diverse industries including IT Services, telecom, financial services, power and manufacturing.
1. What would the threat landscape look like in the next 12 months?
Data Leakage through social engineering attacks, Whaling, E-Mail Security, RBI regulations, and Indian Data Protection Bill.
2. What would be the biggest drivers for security spending in 2020?
As a NBFC, biggest driver would be to prepare ourselves for upcoming Indian Data Protection Bill. DLP needs to be more robust and fine-tuned.
3. How is RattanIndia Finance’s cyber security strategy going forward?
Security awareness regarding data privacy and impact of potential breaches needs to be spread, in addition to implement stringent technical controls.
IT departments should be more focused in implementing security controls starting from fresh installation, harden the default configuration, and be more aware about Social Engineering attacks. Automation should be the key focus in operational tasks.
4. With your experience of steering technology, can you please share some of the unique lessons learned.
Keep the basics right, harden your systems, servers and devices, and test them regularly.
5. How has the CISO role changed over the time?
CISO has already got the place in Board members, which eventually increases their responsibility to partner and enable the business growth.
Understanding the rationales behind current controls and doing detailed due diligence is the most important aspect for CISO while designing or proposing any new security terminology, and accordingly prepare a business plan and implementation strategy (post giving customize user awareness).