CISO’s Role Will Be Even More Challenging

by Sohini Bagchi    Apr 24, 2015


While organizations are increasingly focusing on ‘growth’ and ‘digital investment,’ what constantly gives them sleepless nights is the thought: “Whether my company’s data is protected?” Despite anxiety and increased awareness, IT security executives are often vulnerable to several such cyber attacks - that are stealing their data, causing revenue loss and damaging their market reputation. Sunil Sharma, VP Sales & Operations, India and SAARC, Cyberoam throws light on some of the key challenges in the cyber space, the changing role of CIO/CISOs and how the company is strengthening its foothold in the teeming marketplace.

With various high-level attacks on large enterprises in recent years, it is evident that hackers are getting way smarter. What are the three most important things security vendors need to focus on?

Absolutely! But so is technology like ours! Of course there are loopholes in multiple software solutions but one needs to understand that hackers succeed with their malicious plan because of the vulnerability of the user. His lack of awareness is the culprit.

Hence from the solution provider perspective, the 3 key things that we focus on would be:

1. Staying up-to-date with the today’s threats as well as tomorrow’s. Our Cyberoam Threat Research Labs are constantly collecting data from 175+ countries to protect our customers from malicious attacks and provides necessary updates to fix security vulnerabilities in our solution so that our customers can enjoy a smooth connectivity thus enabling better productivity.

2. Since security is tied to an individual rather than an IP it is important to spot a risky user faster so as to prevent any unfortunate breach or incident from happening. This can happen if network administrators know what is happening in their network at a glance. Cyberoam’s User Threat Quotient was developed keeping this in perspective.

3.  As we always believe and patented identity based Layer 8 technology is proof that the user is the weakest link in the network. IT Heads or managers should strive to create awareness on an everyday basis so as to empower the user to handle a malicious attack wisely and prevent themselves from becoming victims to the hackers.

What should be the role of CISO in a modern organization? How is the CIOs role changing today?

CIOs are usually responsible for the entire ICT Infrastructure in an organization and security is a part of his responsibility. A CIOs main task is to prioritize spends in multiple ICT domains to meet the business requirements. CISOs are now seen as strategic leaders who play a pivotal role in ensuring that security is weaved along with key business processes to promote security best practices while aligning security with business and IT goals while making organization grow compliant and security aware. Keeping this in perspective a CIOs role has become collaborative in comparison to the former years. 

 What are the key challenges for a security professional in the age of IoT?

IoT has begun progressing from a concept to reality. Soon it is likely to be a part of consumer and business ecosystems.

Machines will be collaborating with each other to execute tasks for humans. And the internet has to be the platform for them to communicate. Where there is internet there are threats. This simply translates to an increased number of privacy and security concerns.

For an individual or user, it is important to be aware before making optimum use of technology. They need to understand the positives and the short comings. Security needs to be a way of life since a small negligence can lead to a dangerous security breach.

Organizations have to ensure user awareness on a regular basis. Policies and compliances need to be defined before implementing IoT across the organization. A CISO would play a challenging role here.

Before implementing IoT devices in enterprise network, security managers must exercise adequate discretion to identify potential or latent security risks and must bias their sourcing decisions in favor of IoT vendor that have a clear commitment on security.  

Can you name some of your competitors? Moreover with the security market teeming with vendors – big and small – how do you survive and stay a few notches above them?

We continue to remain one of the leading network security players in India and command a significant share of the market together with increasing mindshare too. Since our customers continue to be the fulcrum of our R&D and innovation efforts, our growth is not confined to any specific vertical but emanates from various segments. We secure businesses in wide range of segments including Education, retail, health-care, financial services, government, defense, telecom, ISPs and managed service providers.

Moreover, for over a decade we have been steadfast as a truly channel driven company and have revolutionized channel business with unique opportunities, support & training ecosystem and reward mechanism. These differentiators keep us few notches higher from competition.

How has the acquisition by Sophos help Cyberoam strengthen its position in the market?

Having joined forces with Sophos, Cyberoam is all set to catalyze greater value and a wider range of innovative and differentiated products and solutions for customers. Together, we are poised to disrupt markets in network security (NGFWs & UTMs), wireless security, endpoint security and cloud-driven security.