With cybersecurity growing beyond a buzzword, boardroom discussions are increasingly revolving around keeping data and systems safe, given that an outage of a day can demolish a year’s profitability. Though technology around cybersecurity is evolving continuously, so is the cyber-criminal, who uses the same technology to break in that is used to protect.
Maninder Bhardwaj, Partner, Risk Advisory at Deloitte believes that the role of CISOs would evolve even more and skillset gaps would get wider requiring more effort to bridge them. In a freewheeling chat with CXOToday (Click here to watch the video), he delved into issues that concerns cyber security that would pan out over the years ahead.
“What holds value, will always see a threat,” Bhardwaj says while recalling that in ancient times, kingdoms used to construct a fort for safety from attack and even have a moat with crocodiles to keep invaders away. Nothing has changed since then barring the fact that gold and silver have been replaced by data and systems in the modern era.
Given this situation CISOs, who used to report to CIOs earlier, are becoming mission critical to the company’s very existence and would witness a growing value within the companies, especially those that are embracing digital transformation at a fast pace. Today CISOs are accountable to the Board for any instance of security breach, however small. Boardrooms have moved from total ignorance to considerable knowledge over security. Now they need to take concrete action at prevention.
Bhardwaj lamented that India isn’t in the same league as countries having stringent laws to catch and prosecute cyber criminals. Though India is working on cyber-security regulations, we aren’t as well prepared to face threats as other countries, which is why enterprises in this region need to spend more effort and money on security prevention as the law as a deterrent is still weak.
He highlighted the talent gap in the cyber-security regimen with focus on developing requisite talent to develop cyber-security systems and constantly monitor and upgrade them. Senior security roles needs to be held by individuals with a nuanced understanding of data, information and business criticality, Bhardwaj feels.