GEC NEWS WIRETell us in brief about your career as a Security professional. How have you seen your role evolving with time and pressure?
It has been 18 years in digital industry and 12 years alone in IT security space, the journey started with slow pace because those days IT security was limited to protecting IT infrastructure where as now is all about protecting enterprise information/Data, Infrastructure and people as well, it has become a more challenging though there are so many tools and technology but keeping a track of information flow and mapping with user behavior is very challenging role and over the period of time it’s going to change more as AI and Machine learning will take place rapidly.
What kind of gap do you see in the enterprise security space today?
I believe following are the biggest gap any enterprise has in security space.
“Awareness GAP” because there is no Sec_rity without U and user awareness is biggest gap in any enterprise has because technology is changing in very fast pace hence educating everyone in an enterprise about security and do’s and don’ts are the most important task and this is the only way to eliminate the Awareness GAP, one consistent and unwavering business goal should be the “culture of security” to improve the posture of security with in enterprise.
“Skill Gap” research shows corporate demand for cybersecurity skills is rising faster than internal supply, with innovative thinking needed to plug the gap – both in the acquisition and retention of key talent and it’s difficult to get good resources due to high demand.
What would be your expectation from a security solutions/services provider?
The pace of change for the security threat landscape is accelerating. To cope with the change and ensure success against challengers, I believe the security community needs to rethink the way it anticipates and responds to threats. It also needs to be more open and effective in the way it shares information and design solutions/products because security is not about restricting business but it’s about protecting business with adequate control.
When it comes to security, we all would agree that there is nothing as 100% secure. But how do you gear up to best protect your organization from an outsider as well as insider threat?
We have defined industries standard process and procedures and governing method, end to end monitoring and the most important we do educate every single user about security and threats with in the enterprise, also we do assess how well security is integrated with systems periodically by internal and external audit.
Digital forensics— as a concept and demand— is evolving quite rapidly since the last few years. How effective a tool can this be to nab the cyber intruders?
Digital forensics is an important tool for any digital incident response and it matters more now because all security incidents are related to digital world whether it’s online or offline incidents, also digital forensics are not only limited to corporate but it’s being used by law enforcement for investigation.
