Infosys is building an integrated platform that performs incident response, monitoring, proactive threat intelligence, apply analytics, and automation to monitor security breaches/ threats. The platform uses analytics and artificial intelligence to predict and alert the client on potential threats. In a recent interaction, Vishal Salvi, chief information security officer (CISO) and Head, Cyber Security Practice, Infosys, tells SudhirChowdhary that more than technology itself, nurturing a culture that recognisescybersecurity as top priority is critical to establishing digital trust and resiliency in these evolving times. Excerpts:
How is Infosys ensuring business resilience and IT security for its clients in the new normal?
Challenges from the enhanced threat surface due to Covid-19 brought about a greater experience in handling cybersecurity with over 200,000 employees shifting out of the organisational boundaries in a short span. We were able to move about 95% of our employees to a work-from-home model during the first three weeks of the pandemic. The massive shift to a remote working culture put enterprises at the mercy of cyber hygiene.
For any enterprise to be able to protect data in a distributed network of remote workspaces, information tracking and security policies need to be deployed with the business able to minimise security risks and achieve business resilience. We made significant adjustments to the rules for monitoring and use-case generation so we could adapt to the new ways of working. All our endeavours, including data aggregation and analytics for operations and infrastructure provision planning, take into consideration employee privacy mandates. We developed new models to monitor employees for reasonable assurance of their productivity without conflicting privacy mandates.
Enterprises need to ensure a proper borderless security architecture is configured when devices connect from remote locations. Organisations which are not able to make this shift are the ones who are at a risk of falling prey to cyber attacks.
How can companies lean on security to foster digital trust with customers?
As digitisation becomes more advanced and cyber attacks get more lethal and sophisticated, organisations need to be always on their guard. One way of doing that is to keep an eye on security. The secret lies in empowering and enabling all stakeholders to practice security. The principles of secure by design and privacy by design can play an important role in ensuring that security is embedded at the beginning and in every stage of the business cycle. Security also needs to be designed into every enterprise architecture. Privacy-related regulatory mandates have made it essential to incorporate privacy by design in almost every project. This plays a key role for organisations to gain digital trust which is a huge competitive differentiator today.