As the new year begins, security practitioners across the globe ask themselves what new challenges 2016 has in store. But beyond the new threats, these leaders have the additional challenge of having to worry about whether they will receive the empowerment and budgetary support to keep their organizations secure in the face of new and evolving paradigms.
While in India we are seeing the CISO role emerge distinctly in large as well as mid-market organizations, sometimes this role does not get the importance it should, says Jagdish Mahapatra, MD India and SAARC, Intel Security.
"While CISOs have become increasingly powerful at the top end of the market, in the market at large today CIOs may still be taking the call on security," he says. "At the end of the day, it's about ownership of the budget - you can make those policies, but in the end it [security] is largely with the CIOs" (Also see: How Is The CISO Role Changing?)
Mahapatra says security cannot just be restricted to policy-making. It's not necessarily where security reports into that is the issue; it's about empowerment - budget empowerment is critical here, he says. The good news is that he sees the shift happening. People are beginning to realize that the security role is far more critical than heretofore believed, and maybe should be peer to the CIO role.(Also listen to: Strengthen the CISO Office)
This is especially important in the context of technologies like IoT, for instance, he says. He believes that just like with the mobile revolution, India is going to lead the world in the application of IoT, and the security implications of this are massive. Many practitioners are already grappling with cloud and the fact that many network transactions are taking place outside the corporate network today; IoT will only accelerate these concerns. (Also listen to: 2016: The Year Hackers Exploit the Cloud?)
"The firewall is already losing relevance as Holy Grail of security when it comes to the cloud," he says. "With IoT, how will you now move your architecture and provision security services?"
Just as with the transition needed in the security approach from traditional endpoints to mobility, Mahapatra believes IoT is also going to need its own framework.
In this exclusive audio interview (Link to player under image) with Information Security Media Group, Mahapatra touches upon some of the top priorities for the security practitioner in 2016 and some challenges that he perceives, from his interactions with the community, and the path he sees security in India take. He shares his insight on:
- The unique challenges facing the Indian practitioner in 2016;
- Recommendations on dealing with the current landscape;
- Digital India and the security challenges.
Mahapatra is the Managing Director, India and SAARC for Intel Security. His key responsibilities include driving enterprise and consumer driven product revenues, strengthening the customer base across verticals and leading channel partner and alliance engagements. In his career spanning 20 years, he spent 12 year with Cisco in multiple roles from building the distribution channel, commercial cusiness to managing the largest sales vertical, IT services in his last assignment at Cisco. Prior to Cisco, he managed the networking business for Godrej Pacific for over three years. In the former part of his career, he was also instrumental in creating the manufacturing off shoring model in India which emerged as a significant game changing industry phenomenon during his stint at Larsen and Toubro.