The Evolving CISOBharti AXA's Parag Deodhar on Leadership, Value
Deodhar, CISO and chief risk officer at the Bangalore-based insurance company, has spent more than 15 years in the information security profession. He has seen the CISO role evolve to match the maturity of the sophisticated threats that now challenge organizations in all sectors.
But this bigger role also now commands a bigger spotlight from business leaders and boards of directors.
"A lot of CISOs actually present the security posture to the board on a regular basis," Deodhar says, and they have to be prepared to present security issues in a business context. Often, that means a discussion about ROI, or about the risk if the organization fails to invest adequately in security.
"If the [organization's] website were to be down for x hours due to an attack, what would be the business loss? What would be the reputation loss? If you are able to put this in quantifiable terms ... and if you are able to present this to the board, I think [board members] are able to understand [security] much better and support it."
In an interview about the evolving role of the CISO in India, Deodhar discusses:
- Essential skills for today's security leaders;
- How to create and communicate the value of security;
- Strategies for managing mobility and user awareness.
Deodhar is the chief risk officer and CISO at Bharti AXA General Insurance Co. Ltd. He is a Chartered Accountant, Certified Information Systems Auditor from ISACA, US and Certified Fraud Examiner from ACFE, US. He is the president of Bangalore Chapter of ACFE and member of the CII National Task Force for BCM and Risk Management. Deodhar has more than 15 years of experience in enterprise risk management, information security and forensics, audit, consulting and program management. He is experienced in handling large programs, including setting up new business initiatives, enterprise IT systems and companywide initiatives, such as ISO 9001/ISO 27001 certification, business continuity and disaster recovery and Six Sigma implementation.