Protecting Data Against Future AttacksOman Insurance's Bhatia on the Importance of Governance
Data breaches of the recent past have shown that an effective security risk governance structure is critical to protect vital data and information. This lesson applies especially to financial services, says Dubai-based Amit Bhatia, head of information security and governance at Oman Insurance Company.
"While the nature of attacks is changing, it is important for CISOs of the insurance sector to stick to the basics of data protection methods with the right blend of skilled resources and technology," he says.
"Security measures have improved in the last two to three years in this sector; still, a regulatory, compliance and risk frameworks needs to be in place with a proper security governance structure to meet challenges," says Bhatia.
Awareness about data privacy laws has not been up to the mark within the insurance sector, Bhatia says, adding, "It leaves much to be desired in safeguarding the reputation risk of the organization in terms of implementing good security standards."
In this exclusive interview with Information Security Media Group at the GISEC event in Dubai, Bhatia share insights on why alignment between security and business is critical in evolving an effective risk and governance framework. He also throws light on:
- Emerging threats;
- Security models suitable for the insurance sector;
- The state of information sharing in insurance.
Bhatia's had stints at various financial institutions including banking, prior to joining Oman Insurance. He is an experienced risk management security and governance professional. As head of security at Emirates NBD, he was involved in formulating information security standards baseline for Windows, SQL, Oracle, IIS, Web application security and others.
Varun Haran contributed to this report.