While elaborating on tips to strike a balance between adequate security, access, and employee experience, Mohit Gupta, Group CISO, Motherson Group, shares four principles which are critical for strengthening security postures of the organizations
What has been your strategy to secure systems in a distributed network?
We went for a refreshed risk assessment covering all endpoint types, all identity types, irrespective of whether it is a local user, a local admin, or a privileged account. But then, to be able to address all of it, we obviously had to pick some of the solutions. So, it could be in the form of EDR, MFA, PAM advancement and SOC to gain speed especially around those sole use cases. We again went ahead and refreshed our overall incident response plan to even cover more aggressive response mechanisms. The special focus has been around this privilege to support end users as well.
Do you also have some of your own technologies?
Yes, we have nearly 20 odd different custom applications, which are not only used for our business applications, but for our security needs as well. Irrespective of what we do, especially when it comes to integration, there is a lot of middleware that we had to create to be able to have this and to be able to gain the speed of how we respond to adverse situations.
How do you enable a balance between adequate security, access, and employee experience?
I would like to talk about two important things- foundational areas and employee convenience. User convenience should be one of the criteria. The way we are monitoring our security control implementation is a concern. The second foundation that I must highlight is protecting the employee identity. Also, when you strike this balance of user convenience over security, picking up technology is one aspect of it. But how effectively, efficiently, and smartly we are implementing those technologies is very important.
What should be the updates in the incident response approach for an organization to make itself resilient enough to identify, prevent, and recover from any disruptions that may arise from new threats, vectors, and attack techniques?
Data security and privacy regulations are evolving across the world in many geographies. You rightly use the word resilience that can only be done when we make sure that we incorporate all these aspects into the plan itself. So, we need to plan very deeply and very effectively. If at all, we don’t know, we should involve experts, and make sure that we incorporate each of such elements and prepare ourselves for the worst.
Do you think emerging technologies can act as an enabler to cybersecurity or are they just an area of concern for the CISOs? And how can organizations utilize such technologies to strengthen their cybersecurity posture and gain a competitive advantage?
Well, no one would deny that these emerging technologies are certainly important. I always focus on four core principles. The very first is security by default which is a cultural change to incorporate security in the solution planning itself. The second is defense in depth. The third principle I always admire is the solution, and any of the technology that we adapt should be scalable and agile. And the last important core principle is resilience by design. Again, not just to focus upon how to get back to business after something goes wrong, but important is how do we position the business to elevate the brand equity if something goes wrong, and gain and sustain the stakeholder’s confidence. I guess that is where the answer towards cyber resiliency lies.
What are your suggestions on the cyber resilience strategy and tips to help CISOs that will help recover from incidents quickly with minimum possible damage?
Let me first talk about one of the very important aspects, which is having complete visibility to your CMD. Not many enterprises do maintain CMDB to an extent that contains the utilities, and each of the software and assets that are there into their environment. There are a lot of blind spots. It is very important to have your response plans ready covering all possible scenarios that you could think of. Make sure that we remain agile and alert to the situation because no matter how much preparation that you do, we must readjust our approach when we are in the middle.