Who’s India’s best security strategist?

Indian CTOs have demonstrated immense maturity and speed in adopting new technologies and practices to ensure security of information in their organisations. This October, Network Magazine’s Security Strategist Awards will recognise the best security initiatives and the brains behind them

When it comes to information security, Indian enterprises have traditionally remained in reactive mode—sprucing up security systems only after it is attacked. But with the severity of security threats increasing everyday, they can no longer remain complacent.

Earlier, not too many Indian organisations had their networks connected to the Internet. However, the scenario is changing with increasing number of companies putting their core systems on the Internet.

This has heightened security risks for Indian businesses. Viruses are becoming deadlier each day. Software vulnerabilities allow black hat hackers (crackers) to play havoc with corporate networks. And then there’s spam that chokes bandwidth and also brings in new virus threats. Industrial espionage cannot be ruled out either.

While many have geared up to the challenge and implemented security solutions, their attention has been limited to the technology aspect of security.

The truth is well highlighted by the Ernst & Young’s Global Information Security Survey 2003: India Country report. Despite big talk about information security, a large number of Indian corporates (35 percent) are less than adequate in their ability to determine whether their systems are currently under attack. And only 28 percent of organisations are compliant with applicable security-driven regulations.

This proves the point that security does not end with technology deployment. Security is more of a process and mindset than a product. For instance, people are the weakest links and in effect the strongest defense to secure the information assets of any organisation.

No single product or service can comprehensively address the possible security threats to your IT infrastructure.

Strong, enterprise-wide security demands solution and technologies that bring in a combination of online technologies, processes, practices and trained people.

Identifying India’s best security strategists

Leading the organisation through the veritable maze of information security is by no means an easy task. It requires a multitude of skills beyond just technology know-how that can guide different components like technology, policies, processes and people towards a common goal.

A security strategist is one who takes a holistic view about security and ensures that every employee in the organisation from business leaders to users are aware of their role in the entire process.

Winners all: Mani B Mulki, General Manager - IS, Godrej Industries (Non-BFSI category), Nandu Bhat, General Manager- IT, Zip Telecom (SMB category) and S B Patankar, Director - IS, Bombay Stock Exchange (BFSI category)

This October, India’s leading CTOs/CIOs will compete to prove that they are the best when it comes to information security at the Security Strategist 2004 Awards to be held in Colombo, Sri Lanka.

The Security Strategist Awards instituted last year recognise outstanding initiatives by information security professionals (CTOs/CIOs or their equivalents) to secure their networks and information residing on those networks.

This year the awards are expected to attract participation for more than 150 of India’s leading CTOs/CSOs and IT heads. The awards ceremony will coincide with Technology Senate 2004—Network Magazine’s annual retreat for India leading IT brains.

Snapshots 2003

Only in its second year, Security Strategist Awards have become the most coveted in the industry and are considered by many in the IT industry as a benchmark to judge the effectiveness of their organisation’s security strategies.

Little wonder that the awards last year received nominations from over 80 of India’s top IT heads including the likes of HDFC Bank, Bombay Stock Exchange, Hero Honda, Birla Sunlife, ICICI Bank and many more.

Apart from being an industry first, the other distinguishing aspect of the awards is its selection methodology. A jury consisting of industry experts and eminent people from academia choose winners based on exhaustive interviews, some even running into two hours, where nominees are grilled to prove their claims about their information security initiatives.

The Security Strategist 2003 jury included some of the most respected people in the IT industry such as Dr Deepak B Phatak, chair professor, KReSIT, IIT Bombay, Lalit Sawhney, senior vice president, Reliance Infocomm and Felix Mohan, chief executive officer, Secure Synergy.

The main parameters used for judging winners include the nominee’s understanding of security matters in a holistic way, the effectiveness of the IT security framework and policies implemented and finally, information security vision for the organisation.

The categorisation of the awards is based on the maturity level and sophistication of security solutions required to ensure fair play.

For instance, the banking, financial services and insurance (BFSI) sector constitutes one category as these organisations require a different level of sophistication when it comes of information security.

The second one—the Non-BFSI category—includes all verticals except BFSI.

With increasing awareness among small and medium businesses on the perils of unsecure networks, a separate awards category for these organisations has been created.

S B Patankar, director – IS, Bombay Stock Exchange won the award for the BFSI category for his outstanding contribution in defining and implementing an effective security framework that governs the country’s oldest stock exchange.

The Security Strategist 2003 in the Non-BFSI category was given to Mani Mulki, general manager, Information Systems, Godrej Industries for their industry-leading security practices. Mulki has been instrumental in conceptualising a policy that not only aligns tightly with the company’s key business goals but also ensures effective enforcement. He’s put a dedicated IT security team in place that is quick and accurate when its comes to project implementations. The award in the SMB category went to Nandu Bhat, general manager, IT, Zip Telecom for his initiatives in ensuring the security of this telecom service provider.

Prof S Sadagopan, director, IIIT, Bangalore presented the awards at a special ceremony in Kochi, coinciding with India’s largest CTO event—Technology Senate—amidst a gathering of 200 top CIO and CTOs of the country.