The pandemic has forced companies to change their tack. From a purely work-from-office set up, enterprises have now moved to remote or hybrid working environments. Despite obvious advantages, such arrangements come with heightened security risks. According to a report, losses incurred from cybercrimes in 2020 amounted to $1 trillion.

Increased risk and hasty technology rollouts resulted in a spike in cybersecurity breaches. During this time, the role of chief information security officer (CISO) has become indispensable. A CISO is responsible for establishing and maintaining enterprise security and strategy to ensure the information assets and technologies are protected.

To understand the role and responsibilities of a CISO, Analytics India Magazine caught up with Saurabh Kewlani, head – IT & CISO, Hannover Re (India Branch). Hannover Re is the third-largest reinsurer in the world. The firm started its operations as a licensed foreign branch in India in February 2017. Kewlanii oversees the IT Delivery, IT Strategy and Cybersecurity at Hannover Re’s India Branch. 

Excerpts:

AIM: How did the pandemic redefine the role of CISO?

Saurabh Kewlani: There has been a significant impact on the role of CISOs due to the pandemic. The major shift has been towards securing the end-points of the remote employees, which tend to be more vulnerable as compared to a corporate network. The surge in remote work has increased the risks of cyberattacks. Statistics show that phishing attacks have increased by over 600 percent since March 2020. CISOs, therefore, have had to learn to patch their networks as quickly as possible and at the same time tackle new attack vectors. Much attention has also been drawn towards reviewing concerns with third-party apps used for video-conferencing and collaboration over cloud platforms.

AIM: What does a typical day look like for a CISO?

Saurabh Kewlani: CISO needs to be on top of things all the time. Cybersecurity threats and risks can manifest at any time as the attacker could be anywhere and in any time zone. A CISO, therefore, needs to be aware of the daily threats briefs and stay on top of the emails. To minimise a threat’s impact, a CISO has to constantly review the Response Plan to identify, contain and remediate risks. Especially in the post-pandemic world, a CISO also has to constantly educate the staff on how to operate in a Zero-Trust environment and ensure that employees receive regular Cybersecurity training. Not only that, CISOs have to educate themselves on the technological advancements to stay regularly updated. A CISO has to wear multiple hats, but not necessarily all of them on the same day!      

AIM: How important is it for a company to have defined roles for security and maintenance?

Saurabh Kewlani: It is imperative for organisations to define the roles for security and maintenance clearly. This helps in the understanding of how the protection of information has to be accomplished and communicated. The definitions of the roles help clarify, coordinate the activity and actions necessary to disseminate security policy, standards, and implementation.

AIM: What are the biggest trends in enterprise security right now?

Saurabh Kewlani: One of the most popular trends, which is also a leading concern for organisations, is data breaches. Any minor flaw or bug in the system browser or software is a potential vulnerability for hackers to access personal information. Some of the emerging security threats include:

• Automotive hacking: Hacking vehicles that are equipped with automated software (cruise control, engine timing, door locks) and with communication tools that use WiFi/Bluetooth.

• Cloud vulnerability: Cloud Platforms are vulnerable to account hijacking, data breaches & Insecure APIs.

• Mobile devices, which have become an integral part of an individual’s life, storing critical information and data has also come under the radar of bad actors.

However, the integration of AI with cybersecurity is a positive trend. AI-enabled threat detection systems can help predict new attacks and notify security teams of any data breach instantly. These trends are expected to continue in the near future and develop further.

AIM: How do emerging technologies such as AI and machine learning help in adopting best security practices?

Saurabh Kewlani: Artificial intelligence (AI), along with machine learning (ML), has brought tremendous changes in cybersecurity. This technology has been instrumental in building self-learning systems that are adept in identifying suspicious patterns, detecting threats and providing an automated response to cyber-attacks in real-time. AI/ML can help the security team classify internal data, spam and malicious activity with predetermined parameters. When used optimally, this technology can lighten the weight of a heavy cybersecurity workload and reduce human error and oversights.          

AIM: Tips to build a successful career in cybersecurity.

Saurabh Kewlani: Cybersecurity is a very broad field with multiple domains like digital forensics, network security, information security and many more. It is, therefore, important to research the different domains before kick-starting your career. Once the candidate zeros in on the path he/she would like to take, they should try to specialise in that domain and arm themselves with the required certifications. This will add value to the résumé and increase the chances of landing a job. Participating in hackathons also gives a lot of visibility to companies that are recruiting. Lastly, cybersecurity is an ever-evolving field. So one is always required to update existing knowledge and skills with the changing cybersecurity trends.