5 ways CIOs can deal with security challenges posed by digitisation

V Ananthanarayanan, CIO, Sundaram Finance Ltd, speaks about how to shape a company’s strategy to deal with security issues. By Satyaki Sarkar

As part of his role at Sundaram Finance Ltd, Ananthanarayanan V takes care of the entire IT operations of the group and is in charge of the company’s data centre. He heads an IT infrastructure and application development team that takes care of in-house mobile app development in addition to home grown business applications. His extensive hands-on experience in software development, ERP, and project management have given him a unique perspective into the world of corporate IT and the challenges it is facing because of digitisation. Here, Ananth tells us how CIOs can take the pain out of digitisation.

1. Upgrade the IT team’s skill sets constantly
“The first and foremost thing that a CIO must do when dealing with digitisation is update his team’s skill sets. In this rapidly changing age of digital transformation, it is extremely important for the IT head to constantly keep on upgrading skills and proficiencies of his core team to keep up with the latest advancements. For that purpose, we need to be aware of the changes and innovations taking place, and create training modules and coaching sessions that can help enhance our security team. However, simply making them efficient and up-to-date is not enough, as we also need to create incentives and opportunities that will motivate them to push harder, and also stay with the organisation, instead of looking for better, more challenging opportunities. It does not always need to be a financial incentive, but through certifications, additional responsibilities, and a push towards discovering and adopting new processes and technologies, it is possible to keep them motivated.”

2. Embed a centralised, robust preventive framework
“With digitisation, a huge concern would be the topic of cyber security, which protects an organisation from outside threats and attacks. As such, it becomes imperative to boost and constantly update your organisation’s security framework. So far, even a moderate level of cyber security measures might have been enough to safeguard your company. However, with the onset of digitisation, one simply cannot ignore the need for a robust preventive framework that is centralised and covers every aspect of the organisation’s digital presence. Efficient tools to monitor systems, along with anti-virus and firewall softwares need to be installed on each and every company computer that might be a potential weak point, and the CIO needs to brainstorm with the security team and come up with the best ways to protect the cloud data. Additionally, in order to raise awareness and get everyone up to speed, CIOs should provide mentoring sessions, workshops, and training programmes that can help employees learn how to protect data and ensure the business is safe from any potential attacks.”

3. Make digitisation a company strategy to increase budgets
“When looking at digital IT, organisations need to be more flexible with their budget. A restrictive budget might become one of the major reasons for the lack of proper protection and safeguards against external attacks. While it need not be ostentatious, investment in security infrastructure is extremely important in the backend. For this, a CIO needs to be able to convince management about the need for an increased budget, while trying to explore the most cost effective methods that will have the highest return on investment. He has to look at the new IT digitisation strategy of initiating ‘Failfast Technology’. He has to test and try out the various options with very short time implementation duration. A CIO has to find a long lasting, failsafe technology as any delay might leave the organisation vulnerable. Therefore, not only the budget but also the embracing of new technology initiatives have to be planned and decided before the actual implementation.”

4. Revisit company policies to increase encryption
“Without proper encryption and password protection of sensitive domains, the company will be left open to a plethora of risks and liabilities that might jeopardise the entire organisation. Company policies have to be examined, revised, and reworked to ensure each and every vulnerable or sensitive part of the company’s online and offline data is secured. While the standard 128-bit encryption might work in most cases, it is best to devise ways to develop a more robust and advanced method of encryption, using non-generic keywords and alphanumeric combinations. Several good identity protection and encryption tools are nowadays available, and they must be put into place in strategic points of the systems.”

5. Increase company’s awareness of its employees
“Knowledge and awareness of an employee is a basic part of any organisation’s core responsibilities. But with digitisation, it becomes even more imperative. A company has to be able to penetrate and monitor the employee’s way of working, as well as the information that passes through his/her hands, without being explicitly intrusive. Proper background checks and verifications have to be put into place, and the company must make an effort to get to know and understand its employees personally. For that, corporate exercises like team outings, corporate gaming, and interactive sessions can be organised to increase their engagement and investment in the company, while fostering employee awareness. At the same time, a CIO must also monitor their skillsets, including their strengths and weaknesses, and devise ways to either leverage or improve them.” 

Categories:   Lifestyle, Work Buzz


Time limit is exhausted. Please reload CAPTCHA.