C&L October 2017_LR (5)
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Vishal Salvi, Infosys<br />
Interview<br />
think that people should realise that's<br />
the change. In fact it was always there<br />
but it is now more fundamental now<br />
that people realise that you know you<br />
are accountable and you need to make<br />
sure that a business case needs to be<br />
presented. It is also about making sure<br />
that you are also accountable to get<br />
maximum return on investment.<br />
What is the importance of<br />
vendors collaboration in<br />
security and how does that<br />
impact the solutions that you<br />
choose within your<br />
organisation or for your<br />
organisation? Isn't<br />
collaboration essential for the<br />
new threats that are emerging<br />
in the enterprises?<br />
Generally speaking, you know<br />
most of the vendors have a closed<br />
approach towards their solutions<br />
and how they would want to bring<br />
them to the market. That definitely<br />
is a problem. Every security vendor<br />
has his own standard and strategy.<br />
And they haven't really been able to<br />
come together and create a common<br />
architecture and a common standard<br />
which the world will benefit. We<br />
obviously have challenges in the<br />
bureaucracy and the processes and<br />
practitioners also. So all these are<br />
loopholes which are exploited by<br />
cyber criminals who don’t have any<br />
processes that are very cohesive.<br />
As practitioners you have to do the<br />
best with what you have. For ex<strong>amp</strong>le,<br />
we invest in engineering, orchestration,<br />
and automation; so there is hope. But<br />
not many organisations are able to do<br />
that. We are able to do it but not many<br />
organisations are able to that and<br />
therefore, there is always a struggle in<br />
terms of depending on an external party<br />
to come and deliver that value.<br />
What are the top 3 things<br />
on your agenda in 2020<br />
as far as security is<br />
concerned?<br />
I think this year has largely been<br />
in terms of investing and building<br />
capabilities. We are actually embarking<br />
on a journey of operational excellence<br />
and making sure that every single<br />
control that has been invested on is<br />
actually delivering the value for the<br />
buck right. There are four important<br />
objectives: The first one is to build a<br />
team which will give assurance to our<br />
clients about security of their data<br />
and business that they are entrusting<br />
on us. The second objective is to<br />
constantly improve the efficiency and<br />
effectiveness of the controls that we<br />
have deployed. The third objective is<br />
to ensure that people remain calm and<br />
composed when you respond to cyber<br />
events and cyber incident that happen<br />
to your organisation so that you not<br />
only contain, but also recover from<br />
them quickly. The fourth objective is to<br />
build a security culture. At Infosys, we<br />
have various tools and methodologies<br />
along with the maturity models<br />
that we have defined, both of which<br />
focus on the improvements as well as<br />
operational excellence, and every year,<br />
we revisit ourselves and constantly<br />
evolve to deliver the value that our<br />
customers expect from us.<br />
<strong>October</strong> <strong>2017</strong> | CIO&LEADER<br />
19