Ramchandra Hegde, Vice President, Global Information Security, and IT Compliance, Genpact, in an interaction with EC’s Rachana Jha, discusses how Genpact is protecting its digital asset using a defense-in-depth philosophy and how new technologies like Artificial Intelligence can be a great help in curbing digital disasters
Some edited excerpts…
How do you see the present scenario of digitization in your industry?
Digitization presents a huge opportunity; both in terms of helping clients achieve their digital transformation, as well as driving digitization internally. It’s hard to find a company today that is not involved in at least some stage of digital transformation. In fact, in a recent study of C-suite and senior management that Genpact conducted with Fortune Knowledge Group, 82 percent of respondents plan to implement AI-related technologies in the next three years. Achieving enterprise impact from digital transformation is challenging with so many disparate, disconnected technologies in the market. Many companies use “Band-Aid solutions” which often results in multiple serial projects, lengthy development cycles, and sub-optimal results. To gain ROI and meaningful business results from digitization initiatives, it is the key to have an open, modular platform that can easily integrate various technologies.
Is cyber security a big concern for your industry?
Cyber risk presents a multi-faceted challenge. Incidents and breaches, or an inability to demonstrate an appropriate level of security can have significant implications on clients’ and customers’ perception of organizations, which is especially important in an industry like ours were Genpact is a trusted and reliable partner to helping running our clients’ businesses. This is driven by concerns around third party / supply chain risk, as well as regulatory focus on this area. Aside from external attacks from a variety of threat actors, there is the aspect of insider actions, both malicious and accidental, which can create a risk exposure.
What measures do you to take to mitigate these attacks? What are your strategies to combat such security threats?
Our security posture is driven by a defense-in-depth philosophy and is focused on the four pillars of people, process, technology, and partnerships. While preventive controls remain very important, enterprises increasingly need to focus on detection and response in today’s threat environment. Thus there is a strategic focus on processes and capabilities around situational awareness and threat intelligence and not just incident response, but more broadly around cyber resilience. Also, while more sophisticated technologies get a lot of attention, a relentless focus on basic hygiene is critical as it is the foundational layer.
Today, the insider threat is one important concern for CIOs and CISOs as insiders have more access to information and their activities can go undetected longer than external threats. What kind of processes do you have in place to prevent unauthorized use of information? What kind of technologies / solutions do you use to prevent theft or leakage of information from insiders?
If the right controls are present, the activities should not go undetected for long, and what might appear to be an insider activity might actually be a manifestation of an external threat. Technologies for access management and Data Loss Prevention have been mainstream in the industry for long, and a key aspect is to ensure these technologies and configured and run effectively. More recently, technologies like Cloud Access Security Brokers (CASB) and User Behaviour Analysis are helping to provide visibility into activities on the cloud, as well in developing as a holistic picture of user activity across multiple systems.
How technologies like Artificial Intelligence (AI) can be useful to your industry? In which areas do you think AI can be useful in security?
AI holds a lot of promise, and results are actually being seen in some use cases. For example, there are applications in risk management that use natural language processing, machine learning, and other AI technologies to piece together seemingly disparate pieces of information and help companies understand massive amounts of structured and unstructured data in real time. This can help identify and prevent security risks, and also such issues as anti-money laundering, fraud, corporate espionage, etc. While some of the typical use cases in information security are around anomaly detection, anti-malware, I think the next few years will see much broader experimentation and more interesting use cases come out.
For the security analysts, what is the approximate amount of work that will come down by using AI?
It is still early days in this area, and it could well be that the focus and outcome might not be just on the reduction of work, but in a shift in the type of work to more value-added or different work or using AI to augment and not necessarily replace.
Does AI have the potential to segregate false positives from the suspicious traffic?
The potential is already there especially with the right training sets and process, but again I think it is early days, and there will be learnings from the initial use cases. The system can be tuned depending on the success rates.
Can AI help in pinpointing the kinds of threat vectors which are sitting latent on the network waiting for the right opportunity?
Potentially, there are other controls that can be relevant in these scenarios. For example, isolation platforms, situational awareness and detection technologies also have a big role to play in minimizing the risk exposure. AI will bring great power but will also like require different levels of human intervention / validation and re-architecture of the overall solution framework. Thus, I think a good way of looking at AI is that it will be an important and relevant component of the overall solution framework for mitigating cyber risks.