India’s CISOs: Facing Challenges with Confidence

As I reflect on the wonderful two days spent at the 5th Annual CSO Summit  organized by 9.9 Media, I was thinking back about the earlier summits and how the CISO role and the community has evolved in India over the years.

The Indian CISO is today dealing with even greater challenges than before – but is also sounding a lot more confident. This may perhaps be because of the much-overdue-and-deserved importance he (unfortunately, it is still an overwhelming “he” in India!) is garnering in the organization today.

Here are some of the key takeaways from the summit – gathered via my interactions and via the Annual CSO Survey* results presented:

The CISO is being heard by the Board The CISO’s role has certainly evolved and expanded over the last year. 64% of folks surveyed said they were involved in boardroom discussions on Governance, Risk & Compliance while 32% said they were even involved in boardroom discussions on strategy. This was heartening to note.

The Community of CISOs has expanded. Not only did the attendance at the summit give anecdotal evidence of this but the survey* also reflected this, saying 52% of organisations already had a dedicated CISO and another 18% planned to get one within the coming two years.

  • And they are coming from various other functions –  50% of those polled have not been a part of a CISO’s in their earlier roles. They are being inducted from various other functions like Risk, IT, Internal Audit, etc.
  • With less than 5 years of experience in the saddle. 60% of CISOs have been in their roles for less than 5 years

They are coping with the same challenges as their global peers: Regulatory Compliance, BYOD, Privacy, Data Protection & 3rd Party Risks are some of the emerging threats that are being seen by the CISOs

Most of the CISO’s time is being spent on Security Strategies and New Initiatives

New Initiatives being planned are in the domains of Data Leakage Management, User Awareness, Unified Compliance and Identity Management

Expectations from the CISO are also high. He is not only expected to have excellent technical skills but also be able to understand the business, communicate ROI, build a high-performance team and manage security operations

Amidst all this, the struggle for skilled resources continues. In the survey, 32% said they find it difficult to find the right resources while 50% said it was “manageable”. However, in-person interactions had many folks lamenting about their struggle for good team members

It would be interesting to see how 2013 pans out for the CISO community.

*Annual CSO Forum Survey 2012 – covering 111 individuals, across segments (BFSI, Telecom, Manufacturing, IT/ITES, Pharma, Auto, Media & Entertainment, etc) and orgn sizes (from  sub Rs.100 cr ($20M) orgns to 1000 cr ($200M) orgns

Posted By Shivangi Nadkarni, CEO, Arrka Consulting
@shivanginadkarn, @arrka2


About Shivangi

Arrka Consulting provides Consulting & Advisory Services in the areas of IT Risk. Whether you are a large organisation or an SMB or even an individual, we help address challenges that each of you face in this domain
This entry was posted in The CISO Community and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s