The Experts highlighted Modern Cloud Security Solutions at the Cyber Security Excellence Awards 2022- Mumbai Edition

On 7th October 2022, Quantic India hosted the Cyber Security Excellence Awards – Mumbai Edition at Hotel Novotel, Juhu. The round table conference was a major success, as it gathered 200+ attendees from various fields of cyber security. It provided a platform for experts to share their knowledge and experiences in the domain. Speakers discussed a range of topics including SaaS services, IT risks, IT ecosystems, MYOK, Cloud Data.

Key Highlights of the panel discussion:

• The rise of Software as a Service (SaaS) offerings has enabled businesses to adopt innovative solutions quickly and efficiently. However, this also creates a potential risk of shadow IT, which can largely remain undetected and ungoverned. As these risks continue to challenge security protocols, organizations must ensure they have the necessary measures in place to detect and protect against any malicious activity that may be occurring outside the scope of traditional security protocols.
• With the introduction of strict new data privacy regulations, organizations must be able to demonstrate effective ownership and control of their data protection plan across complex, geographically diverse, and hybrid IT ecosystems. This requires organizations to review their current technology infrastructure to ensure that it is capable of meeting the regulatory requirements for data privacy and security. Furthermore, companies must be aware of the various external compliance regulations that need to be adhered to in order to maintain a secure data protection environment. With the right strategy in place, organizations can ensure they are compliant with necessary laws and regulations while protecting the information of their customers.
• MYOK (Manage Your Own Key) is an approach that allows organizations to maintain tighter control over their encryption keys. With MYOK, organizations can use specialized software to ensure the security of the encryption key and reduce the risk of theft. This software provides enhanced protection for the key, such as multi-factor authentication, regular backups, and monitoring capabilities. Overall, MYOK gives organizations more control over their data security and helps protect against any potential threats to their encryption key.
• One way to get greater assurance when it comes to penetration testing is to ensure that the tests are done by a reliable third-party provider. This provider should have experience and expertise in this area and be able to provide evidence of their qualifications and certifications. Additionally, organizations should check that the tools used for the testing are up-to-date and relevant, as well as ensuring that their security policies and procedures are regularly reviewed. This will help to ensure that all tests are carried out in a meaningful manner.
• To make vulnerability management more effective, organizations should take a proactive approach to identify and prioritize risks. This means identifying any potential threats early through regular security assessments and audits, as well as patching vulnerable systems and applications quickly. Additionally, organizations should deploy automation solutions to streamline their vulnerability management processes and increase the efficiency of their security teams. By taking these steps, organizations can reduce their exposure to cyber threats and ensure their networks remain secure.
• Companies must ensure that their critical infrastructure is protected from any and all unplanned events. To do this, they must design and implement continuity, backup, and recovery plans with zero latency. This means that the data is kept up to date in multiple locations with no disruption or delay in service, allowing them to restore operations quickly and effectively should an unexpected event occur. A strong continuity, backup, and recovery plan can be the difference between business as usual and a lengthy period of disruption.
• As data centers become more efficient and scalable, the risk of cyber-attacks against physical infrastructure and IoT devices has risen dramatically. Cyber-attacks against physical infrastructure can be especially dangerous, as they are often undetectable until the damage has been done. Additionally, vulnerable IoT devices are at even greater risk as they can be easily targeted to gain access to networks or sensitive data. It is essential that organizations take steps to protect their data centers and IoT devices from malicious cyber activity.
• With the emergence of public and private cloud environments, it is becoming increasingly important to have deep visibility and control in order to properly manage heightened risk complexity. Without this, security gaps can easily develop, making organizations more vulnerable to threats and breaches. To ensure the safety of critical assets, businesses need to gain insight into all aspects of their cloud deployments and have the ability to stop any suspicious activities before they escalate. This level of visibility and control is necessary for organizations to maintain secure operations in both public and private clouds.
• Transparent cloud partner agreements are incredibly useful for identifying which type of cloud data needs to be protected. This is especially important when dealing with sensitive customer information or financial records that need to remain secure. Agreements should clearly spell out the requirements and responsibilities of both partners, so that everyone is aware of the expectations and can ensure compliance with security protocols. It is essential to have clear, transparent agreement documents in order to guarantee that customer data remains safe and secure.

Expert Moderator for the Panel: Vijayakumar C- Head of Information & Cyber Security, Standard Chartered Bank

Our Eminent Panelists for the Panel:

• Vijay Kumar Verma – SVP & Head Of Cyber Security Engineering, Jio Platforms
• Bijender Kumar Mishra – Sr. GM & CISO, Alkem Laboratories Ltd.
• Subhash Singh Punjabi – CISO & Head Of Enterprise Architecture, Deepak Fertilisers & Petrochemicals Corp. Ltd.

• Rajesh Dongre – VP & CISO, Kotak Mahindra General Insurance Ltd.
• Vikram Dhanda – CISO, Virtusa
• Praveen Mishra – SVP, Yes Bank
• Vishal Gautam – Sr. Director Of Engineering India Operations, Zscaler
• Sanjay Jain – SVP & CISO, NCDEX

The panel session was a highly informative experience that provided invaluable insight into the industry from experts. It was an amazing opportunity to learn more about the industry and get advice from those who have already been successful in it. You can soon join us at the 2^nd Annual Cyber Security Excellence Awards 2023 – Mumbai Edition.