Cybersecurity from the Inside Out: Modernisation, Security, and the People Factor.

India's paint industry has undergone significant technological transformations, and Berger Paints India stands at the forefront of this evolution. Leading the charge is Partha Protim Mondal, the Chief Information Officer at Berger Paints India. With an extensive background in IT and leadership roles at various prominent organizations, including Atul Ltd, Sanmina SCI Technology India, and Mahindra Satyam, Partha Protim Mondal brings a wealth of experience to his role. His expertise is pivotal in modernizing Berger Paints' IT infrastructure and enhancing its cybersecurity measures to protect against emerging threats.
The C-Suite Circle team connected with him and discussed his Point of View on Modernisation, Security, and the People Factor. Edited Excerpts:




As Berger Paints modernizes its IT infrastructure, how are you leveraging AI-powered security tools to address the unique challenges of securing your legacy systems? Are there specific areas, like threat detection or anomaly identification, where AI offers the most value for your legacy environment?

With the advent of Artificial intelligence (AI) or synonymously as it is called as Generative Artificial Intelligence (GenAI), industries irrespective of their myriad verticals, experience a radical shift in doing business driven by technology. While many of them have well-defined business use cases to be addressed by GenAI, many take this plunge out of FOMO (Fear of Moving Out). AI-powered applications can bring a sea change to the way we do business today and can bring substantial value propositions to address the unique challenges of securing legacy systems – it helps to strengthen attack surface risk management, improve the security posture, even for systems that were not originally designed with modern threats in mind.

In the modern world, most AI-powered security monitoring systems offer real-time intelligent detection, enhanced situational awareness, specialized training for security use cases, and continuous learning and adaptation. These capabilities are particularly useful for legacy systems that may have outdated security measures. These next-generation cyber security applications work on self-learning artificial intelligence. It autonomously detects, responds, and investigates deep persistent threats, unknown/zero-day threats, insider threats, supply chain attacks, etc., in real-time, without human intervention.

In today’s VUCA (Volatility, Uncertainty, Complexity, Ambiguity) world, most of the MDR (Managed Detection & Response) or EDR (Endpoint Detection & Response) systems have genAI-based threat detection, threat hunting and response which can identify and mitigate sophisticated threats, including insider threats, APTs (advanced persistent threats), and even AI-generated zero-day attacks that would have not been possible without the presence of GenAI. Another important arena in the security posture of any organization is UBA (User Behaviour Analysis) where GenAI can immensely be beneficial, it can identify unusual patterns that do not conform to expected behaviour, crucial for identifying threats hidden within large data volumes.


As the CIO, how do you determine which business functions are most vulnerable to cyber threats? Specifically, how do you assess the risk associated with critical processes, such as finance, supply chain, or customer data management?

Determining which business functions are most vulnerable to cyber threats involves a multi-faceted approach. Regularly revisiting and updating your cybersecurity strategy is crucial for staying ahead of potential cyber risks. Although the cyber security risks may vary based on the size of the organization, the nature of the business, the overall awareness of its stakeholders and many other parameters, however, a generic framework can always be defined.

Risk evaluation, identification and mitigation: A comprehensive assessment of risks is to be carried out (preferably by the expert cohorts) to identify, prioritize and critically evaluate the potential impact of the vulnerabilities on different businesses and functions alongside the likelihood of such threats materializing. Modern-age AI-powered cyber risk management applications | tools can help in prioritizing and automating vulnerability management, quantifying risks in monetary terms, and providing board-level cyber risk reporting (risk score). Engaging with cybersecurity advisory organizations and conducting vulnerability assessments and penetration testing (VAPT) can provide valuable insights into your security landscape and help identify areas that require intervention both from application and infrastructure perspectives. Penetration Testing and Application Security Review (DevSecOps) are other critical measures to identify the potential risks across domains of Finance, SCM (Supply Chain Management), or CDM (Customer Data Management). ESG risk and gap assessment can help to identify the risk associated with SCM and we can formulate the appropriate ESG strategy to mitigate such risks. For any organization, it is imperative to analyse the data (digital and paper format) and classify them aptly into various categories based on the confidentiality, business criticality and compliance perspective; especially for Master Data viz., Customers, Suppliers, SKUs, Recipes & Formulae | BoM, PIIs alongside the critical transactional data - such risks has to be identified along with business stakeholders and need to have proper mitigative measures to prevent any unauthorised access. The identified risks are to be reviewed periodically and to be monitored with rigour.

Mitigative measures: Cyber Security Policy & Governance: Chalk out the information security policies and ensure stringent measures are being followed to comply with the governance. Work closely with other executives and departments to integrate cybersecurity into the overall business strategy. Cybersecurity is not just an IT issue but a business one. Develop and regularly update an incident response plan. This should outline the steps to take in the event of a cyber incident, including containment, eradication, and recovery processes. Ensure compliance with relevant cybersecurity regulations and standards. This can help in aligning security practices with industry benchmarks. 

Stay Vigilant: All digital assets should be up to date for proper governance and controls, and this would also lower the cybersecurity risk. Stay informed about the latest cyber threats and trends by leveraging threat intelligence sources. This can help in anticipating and preparing for potential attacks.

Empower stakeholders with training: People are the weakest link in the cyber security landscape. It is of paramount importance to ensure that employees are trained on cybersecurity best practices. Human error is often a significant vulnerability, so raising awareness can help mitigate risks.

82% of cyber attacks occur due to a lack of employee training, how are you prioritising employee awareness training to combat emerging cyber-attacks?

In any enterprise, employees are the weakest link and most vulnerable to cyberattacks; thus, we need to educate them on the impact and various components of cybersecurity incidents. We launch multiple training programs on Cyber Security Awareness to make business users acquainted with myriad elements of Cybercrimes, viz., Phishing, Smishing, Vishing, Spamming, Cyber Incidents, Coercion, Data Breaches etc., along with the mitigative measures to prevent such incidents. On successful completion of such training programs, the certificates can be issued to the employees as an appreciation. Most importantly, post such a program, we also launch a simulation program which helps us to understand the effectiveness of the training programs.

 

As a CIO, what leadership traits are essential for driving cybersecurity initiatives effectively?

To secure your security posture, we need to develop a Cyber Security culture as an organisation wherein the cyber Security concept would not be confined to or perceived as ‘ONLY the IT’s responsibility’. Cyber Security, indeed, is a journey and not a destination and every business and function should join hands in this journey. Cybersecurity culture development mostly is a top-down approach and should be driven by the Leadership team. The most important leadership traits for driving cybersecurity initiatives effectively are:
(a) Continuous strive for knowledge on security risk and associated measures, staying vigilant and informed is key.
(b) Effective communication and collaboration to deliberate the concept and its impact on all concerns, and educate users through training awareness programs.
(c) Proactiveness to strengthen the Security posture and effectively validate attack surface risk management.
(d) Embrace the nextGen technologies to strengthen the security landscape.



*This is part of a community-building initiative. The content is not produced by the editorial team and no Techcircle reporter was involved in its creation or publication.