We Need to be Proactive, Vigilant and Assertive
We recently Interviewed Anil G, General Manager – Professional Services, Marlabs Software (P) Limited to understand his professional journey towards security leadership and also to understand his passion about information security. He has shared various information regarding his professional interest and opinions.
1) Tell us in brief about your professional journey till date.
Since more than 16 years I have served IT & ITES industry in information security, network security and compliance after having post-graduation in computer application with industry renowned professional certifications.
2) Why did you choose information security as a profession?
Information Technology continues to dominate automation business process, and IT infrastructure is becoming commodity market, I guess that market is already set and done. Information security is ever evolving and there are lot to learn and experience, which got me interested in this domain.
3) According to you what are the big challenges CISOs facing today?
As I said earlier, information security is multi-dimensional and ever evolving and there is no absolute secured network. The strife to protect is the key and that becomes the biggest challenge. We need to be proactive, vigilant and assertive to implement. Interestingly the security aspect always has challenges against operational performance. For example, more security, the more the compute resources
(be it laptop loaded with DLP, anti-virus or security patch update etc. or any aspect of security) have operational performance challenge.
4) Do you believe in ‘information security outsourcing’, and if so, to what extent?
It completely depends on what stage of security is outsourced. I don’t personally believe in “turnkey” outsourcing, which is always challenging. Rather than this, day to day, process driven activity can be outsourced.
5) How do you define the thin line difference between data privacy and data security?
Data security is commonly referred to as the confidentiality, availability, and integrity of data.
It ensures that the data is accurate and reliable and is available when those with authorized access need it. Data privacy is suitably defined as the appropriate use of data. All data should be used according to the agreed purposes.
6) What will be your suggestions to information security vendors providing solutions to reach your expectations and satisfaction?
Accordingly to my view, Information security vendors are cluttering solutions, which create difficulty to evaluate individual domain technical competency.