—–Written By Sourabh Chakraborty & Edited By Sreeparna Sengupta
Speaker Name- Mr. Subramanian N (Subri)
Topic- Cyber Security
Date-Saturday, 13th November’ 14
“Cyber Security is an ATTITUDE and not a department is something we should definitely look forward to.”
The above lines were said by Mr. Subramanian, Technical Director, Management Consulting, KPMG in a much valuable guest lecture on Cyber Security delivered to the SCIT students on Saturday, December 13, 2014.
Within a few minutes of the commencement of the session everyone was aware that this session was going to be something special.
He started with giving a brief stint of his excellent 23 year old career covering wide areas on consultancy, project management, risk management etc.
Cyber Security is basically protecting information from internet. It has become the greatest threat for the organization today.
He gave examples of Security breach in Target, a US retailer where credit & debit card numbers of 40 million customers were stolen. He then talked about the security breaches of JP Morgan Chase and latest on the list of Sony Pictures.
He showed a picture of Edward Snowden to tell the story that how he leaked classified information from National Security Agency in June 2013.
He added that most companies do not consider security as a key aspect. But nowadays mindset of the top management is changing.
SECURITY is an INVESTMENT and not an EXPENSE!!!
Financial Sector is most prone to cybercrime in recent times. He also introduced ‘Cyber Security insurance’ which is designed to mitigate losses from a variety of cyber incidents, including data breaches, business interruption, and network damage.
He then gave a brief idea of different cyber security policies present in India and the world. In India at present there is only one act-IT ACT 2008 which deals with penal actions against cybercrime.
He also talked about some pointers what organization should do to be on the safer side. Some of them are:-
- Enterprise wide risk management( ERM)
- Robust Incident Response Plan
- Protection at Large
He also emphasized on the 3 core principles of managing cyber risk:- PREVENTION, DETECTION and RESPONSE.
He elucidated that some of the employee responsibilities which are a must for an employee nowadays are:-
- Incident Management
- Ensure Physical Security
- Keeping Inbox safe
- Desktop & Laptop Security
- Clean Desk & Clear Screen policy
- Internet fraud
The session ended with some pertinent questions from the students which were well answered by Mr. Subramanian. It was definitely one of the best guest lectures that SCITians got an opportunity to attend.