Published on September 20, 2022
The inaugural Cyber Excellence Assessor Programme (CEAP) was held in Mumbai on September 14, 2022. This programme was attended by Chief Information Security Officers (CISOs) and their nominated professionals from various Tata companies.
It was inaugurated by S Padmanabhan, Chairman - Governing Council, Tata Business Excellence Group (TBExG). In his inaugural address, Mr Padmanabhan emphasised the importance of cybersecurity and its impact on the trust it invokes in a customer and the brand image. He said, “In a group like ours, where companies of varying size, scale and geographic spread in diverse industries, brought together under a common brand name, assurance of adequate and relevant cybersecurity controls is increasingly essential.” He also stressed upon the larger purpose of the cyber excellence journey, i.e. to protect the brand Tata, and mentioned how company boards are interested in the subject.
This was followed by a Q&A session with the Tata Sons Group Chief Digital Officer, Aarthi Subramanian. During this session, Aparna Ganesh, AVP - Group Digital, Tata Sons, posed a few questions to Ms Subramanian, followed by questions from the participants. Ms Subramanian responded to each one of them. She highlighted the importance of protection to the ‘connectedness’ as most of our operations, customers, employees, and products are getting connected, thus increasing the risk of cyber-attacks. She also mentioned the importance of cyber resilience and digital trust.
Santha Subromani, Head - Cyber Security Practices, TCS, spoke on the difficulty of building resilience today, owing to the hybrid workforce, explosion of connected devices, stringent data and privacy regulations, increased cloud adoption and business models involving ecosystem partners. She also spoke on the number and severity of rising attacks in a world getting riskier. She emphasised the cost of business loss and mentioned that cybersecurity is a defence issue and corporates are obligated to customers and the government.
The subject facilitators for the CEAP were Srimant Acharya, Head-Enterprise Vulnerability Management and Debasish Das, CISO, OTON of TCS. They covered the aspects of the cybersecurity framework, controls and safeguards. They also highlighted the importance of leadership and strategy in the cyber excellence programme. Both took the participants through the assessment portal developed for the purpose and helped them get an orientation.
In the post-lunch session, the participants were divided into four groups with specific case studies. They deliberated on the context and assessment outcomes and identified the key strengths and opportunities for improvement. The discussion also attempted the question of what should be presented at the Board level.
During the concluding session, Sanjeev S Singh, Vice President, TBExG, explained the assessment process and illustrated the difference between the assessment and audit. He also thanked the CISOs and participants who had engaged in the day-long programme and invited them for the initial assessments planned during the next quarter. Mr Singh acknowledged the efforts put in by Ms Ganesh and Saikumar Swami of Group Digital, Tata Sons; Subhrajit Basu and Sushant Mallik of TBExG and Mr Acharya and Mr Das of TCS for co-creating the inaugural CEAP.