Published on February 17, 2023
With rapid technological advancements and increased digital adoption, organisations are exposed to complex variations of cyber-attacks. Traditional Cyber Security practices that were established when data, IT infrastructure, and applications were located within a company's four walls are inadequate today. Adopting the Cloud, boundary-less networks, and connected devices have further increased the threat surface and exposed organisations to newer risks. Hence Cyber risk is now established as a critical enterprise risk. For the Tata Group, where there are companies of varying size, scale, and geographic spread of operation in diverse industries, brought together under a common brand name, assurance on adequate and relevant Cyber Security controls is paramount. Therefore, a common framework that can not only standardise but also help companies achieve best-in-class Cyber Security implementation is required.
Tata Business Excellence Group (TBExG), along with the Group Digital Office, evaluated multiple frameworks and selected the TCS Blue Tick framework based on parameters such as comprehensiveness, compatibility across industries, simplicity, and the ability to clearly identify critical safeguards which will help the Group companies develop its Cyber Security roadmap. The Cyber Excellence Reference Manual was formally launched at the Business Excellence Convention in December 2022 by N Chandrasekaran, Group Chairman, in the presence of Aarthi Subramanian, Group Digital Officer and S Padmanabhan, Chairman, Governing Council, TBExG.
Against this backdrop, TBExG conducted an EDGE Webinar in the format of a panel discussion on the Tata Cyber Excellence Programme on February 15, 2023. Sanjeev Singh, VP TBExG; Aparna Ganesh, AVP, Group Digital; Srimant Acharya, Head of Enterprise Vulnerability Management, Digital Forensics TCS Cybersecurity, and Debasish Das, CISO One Tata Operating Network, TCS, were the panellists, and Subhrajit Basu, General Manager, TBExG, moderated the session.
The webinar started with responding to the need for an Assurance Process for Cyber Security in the Tata Group. Mr Singh illustrated the programme's priority, highlighting some cyber security breaches globally and their impact on the brand and the business. Ms Ganesh then spoke about the initial steps by Group Digital to bring in the importance of having a Tata Cyber Excellence Programme. The discussion progressed with Mr Acharya explaining the criteria of the Tata Cyber Excellence Framework and its key segments, viz. Cyber Basic, Cyber Core, Cyber Resilience, and Cyber Strategic and its importance to the group companies given the threat landscape. Mr Das discussed the overall approach and how this will benefit the group companies.
The virtuous cycle of excellence followed in other excellence journeys will also apply to the Cyber Excellence Journey. Mr Singh explained how Cyber Excellence assessments would be conducted within the group, while Ms Ganesh highlighted the importance of monitoring Cyber Security posture at the Group level. The discussion concluded with a Q&A and concluding remarks by Mr Basu.
The Tata Cyber Excellence Programme aims to:
- Establish a common framework to standardise Cyber Security practices in the Group.
- Help Group companies with Cyber Excellence assessment and build a roadmap to reach a higher level of excellence.
- Create awareness of Cyber Security risks.
- Capture and monitor Cyber Security posture of the Group companies.
- Enable Best Practices sharing on Cyber Excellence processes.
Click here to access the EDGE portal for the webinar recording.