India & SAARC Summit
Virtual Summit May 17 - 18, 2022
With the hybrid workforce model continuing to stay, the enterprises across India and SAARC continue to see the convergence of personal and employer applications and data on the same home network and multiple devices, throwing up significant challenges. CISOs have the daunting task of segmenting the two domains by applying best security practices. One of the reports states that over one-third of cybersecurity technologies used by Indian organizations are outdated. Large enterprises are deploying concepts such as 'zero trust,' and most seem to be investing in SASE, the cloud-based service model. There is a cybersecurity skill gap across all the enterprises in the region, which becomes the biggest bottleneck in building a resilient cyber enterprise. To gain insights into how to address these challenges and use the right technology and frameworks, attend ISMG's virtual cybersecurity summit as the global and regional cybersecurity thought leaders discuss critical aspects of cloud security, XDR, enhancing the security posture through automation, cryptocurrency, IoT, closing the skill gap, IAM rise of ransomware gangs, supply chain threats and more. ISMG's programs provide actionable education and exclusive networking opportunities with peers and subject matter experts.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
Lt General Rajesh Pant
National Cyber Security Coordinator
National Security Council Secretariat
Pant is presently holding the prestigious appointment of National Cyber Security Coordinator in the National Security Council Secretariat of India. He is responsible for coordinating all activities across multiple sectors to ensure secure and resilient cyberspace within the nation.
Ashutosh Jain
CISO
IndusInd Bank
Jain provides strategic direction and delivers cybersecurity, information risk, and security governance at IndusInd Bank. He has been specializing in technology risk and information risk for about two decades at regional and global levels at various multinational banks and financial...
Sudarshan Rajagopal
Security and Compliance Lead
Shell India Markets Pvt Ltd
Rajagopal is CC manager — Security and Compliance at Shell India Markets Pvt. Ltd. He is responsible for setting up and leading information risk management experts who are quick to identify and implement improvements in the field. Prior to joining...
Manish Dave
Head of Information Security
Aarti Industries Ltd
Dave is the head of information security at Aarti Industries Ltd. He has rich industry experience of 30 years in various IT functions, including infrastructure and operations, networks, and data center management. Of these, over 16 years were dedicated to...
Advisory Board
Mubashir Mir
Technical Solutions Architect
Cisco Secure
Mir is a technical solutions architect, APJC, at Duo Security, Cisco. Prior to joining Cisco, he was the senior principal engineer at Dell Technology. He was also the global technical architect for the modern workspace at Unisys.
Agnidipta Sarkar
Group CISO
Biocon
Sarkar is the group CISO at Biocon. He is leading a panel to write a standard on cyber resilience for the Bureau of Indian Standards. He has 30 years of experience as an auditor, board advisor, consultant, business leader, and...
Sumeet Prasad
Vice President-Cybersecurity
Wells Fargo
Prasad currently leads the Cyber Security Defense function within Information and Cyber Security at Wells Fargo India. He has close to two decades of experience in cybersecurity and IT across industry and consulting organizations, predominantly in the banking and technology...
Sunari Dandeniya
CISO
Commercial Bank of Ceylon PLC
Dandeniya is CISO of the Commercial Bank of Ceylon PLC. She has 15 years of experience in information technology, and her focus areas include information security, audit, and risk management. She is also an IRCA-certified Information Security Management Systems (ISO...
Shivani Arni
Information Security Officer
TransUnion
Arni is the information security officer at TransUnion CIBIL. At TransUnion, she is in charge of managing information security for all assets that TransUnion has in India — TransUnion CIBIL being the primary data source consisting of India’s leading consumer,...
Sk. Shakil Ahmed
Head of Technology
Nagad
Ahmed is the head of technology at Nagad, a financial services firm in Bangladesh. He is an established security expert in the financial industry and brings 20 years of experience in various IT roles, of which 10 years were dedicated...
Dr Yask
CISO
Indian Oil Corp
Dr Yask is the chief information security officer of Indian Oil Corp. Ltd. With over two decades of experience, he oversees cybersecurity operations, infrastructure, and governance within the organization.
Akhil Verma
CISO
Paytm Money
Verma is CISO of Paytm Money. He has 18 years of experience in IT, information security, and cybersecurity. He has worked for organizations including Oriental Bank of Commerce, Canara Bank, and Airtel Payments Bank. He holds several cybersecurity certifications, including...
Sudip Banerjee
Field CTO, APJ
Zscaler
Banerjee is the field CTO for APJ at Zscaler. He has expertise in the banking and finance industry, with experience in driving digital transformation programs, public cloud SaaS adoption, and re-architecting network infrastructure for enhanced user productivity.
Geetha Nandikotkur
Managing Editor & Conference Chair, Asia & Middle East
ISMG
Nandikotkur is an award-winning journalist with over 20 years of experience in newspapers, audiovisual media, magazines and research. She has an understanding of technology and business journalism and has moderated several roundtables and conferences, in addition to leading mentoring programs...
Pushkal Mishra
CISO
Dr Lal PathLabs
Mishra is CISO at Dr Lal PathLabs, where he leads enterprise-wide development and execution of information security and privacy programs, technologies, and processes. He previously worked with premium brands including Microsoft, Akamai, and HDFC ERGO.
Anuj Tewari
CISO
TMF Group
Tewari is CISO at TMF Group, where he is responsible for the digital transformation of Technology Risk and Cybersecurity program for the firm and its customers. Previously, he was CISO at HCL Technologies and the head of cybersecurity practice for...
Arvind Sivaramakrishnan
Group CIO
Apollo Hospitals
Sivaramakrishnan is CIO of Apollo Hospitals Enterprise Ltd. He is responsible for IT strategy and implementation and drives the digital transformation initiatives at Apollo Hospitals. He has experience in management consulting, architecting, and building solutions for enterprise-wide applications.
Conference Chair and Co-Chair
Mathan Babu Kasilingam
Chief Technology Security Officer & DPO
Vodafone Idea Ltd
Kasilingam is the chief information security officer of Vodafone Idea Ltd. With over two decades of experience in information and cybersecurity, he was instrumental in building a robust cybersecurity defense and response mechanism for NPCI. He is also a member...
Tarique Amin Bhuiyan
Managing Director
Dhaka Stock Exchange
Bhuiyan is the managing director of Dhaka Stock Exchange (DSE) Ltd. With over 25 years of experience, he is a skilled and experienced leader in administration and business management, digital and financial technology, and IT. He is also the founder,...
Deepak Kumar (D3)
Sr. Cyber Intelligence and Digital Forensics Professional
Kumar is a senior digital forensic and cyber intelligence professional in India. He is currently engaged with projects related to cyberthreat intelligence, security operations center, and capacity building for cybercrime and digital forensics domains. He is an active member of...
Atanu Roy
SVP & GROUP CIO - INFO-TECH
Biocon Ltd
Roy is the group CIO at Biocon Group. He has been one of India's most respected pharma sector Global CIOs for over a decade. He spent over 14 years in the consulting space and has led digital transformation in two...
Vivin Sathyan
Senior Technical Evangelist
ManageEngine
Sathyan is a senior technology evangelist at ManageEngine, a division of Zoho Corp. He presents POCs and takes care of implementation and product training in the domains of AD Solutions and IT security. He is a regular speaker at international...
Rahul Dani
Senior Solution Engineer - Networking & Security
VMware
Dani is a senior solution engineer at VMware, responsible for helping customers design secure multi-cloud solutions for delivering modern applications and security solutions. He has helped BFSI, PSU, and ITES organizations across India and Sri Lanka in their digital transformation...
Scott Flower
Adjunct Associate Professor at University of Western Australia and Director
Pareto Cyber
Flower is the global intelligence officer for Asia Pacific at FS-ISAC. His role involves leading APAC's largest cyberthreat fusion analysis cell protecting the global financial sector. Prior to joining FS-ISAC, he worked for international security research and intelligence analysis in...
Shirantha Peiris
Head-Information Security
Mobitel
Peiris is the head of information security at Mobitel, Sri Lanka, where he is responsible for overall security strategy development, implementation, and governance-related activities. He has over 18 years of ICT security experience, of which 15 years were specifically focused...
Seema Kumar
CTO, Global Partner Solutions
Microsoft
Kumar is CTO — Global Partner Solutions, Microsoft India. She works across the diverse partner ecosystem of GSIs, services, and ISV organizations, to align and enable them on Microsoft technologies, accelerate repeatable IP-based solutions, and practice development.
Suparna Goswami
Associate Editor
ISMG
Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she...
Rohas Nagpal
Chief Blockchain Architect
Hybrid Finance Blockchain
Nagpal is the chief blockchain architect at HyFi Blockchain. With over 20 years of experience in cybercrime investigation and cybersecurity, he co-founded the Asian School of Cyber Laws in 1999 and investigated cybercrimes and data breaches for hundreds of organizations.
Milind Mungale
EVP & CISO
Protean eGov Technologies Ltd (Formerly NSDL e-Governance Infrastructure Ltd)
Mungale is the executive VP and CISO of Protean eGov Technologies Ltd. He is heading the information security, cybersecurity, network security, IT infrastructure, and data center functions of the organization. He has been given the charter to establish sustainability principles...
Advisory Board
Anuprita Daga
President & CISO
Yes Bank
Daga is the president and chief information security officer at YES BANK. She is a business development professional skilled in operations management, team building, pre-sales, and management information systems (MIS). Prior to joining YES BANK, she was CISO of Reliance...
Brijesh Singh
Additional Director General of Police
Govt of Maharashtra
Singh is inspector general of police (cyber) in Maharashtra. He successfully implemented a criminal tracking and networking systems project in Maharashtra. He is also a designated special inspector general of police for women atrocity prevention, a special authority created by...
Kumar KV
Group CIO & CISO
Narayana Health
Kumar is the group CIO of Narayana Health. As a senior technology and security leader with more than two decades of experience, his expertise lies in digital strategy, systems design and development, enterprise architecture, and information security and privacy.
Vinayak Godse
Senior VP
DSCI
Godse is the senior vice president of the Data Security Council of India (DSCI). With 18 years of experience in information security and IT, he is managing a program for defining data security and privacy practices, based on which a...
Sujit Christy
Group CISO
John Keells Holdings PLC
Christy is the group CISO at John Keells Holdings PLC. He is a governance, risk, compliance, and cybersecurity professional. He is also the president/board member of the (ISC)² Colombo Chapter, Sri Lanka, and serves as an advisory board member for...
Sanjay Kumar Das
Joint Secretary, State CISO
Government of West Bengal
Das is the Joint Secretary and State Information Security Officer of the Government of West Bengal. He served as an Intelligence Officer with IB, MHA, and Govt. of India for four years. He is a Certified Lead Implementer Professional in...
Manish Sinha
Director of Sales Engineering, South Asia
Trellix
Sinha is the director of sales engineering — South Asia at Trellix and is responsible for sales engineering and technical operations. As a cybersecurity veteran for 20 years, he has helped organizations strengthen their security posture and incidence response frameworks.
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
Schneider is the senior director for Cybersecurity Services at Venable LLP. Prior to Venable, Schneider served as the U.S. federal CISO, the U.S. deputy federal CISO and as senior director for Cybersecurity Policy on the White House National Security Council....
Arvind Sharma
Enterprise Technology Specialist, APAC
Trellix
Sharma is an enterprise technology specialist for Trellix Device Security portfolio. He is responsible for developing Trellix’s device security solutions including endpoint security, application control, server security, and endpoint detection and response.
Shahla Khan
Global Black Belt - Zero Trust
Microsoft
Shahla is global black belt - zero trust at Microsoft. She is a passionate and self-motivated leader with experience in multiple domains, including cybersecurity, cloud security (Azure and AWS), IT GRC, data privacy, vulnerability assessment, and pen testing.
View Agenda
Welcome to ISMG's India & SAARC Summit

The summit's objective is to provide education and exclusive networking opportunities for the participants with peers and subject matter experts. The program has been carefully designed with the support and guidance of the 'editorial advisory board,' including senior thought leaders from the India & SAARC region, to capture the regional security challenges that resonate with their current concerns. The India & SAARC editorial advisory board includes:

Conference Chair:  Ashutosh Jain, CISO, IndusInd Bank

Conference Co-Chairs:

  • Brijesh Singh, Additional Director, Govt. of Maharashtra
  • Sujit Christy, Group CISO at John Keells Holdings PLC, President at (ISC)2 Colombo Chapter


Advisory Board:

  • Biswajit Chakraborty, Cybersecurity Consultant and EX-Head-Cyber Security –CoE, Larsen & Toubro Infotech
  • Bithal Bhardwaj, Group CISO, GMR Group
  • Mathan Kasilingam, Technology Information Security Officer& DPO, Vodafone Idea Ltd
  • Md. Mahbubul Alam (Rafel), Head of Information Security Division, Prime Bank Limited
  • Narendra Mainali, CISO, NIC Asia Bank
  • Pushkal Mishra, CISO, Dr Lal Path Labs
  • Shivangi Nadkarni, Co-founder & CEO, Arrka  
  • Sridhar Sidhu, Senior Vice President and Head of InfoSec Services Group, Wells Fargo
  • Dr Yask, CISO, Indian Oil Corp
  • 09:00 AM
  • 09:14 AM
Plenary Session: Establishing a Cyber-Resilient Enterprise in 2022: Are the C-Suite and Board on the Same Track?
Tarique Amin Bhuiyan, Managing Director, Dhaka Stock Exchange

Enterprises across India and SAARC are encouraged to invest in the infrastructure needed to build a secure and robust platform for business transformation and support the digital economy.   

The session will cover:  

  • Are they able to align their strategy with the business priorities and rise up to the expectations? 
  • What does digital innovation mean to security, and where is the disconnect? 
  • What needs to change, both tactically and strategically, to build a cyber-resilient organization?
Tarique Amin Bhuiyan
  • 09:15 AM
  • 09:44 AM
Keynote: Changing Nature of Global Cyberspace: Government and Enterprise Security Preparedness
Lt General Rajesh Pant, National Cyber Security Coordinator, National Security Council Secretariat

Various governments have been striving hard to build a future of cyberspace that is open, interoperable, secure and reliable. With significant improvement in cyber offense capabilities, the global cyberspace has become more vulnerable to attacks. 

It’s time to bolster the cyber defense capabilities among government and enterprises. Experts say the cybersecurity establishment must think of countermeasures factoring in the cyber defense, offense and balance, especially when the nature of the attack gets more sophisticated. The keynote session will cover:  

  • The changing nature of cyberspace
  • Key essentials to prepare for the changing cyberspace
  • Establishing secure and resilient enterprise that endures attacks
  • Balancing cyber defense and offense capabilities
Lt General Rajesh Pant
  • 09:45 AM
  • 10:14 AM
Protecting the Hybrid Workforce Using a Zero Trust Approach
Mubashir Mir, Technical Solutions Architect, Cisco Secure

Today, the mobility of the modern workforce has empowered users and devices to connect anywhere. Employees and users have more control over the applications they use. These applications are no longer behind the firewall as users can connect directly to work applications over the internet using their own devices. The most significant risk of hybrid workforce for enterprises would be the risk of identity and user access. 

The industry is abuzz with the concept of ‘zero trust’ being applied in securing the hybrid workforce in this perimeter less world, challenging the CISOs in securing the ecosystem. 

 The session will cover: 

  • How to secure user access from any device and applications
  • Establishing security-by-design model using the ‘zero trust’ approach
  • How to adopt the ‘zero trust’ security
Mubashir Mir
  • 10:15 AM
  • 10:30 AM
  • 10:30 AM
  • 10:59 AM
Track C
Sudip Banerjee
Track C: Securing Your Business Environment Using a Zero Trust Security
Sudip Banerjee, Field CTO, APJ, Zscaler

As organizations have already embarked on their digital transformation journey, moving to a ‘zero trust’ concept is a major step toward building your overall security architecture on the philosophy of challenging everything and ‘trust’ nothing.  

The fundamental question for security leaders is why you need to launch a ‘zero trust’ initiative and make it your top priority. How does it secure your business environment amid the escalation threats and real-time system complexity? 

The session will cover: 

  • How to embark on a ‘zero trust’ journey
  • Why a comprehensive ‘zero trust’ architecture matters
  • Securing your business environment with a ‘zero trust’ exchange
  • 10:30 AM
  • 10:59 AM
TrackA
Rahul Dani
Track A: Using an ‘Intrinsic Security’ Approach for Modern Application and Cloud
Rahul Dani, Senior Solution Engineer - Networking & Security, VMware

As organizations grapple with building security into their cloud applications to help thwart cyberthreats, experts recommend an intrinsic security approach that will help develop an easy and seamless path. 

Since it would be difficult to defend what you don’t see, intrinsic security will provide a framework that has security built-in rather than bolted-on, helping to provide the most robust and scalable network and security platform.  

The session will cover: 

  • How to visualize, operate and automate network and security for your applications across cloud environments using an intrinsic security approach
  • How to operationalize security 
  • Building a defense-in-depth model by applying the ‘built-in’ security framework
  • 10:30 AM
  • 10:59 AM
TrackB
Seema Kumar
Shahla Khan
Track B: Establishing Least Privilege Access Across the Multi-Cloud Infrastructure
Seema Kumar, CTO, Global Partner Solutions, Microsoft
Shahla Khan, Global Black Belt - Zero Trust, Microsoft

As organizations embark on their cloud journey, cloud security is getting more complex, yet it is still a constantly growing field. In addition, the unmanaged permissions are expanding the attack surface, increasing the challenges of visibility and control for security leaders.    

The big questions before the CISOs now are how to restrict permissions for any identity or resource, and how to apply the least privilege principle to this layer of complex cloud infrastructure with increased attack surface. 

The session will cover: 

  • New access control challenges with multi-cloud adoption 
  • How to bridge the access and permission gap 
  • How to use a ‘zero trust’ approach to manage least privilege access
  • 11:00 AM
  • 11:29 AM
TrackA
Arvind Sharma
Manish Sinha
Track A: Demystifying and Designing a Long-Term XDR Strategy
Arvind Sharma, Enterprise Technology Specialist, APAC, Trellix
Manish Sinha, Director of Sales Engineering, South Asia, Trellix

As a CISO or a key member of your organization's SecOps team, you've watched the attack surface expand over the last decade. The target field of endpoints has dramatically expanded to other attack vectors, forcing a shift from EDR (endpoint detection and response) to XDR (extended detection and response). 

The session will cover: 

  • Why organizations should adopt XDR architecture to enhance threat detection & security operations capabilities 
  • How to build a long-term XDR strategy and achieve the business outcomes. 
  • Accelerating the XDR framework by taking telemetry, analytical and a service-centric approach
  • 11:00 AM
  • 11:29 AM
TrackB
Vivin Sathyan
Track B: Hybrid IAM With a Zero Trust Approach
Vivin Sathyan, Senior Technical Evangelist, ManageEngine

Cloud adoption indeed boosts digital transformation for organizations embarking on a modernization program — the main reason why organizations often opt for a hybrid Active Directory approach. However, the other side of the coin to the hybrid AD approach is that your network perimeters disappear. Organizations can address this new challenge by building a unified security strategy with hybrid identity management at the center.

The session will cover:

  • Challenges with the new network perimeter
  • Bridging the security gaps in the cloud
  • Establishing hybrid IAM best practices with a ‘zero trust’ strategy
  • 11:30 AM
  • 12:01 PM
TrackA
Arvind Sivaramakrishnan
Track A: Protecting Sensitive Patient Data: Applying the Principles of Data Privacy to Healthcare
Arvind Sivaramakrishnan, Group CIO, Apollo Hospitals

The medical industry holds sensitive personal data along with other critical data. The healthcare industry, unlike financial institutions with stringent cybersecurity policies, lacks strong regulations around cybersecurity and privacy. This turns out to be a bottleneck for practitioners in adhering to certain best practices for data privacy. 

The session will cover: 

  • How are labs and hospitals handling patient data
  • Relevance of policy guidelines like GDPR to healthcare services
  • Evolution of data privacy and protection principles for the healthcare industry
  • 11:30 AM
  • 12:01 PM
TrackB
Kumar KV
Track B: Is Privacy a CISO’s Problem? How to Operationalize It?
Kumar KV, Group CIO & CISO, Narayana Health

Most security leaders believe that they are not protecting technology but people. But can fraud, breach and privacy be viewed together? The fundamental questions that arise are is privacy a CISO’s problem, and how to operationalize privacy in the context of security and data protection issues?  

How much security is really required in an environment where openly shared data and research results fuel business? Where privacy and security matters are concerned, is a CISO more than just another corporate policy developer and technology evangelist? What role does a CISO play in operationalizing data protection and privacy regulations? 

The session will cover: 

  • The intersection between security and privacy 
  • How much is a CISO accountable for privacy 
  • Data protection vs. security controls
  • 12:15 PM
  • 12:44 PM
TrackA
Pushkal Mishra
Track A: Are You Cloud Ready? A CISO’s Manifestations
Pushkal Mishra, CISO, Dr Lal PathLabs

Organization believe that cloud computing brings a whole new level of autonomy and functionality, besides enhancing performance, agility, productivity and scalability. The pandemic has created the urgency for enterprises to move to cloud, and enterprises are in a race to adopt the ‘cloud-first’ strategy to optimize the IT spend and secure their hybrid work environment.   

CISOs are tasked with building a cloud-first security strategy and mitigating the risks arising from this.  

The session will cover:  

  • Cloud migration and its bottlenecks 
  • A holistic approach to cloud security and compliance  
  • Governance and risk
  • 12:15 PM
  • 12:44 PM
TrackB
Sumeet Prasad
Track B: Assessing the Effectiveness of Your Cyberthreat Intelligence Program: Building a Business Case
Sumeet Prasad, Vice President-Cybersecurity, Wells Fargo

India and SAARC region has witnessed the most prominent organizations hitting the headlines. It is beyond doubt that organizations have a huge staff and a myriad of cybersecurity tools to secure their environment; yet, they were breached. The current approach is insufficient, and the deployed technologies do not provide the necessary intel to detect the blind spots. 

It is imperative to assess the effectiveness of the cyberthreat intelligence program, and building a business case is essential in driving actionable threat intelligence.

The session will cover: 

  • Understanding what cyberthreat intelligence gives to an organization 
  • Reasons for taking a risk-based approach 
  • Using technologies and integration to drive actionable threat intelligence 
  • 12:45 PM
  • 01:15 PM
TrackA
Sanjay Kumar Das
Track A: Does Government Need a CISO? The Fallacy of Service Over Security
Sanjay Kumar Das, Joint Secretary, State CISO, Government of West Bengal

The Government of India has passed a regulation stating that every ‘State’ government needs to have a CISO to regulate the security procurement and controls, apart from appointing a security incident response team. 

The fundamental question that arises is ‘whether the government needs a CISO and what should be the CISO’s role and responsibilities in protecting the critical infrastructure against growing threats’? 

How do CISOs balance services with security and face the dichotomy, and what needs to change in their approach in the current hybrid cyberwar?   

The session will cover: 

  • Balancing security and regulatory controls with Public Service Delivery
  • Changing role of government CISOs
  • Effective ways to implement security controls in the hybrid cyberwar
  • 12:45 PM
  • 01:15 PM
TrackB
Deepak Kumar (D3)
Track B: Are CISOs Thinking Like Hackers? Understanding an Attacker’s Mind
Deepak Kumar (D3), Sr. Cyber Intelligence and Digital Forensics Professional,

The first question that provokes security practitioners is: How can they handle stealth and gain insights into how hackers plan their attacks even before contemplating which security solutions to deploy? 

The key to strengthening cyber defense is to understand an attacker’s mind about how they conduct detailed reconnaissance activities and develop custom-tailored campaigns to penetrate the network to steal sensitive corporate data, intellectual property, business plans and personal information. 

The session will cover:  

  • A virtual demo of how hackers enter your networks  
  • Using threat intelligence in the right context 
  • How CISOs need to discover, investigate and contain the attacks across all phases of the threat cycle
  • 01:30 PM
  • 01:59 PM
TrackA
Rohas Nagpal
Track A: Crypto Challenges: Security Defenses
Rohas Nagpal, Chief Blockchain Architect, Hybrid Finance Blockchain

India and SAARC region is making a headway in the cryptocurrency businesses and as a result, users could prove to be vulnerable to risks.  

The government is working to regulate cryptocurrency exchanges in line with guidance from the intergovernmental Financial Action Task Force, which sets global standards for fighting money laundering and terrorist financing. The big challenges for security leaders are to assess risks, strengthen incidence response capabilities and employ defenses in addressing the challenges.  

The session will cover:  

  • How to work closely with law enforcement  
  • Reducing the exposure to risk  
  • Complying with regulatory norms  
  • 01:30 PM
  • 01:59 PM
TrackB
Manish Dave
Track B: Case Study: The Road to Zero Trust Security
Manish Dave, Head of Information Security, Aarti Industries Ltd

Where does the journey to ‘zero trust’ begin, what are the typical entry points, and how can it unfold? Experts agree that ‘zero trust’ is based on the premise of ‘assume breach,’ and treat every asset as breached and all traffic as hostile.   
The session will cover:

  • How the approach to security has changed dramatically as security perimeters have dissolved 
  • Assessing the maturity of the ‘zero trust’ state with a realistic look at security and its dependencies on other functions in securing future work environments
  • Aligning ‘zero trust’ with people, processes and technologies to establish security
  • 02:00 PM
  • 02:30 PM
TrackA
Agnidipta Sarkar
Mathan Babu Kasilingam
Vinayak Godse
Akhil Verma
Track A: Panel: Indigenous Cybersecurity Solutions: Are CISOs Diving In?
Agnidipta Sarkar, Group CISO, Biocon
Mathan Babu Kasilingam, Chief Technology Security Officer & DPO, Vodafone Idea Ltd
Vinayak Godse, Senior VP, DSCI
Akhil Verma, CISO, Paytm Money

India is the third most cyber-attacked nation in the world, reports say. Enterprises need to comply with privacy regulations to protect their sensitive data. 

Most security leaders have questions if the Indian cybersecurity companies are redefining cybersecurity and offering state-of-the-art technology and tools that help them protect their environment against threats. How have the indigenous cybersecurity technology partners supported enterprises in building a cyber-resilient enterprise?  

The session will cover:  

  • Are CISOs reconsidering leaning toward Indian security products?  
  • Benefits and shortcomings in using homegrown products   
  • How are indigenously grown technologies helping in building a cyber-resilient enterprise? 
  • 02:00 PM
  • 02:30 PM
TrackB
Anuj Tewari
Sk. Shakil Ahmed
Track B: Two-Way Street: A Cybersecurity Debate Between CTO vs. CISO — Where Is the Disconnect?
Anuj Tewari, CISO, TMF Group
Sk. Shakil Ahmed, Head of Technology, Nagad

Almost all CISOs across regions have a single most significant challenge of getting the necessary funding to support their cybersecurity programs. Are security leaders creating value for business and being a part of technology innovation? Is the CTO function aligned with security in driving innovation? Are the CTOs and CISOs meeting the expectations?

The session discusses how to get a CTO and the CISO to collaborate on a common goal to facilitate the continued success of their organization. Where is the disconnect?

  • 02:30 PM
  • 02:59 PM
TrackA
Sudarshan Rajagopal
Track A: OT Security: Bridging the Silos
Sudarshan Rajagopal, Security and Compliance Lead, Shell India Markets Pvt Ltd

Most OT systems are designed with very little consideration for security. With increased cyber risk in this new digital transformation era, any approach to bridge the IT and OT divide is mission critical for enterprise security.    

As a CISO, can you reduce risk, security and risk management function silos to bridge the security gaps?  
 
Can you deploy suitable asset inventory methods and map the IT/OT risks?   

This session will cover:   

  • Building complete visibility to and monitoring of your IT and OT assets with the right access control   
  • Integrating OT threat monitoring into SOC for threat detection   
  • Essential steps to establish OT security 
  • 02:30 PM
  • 02:59 PM
TrackB
Milind Mungale
Track B: You Have Been Breached: Building an Effective BCM Plan
Milind Mungale, EVP & CISO, Protean eGov Technologies Ltd (Formerly NSDL e-Governance Infrastructure Ltd)

Cyberattacks are no longer about 'if' but 'when' you are breached. The daunting task for security leaders today is to build an effective business continuity plan to manage the breach incidents and to resolve the many issues that the incident ushers in.  

Security teams are made accountable for reputational problems, disruption of business processes, and penalties for noncompliance with increasingly rigid data protection laws. 

The session will cover: 

  • Understanding compliance and legal regulations 
  • Integrating various business functions to work on a recovery plan 
  • Revisiting your data encryption plan and understanding security gaps
  • 03:00 PM
  • 03:32 PM
TrackA
Ashutosh Jain
Sunari Dandeniya
Sujit Christy
Shivani Arni
Track A: Panel Discussion: Impact of the Hybrid Cyber Warfare on the Supply Chain: Sizing Up the Security Risks
Ashutosh Jain, CISO, IndusInd Bank
Sunari Dandeniya, CISO, Commercial Bank of Ceylon PLC
Sujit Christy, Group CISO, John Keells Holdings PLC
Shivani Arni, Information Security Officer, TransUnion

We typically think of supply chain attacks as stealthy attacks on hardware components, such as malware on laptops and network devices. Yet, the supply chain attack on a service provider cannot be ruled out as it is a significant intrusion of the entire ecosystem. The supply chain attacks usher in the risk: Supplier vulnerabilities are the common cause of compromise. Keeping a watchful eye on suppliers' security status – always knowing the risks they bring in – is an essential part of building resilience and response.  

The session will cover:  

  • Impact of the on-going hybrid cyber warfare on the supply chain across enterprises 
  • How to measure the risks and respond to supply chain attacks
  • The 'Security by Design' approach to secure software applications and evaluate the suppliers’ products
  • 03:00 PM
  • 03:36 PM
TrackB
Brijesh Singh
Anuprita Daga
Atanu Roy
Shirantha Peiris
Track B: Panel Discussion: To Pay or Not to Pay Ransom: The C-Suite Debate
Brijesh Singh, Additional Director General of Police, Govt of Maharashtra
Anuprita Daga, President & CISO, Yes Bank
Atanu Roy, SVP & GROUP CIO - INFO-TECH, Biocon Ltd
Shirantha Peiris, Head-Information Security, Mobitel

Ransomware attacks continue to plague organizations at an alarming pace; the debate among the C-suite on the issue of paying the ransom or refusing to pay and dealing with the consequences is getting critical.  

Some experts say that paying the ransom makes an organization vulnerable to reputational risk. This also means that the organization's risk calculations are no longer accurate. Another argument is that payment of extortion monies may encourage continued criminal activity. 

The session will cover: 

  • What should be the C-suite's approach in case of a ransomware attack 
  • How to engage with the law enforcement before taking the decision 
  • Prepare now or pay later - CISO's take 
Impact of the Hybrid Cyberwar on the CII in the APAC Region
Grant Schneider, Senior Director for Cybersecurity services ( Former U.S. federal CISO), Venable LLP
Scott Flower, Adjunct Associate Professor at University of Western Australia and Director, Pareto Cyber
Dr Yask, CISO, Indian Oil Corp
Brijesh Singh, Additional Director General of Police, Govt of Maharashtra

This exclusive interactive session is specially curated for senior information security professionals of our premier global industry leader’s community as an extension of the opening keynote address by Lt General Rajesh Pant, National Cyber Security Coordinator, National Security Council Secretariat, which will be taken up for a further deep dive with global perspectives on it.

This session will not be available on-demand. This is a CyberEdBoard exclusive session for members only. Existing members can access the on-demand session on the members' portal. Join the CyberEdBoard Community, by sending in your application here.

Contact the CyberEdBoard concierge team at the booth, to know more about joining the session.

Grant Schneider
Scott Flower
Dr Yask
Brijesh Singh
  • 03:30 PM
  • 04:29 PM

With the hybrid workforce model continuing to stay, the enterprises across India and SAARC continue to see the convergence of personal and employer applications and data on the same home network and multiple devices, throwing up significant challenges. CISOs have the daunting task of segmenting the two domains by applying best security practices. One of the reports states that over one-third of cybersecurity technologies used by Indian organizations are outdated. Large enterprises are deploying concepts such as 'zero trust,' and most seem to be investing in SASE, the cloud-based service model. There is a cybersecurity skill gap across all the enterprises in the region, which becomes the biggest bottleneck in building a resilient cyber enterprise. To gain insights into how to address these challenges and use the right technology and frameworks, attend ISMG's virtual cybersecurity summit as the global and regional cybersecurity thought leaders discuss critical aspects of cloud security, XDR, enhancing the security posture through automation, cryptocurrency, IoT, closing the skill gap, IAM rise of ransomware gangs, supply chain threats and more. ISMG's programs provide actionable education and exclusive networking opportunities with peers and subject matter experts.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

Lt General Rajesh Pant
National Cyber Security Coordinator
National Security Council Secretariat
Pant is presently holding the prestigious appointment of National Cyber Security Coordinator in the National Security Council Secretariat of India. He is responsible for coordinating all activities across multiple sectors to ensure secure and resilient cyberspace within the nation.
Ashutosh Jain
CISO
IndusInd Bank
Jain provides strategic direction and delivers cybersecurity, information risk, and security governance at IndusInd Bank. He has been specializing in technology risk and information risk for about two decades at regional and global levels at various multinational banks and financial...
Sudarshan Rajagopal
Security and Compliance Lead
Shell India Markets Pvt Ltd
Rajagopal is CC manager — Security and Compliance at Shell India Markets Pvt. Ltd. He is responsible for setting up and leading information risk management experts who are quick to identify and implement improvements in the field. Prior to joining...
Manish Dave
Head of Information Security
Aarti Industries Ltd
Dave is the head of information security at Aarti Industries Ltd. He has rich industry experience of 30 years in various IT functions, including infrastructure and operations, networks, and data center management. Of these, over 16 years were dedicated to...
Advisory Board
Mubashir Mir
Technical Solutions Architect
Cisco Secure
Mir is a technical solutions architect, APJC, at Duo Security, Cisco. Prior to joining Cisco, he was the senior principal engineer at Dell Technology. He was also the global technical architect for the modern workspace at Unisys.
Agnidipta Sarkar
Group CISO
Biocon
Sarkar is the group CISO at Biocon. He is leading a panel to write a standard on cyber resilience for the Bureau of Indian Standards. He has 30 years of experience as an auditor, board advisor, consultant, business leader, and...
Sumeet Prasad
Vice President-Cybersecurity
Wells Fargo
Prasad currently leads the Cyber Security Defense function within Information and Cyber Security at Wells Fargo India. He has close to two decades of experience in cybersecurity and IT across industry and consulting organizations, predominantly in the banking and technology...
Sunari Dandeniya
CISO
Commercial Bank of Ceylon PLC
Dandeniya is CISO of the Commercial Bank of Ceylon PLC. She has 15 years of experience in information technology, and her focus areas include information security, audit, and risk management. She is also an IRCA-certified Information Security Management Systems (ISO...
Shivani Arni
Information Security Officer
TransUnion
Arni is the information security officer at TransUnion CIBIL. At TransUnion, she is in charge of managing information security for all assets that TransUnion has in India — TransUnion CIBIL being the primary data source consisting of India’s leading consumer,...
Sk. Shakil Ahmed
Head of Technology
Nagad
Ahmed is the head of technology at Nagad, a financial services firm in Bangladesh. He is an established security expert in the financial industry and brings 20 years of experience in various IT roles, of which 10 years were dedicated...
Dr Yask
CISO
Indian Oil Corp
Dr Yask is the chief information security officer of Indian Oil Corp. Ltd. With over two decades of experience, he oversees cybersecurity operations, infrastructure, and governance within the organization.
Akhil Verma
CISO
Paytm Money
Verma is CISO of Paytm Money. He has 18 years of experience in IT, information security, and cybersecurity. He has worked for organizations including Oriental Bank of Commerce, Canara Bank, and Airtel Payments Bank. He holds several cybersecurity certifications, including...
Sudip Banerjee
Field CTO, APJ
Zscaler
Banerjee is the field CTO for APJ at Zscaler. He has expertise in the banking and finance industry, with experience in driving digital transformation programs, public cloud SaaS adoption, and re-architecting network infrastructure for enhanced user productivity.
Geetha Nandikotkur
Managing Editor & Conference Chair, Asia & Middle East
ISMG
Nandikotkur is an award-winning journalist with over 20 years of experience in newspapers, audiovisual media, magazines and research. She has an understanding of technology and business journalism and has moderated several roundtables and conferences, in addition to leading mentoring programs...
Pushkal Mishra
CISO
Dr Lal PathLabs
Mishra is CISO at Dr Lal PathLabs, where he leads enterprise-wide development and execution of information security and privacy programs, technologies, and processes. He previously worked with premium brands including Microsoft, Akamai, and HDFC ERGO.
Anuj Tewari
CISO
TMF Group
Tewari is CISO at TMF Group, where he is responsible for the digital transformation of Technology Risk and Cybersecurity program for the firm and its customers. Previously, he was CISO at HCL Technologies and the head of cybersecurity practice for...
Arvind Sivaramakrishnan
Group CIO
Apollo Hospitals
Sivaramakrishnan is CIO of Apollo Hospitals Enterprise Ltd. He is responsible for IT strategy and implementation and drives the digital transformation initiatives at Apollo Hospitals. He has experience in management consulting, architecting, and building solutions for enterprise-wide applications.
Conference Chair and Co-Chair
Mathan Babu Kasilingam
Chief Technology Security Officer & DPO
Vodafone Idea Ltd
Kasilingam is the chief information security officer of Vodafone Idea Ltd. With over two decades of experience in information and cybersecurity, he was instrumental in building a robust cybersecurity defense and response mechanism for NPCI. He is also a member...
Tarique Amin Bhuiyan
Managing Director
Dhaka Stock Exchange
Bhuiyan is the managing director of Dhaka Stock Exchange (DSE) Ltd. With over 25 years of experience, he is a skilled and experienced leader in administration and business management, digital and financial technology, and IT. He is also the founder,...
Deepak Kumar (D3)
Sr. Cyber Intelligence and Digital Forensics Professional
Kumar is a senior digital forensic and cyber intelligence professional in India. He is currently engaged with projects related to cyberthreat intelligence, security operations center, and capacity building for cybercrime and digital forensics domains. He is an active member of...
Atanu Roy
SVP & GROUP CIO - INFO-TECH
Biocon Ltd
Roy is the group CIO at Biocon Group. He has been one of India's most respected pharma sector Global CIOs for over a decade. He spent over 14 years in the consulting space and has led digital transformation in two...
Vivin Sathyan
Senior Technical Evangelist
ManageEngine
Sathyan is a senior technology evangelist at ManageEngine, a division of Zoho Corp. He presents POCs and takes care of implementation and product training in the domains of AD Solutions and IT security. He is a regular speaker at international...
Rahul Dani
Senior Solution Engineer - Networking & Security
VMware
Dani is a senior solution engineer at VMware, responsible for helping customers design secure multi-cloud solutions for delivering modern applications and security solutions. He has helped BFSI, PSU, and ITES organizations across India and Sri Lanka in their digital transformation...
Scott Flower
Adjunct Associate Professor at University of Western Australia and Director
Pareto Cyber
Flower is the global intelligence officer for Asia Pacific at FS-ISAC. His role involves leading APAC's largest cyberthreat fusion analysis cell protecting the global financial sector. Prior to joining FS-ISAC, he worked for international security research and intelligence analysis in...
Shirantha Peiris
Head-Information Security
Mobitel
Peiris is the head of information security at Mobitel, Sri Lanka, where he is responsible for overall security strategy development, implementation, and governance-related activities. He has over 18 years of ICT security experience, of which 15 years were specifically focused...
Seema Kumar
CTO, Global Partner Solutions
Microsoft
Kumar is CTO — Global Partner Solutions, Microsoft India. She works across the diverse partner ecosystem of GSIs, services, and ISV organizations, to align and enable them on Microsoft technologies, accelerate repeatable IP-based solutions, and practice development.
Suparna Goswami
Associate Editor
ISMG
Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she...
Rohas Nagpal
Chief Blockchain Architect
Hybrid Finance Blockchain
Nagpal is the chief blockchain architect at HyFi Blockchain. With over 20 years of experience in cybercrime investigation and cybersecurity, he co-founded the Asian School of Cyber Laws in 1999 and investigated cybercrimes and data breaches for hundreds of organizations.
Milind Mungale
EVP & CISO
Protean eGov Technologies Ltd (Formerly NSDL e-Governance Infrastructure Ltd)
Mungale is the executive VP and CISO of Protean eGov Technologies Ltd. He is heading the information security, cybersecurity, network security, IT infrastructure, and data center functions of the organization. He has been given the charter to establish sustainability principles...
Advisory Board
Anuprita Daga
President & CISO
Yes Bank
Daga is the president and chief information security officer at YES BANK. She is a business development professional skilled in operations management, team building, pre-sales, and management information systems (MIS). Prior to joining YES BANK, she was CISO of Reliance...
Brijesh Singh
Additional Director General of Police
Govt of Maharashtra
Singh is inspector general of police (cyber) in Maharashtra. He successfully implemented a criminal tracking and networking systems project in Maharashtra. He is also a designated special inspector general of police for women atrocity prevention, a special authority created by...
Kumar KV
Group CIO & CISO
Narayana Health
Kumar is the group CIO of Narayana Health. As a senior technology and security leader with more than two decades of experience, his expertise lies in digital strategy, systems design and development, enterprise architecture, and information security and privacy.
Vinayak Godse
Senior VP
DSCI
Godse is the senior vice president of the Data Security Council of India (DSCI). With 18 years of experience in information security and IT, he is managing a program for defining data security and privacy practices, based on which a...
Sujit Christy
Group CISO
John Keells Holdings PLC
Christy is the group CISO at John Keells Holdings PLC. He is a governance, risk, compliance, and cybersecurity professional. He is also the president/board member of the (ISC)² Colombo Chapter, Sri Lanka, and serves as an advisory board member for...
Sanjay Kumar Das
Joint Secretary, State CISO
Government of West Bengal
Das is the Joint Secretary and State Information Security Officer of the Government of West Bengal. He served as an Intelligence Officer with IB, MHA, and Govt. of India for four years. He is a Certified Lead Implementer Professional in...
Manish Sinha
Director of Sales Engineering, South Asia
Trellix
Sinha is the director of sales engineering — South Asia at Trellix and is responsible for sales engineering and technical operations. As a cybersecurity veteran for 20 years, he has helped organizations strengthen their security posture and incidence response frameworks.
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
Schneider is the senior director for Cybersecurity Services at Venable LLP. Prior to Venable, Schneider served as the U.S. federal CISO, the U.S. deputy federal CISO and as senior director for Cybersecurity Policy on the White House National Security Council....
Arvind Sharma
Enterprise Technology Specialist, APAC
Trellix
Sharma is an enterprise technology specialist for Trellix Device Security portfolio. He is responsible for developing Trellix’s device security solutions including endpoint security, application control, server security, and endpoint detection and response.
Shahla Khan
Global Black Belt - Zero Trust
Microsoft
Shahla is global black belt - zero trust at Microsoft. She is a passionate and self-motivated leader with experience in multiple domains, including cybersecurity, cloud security (Azure and AWS), IT GRC, data privacy, vulnerability assessment, and pen testing.

View Agenda
Welcome to ISMG's India & SAARC Summit

The summit's objective is to provide education and exclusive networking opportunities for the participants with peers and subject matter experts. The program has been carefully designed with the support and guidance of the 'editorial advisory board,' including senior thought leaders from the India & SAARC region, to capture the regional security challenges that resonate with their current concerns. The India & SAARC editorial advisory board includes:

Conference Chair:  Ashutosh Jain, CISO, IndusInd Bank

Conference Co-Chairs:

  • Brijesh Singh, Additional Director, Govt. of Maharashtra
  • Sujit Christy, Group CISO at John Keells Holdings PLC, President at (ISC)2 Colombo Chapter


Advisory Board:

  • Biswajit Chakraborty, Cybersecurity Consultant and EX-Head-Cyber Security –CoE, Larsen & Toubro Infotech
  • Bithal Bhardwaj, Group CISO, GMR Group
  • Mathan Kasilingam, Technology Information Security Officer& DPO, Vodafone Idea Ltd
  • Md. Mahbubul Alam (Rafel), Head of Information Security Division, Prime Bank Limited
  • Narendra Mainali, CISO, NIC Asia Bank
  • Pushkal Mishra, CISO, Dr Lal Path Labs
  • Shivangi Nadkarni, Co-founder & CEO, Arrka  
  • Sridhar Sidhu, Senior Vice President and Head of InfoSec Services Group, Wells Fargo
  • Dr Yask, CISO, Indian Oil Corp
  • 09:00 AM
  • 09:14 AM
Plenary Session: Establishing a Cyber-Resilient Enterprise in 2022: Are the C-Suite and Board on the Same Track?
Tarique Amin Bhuiyan, Managing Director, Dhaka Stock Exchange

Enterprises across India and SAARC are encouraged to invest in the infrastructure needed to build a secure and robust platform for business transformation and support the digital economy.   

The session will cover:  

  • Are they able to align their strategy with the business priorities and rise up to the expectations? 
  • What does digital innovation mean to security, and where is the disconnect? 
  • What needs to change, both tactically and strategically, to build a cyber-resilient organization?
Tarique Amin Bhuiyan
  • 09:15 AM
  • 09:44 AM
Keynote: Changing Nature of Global Cyberspace: Government and Enterprise Security Preparedness
Lt General Rajesh Pant, National Cyber Security Coordinator, National Security Council Secretariat

Various governments have been striving hard to build a future of cyberspace that is open, interoperable, secure and reliable. With significant improvement in cyber offense capabilities, the global cyberspace has become more vulnerable to attacks. 

It’s time to bolster the cyber defense capabilities among government and enterprises. Experts say the cybersecurity establishment must think of countermeasures factoring in the cyber defense, offense and balance, especially when the nature of the attack gets more sophisticated. The keynote session will cover:  

  • The changing nature of cyberspace
  • Key essentials to prepare for the changing cyberspace
  • Establishing secure and resilient enterprise that endures attacks
  • Balancing cyber defense and offense capabilities
Lt General Rajesh Pant
  • 09:45 AM
  • 10:14 AM
Protecting the Hybrid Workforce Using a Zero Trust Approach
Mubashir Mir, Technical Solutions Architect, Cisco Secure

Today, the mobility of the modern workforce has empowered users and devices to connect anywhere. Employees and users have more control over the applications they use. These applications are no longer behind the firewall as users can connect directly to work applications over the internet using their own devices. The most significant risk of hybrid workforce for enterprises would be the risk of identity and user access. 

The industry is abuzz with the concept of ‘zero trust’ being applied in securing the hybrid workforce in this perimeter less world, challenging the CISOs in securing the ecosystem. 

 The session will cover: 

  • How to secure user access from any device and applications
  • Establishing security-by-design model using the ‘zero trust’ approach
  • How to adopt the ‘zero trust’ security
Mubashir Mir
  • 10:15 AM
  • 10:30 AM
  • 10:30 AM
  • 10:59 AM
Track C
Sudip Banerjee
Track C: Securing Your Business Environment Using a Zero Trust Security
Sudip Banerjee, Field CTO, APJ, Zscaler

As organizations have already embarked on their digital transformation journey, moving to a ‘zero trust’ concept is a major step toward building your overall security architecture on the philosophy of challenging everything and ‘trust’ nothing.  

The fundamental question for security leaders is why you need to launch a ‘zero trust’ initiative and make it your top priority. How does it secure your business environment amid the escalation threats and real-time system complexity? 

The session will cover: 

  • How to embark on a ‘zero trust’ journey
  • Why a comprehensive ‘zero trust’ architecture matters
  • Securing your business environment with a ‘zero trust’ exchange
  • 10:30 AM
  • 10:59 AM
TrackA
Rahul Dani
Track A: Using an ‘Intrinsic Security’ Approach for Modern Application and Cloud
Rahul Dani, Senior Solution Engineer - Networking & Security, VMware

As organizations grapple with building security into their cloud applications to help thwart cyberthreats, experts recommend an intrinsic security approach that will help develop an easy and seamless path. 

Since it would be difficult to defend what you don’t see, intrinsic security will provide a framework that has security built-in rather than bolted-on, helping to provide the most robust and scalable network and security platform.  

The session will cover: 

  • How to visualize, operate and automate network and security for your applications across cloud environments using an intrinsic security approach
  • How to operationalize security 
  • Building a defense-in-depth model by applying the ‘built-in’ security framework
  • 10:30 AM
  • 10:59 AM
TrackB
Seema Kumar
Shahla Khan
Track B: Establishing Least Privilege Access Across the Multi-Cloud Infrastructure
Seema Kumar, CTO, Global Partner Solutions, Microsoft
Shahla Khan, Global Black Belt - Zero Trust, Microsoft

As organizations embark on their cloud journey, cloud security is getting more complex, yet it is still a constantly growing field. In addition, the unmanaged permissions are expanding the attack surface, increasing the challenges of visibility and control for security leaders.    

The big questions before the CISOs now are how to restrict permissions for any identity or resource, and how to apply the least privilege principle to this layer of complex cloud infrastructure with increased attack surface. 

The session will cover: 

  • New access control challenges with multi-cloud adoption 
  • How to bridge the access and permission gap 
  • How to use a ‘zero trust’ approach to manage least privilege access
  • 11:00 AM
  • 11:29 AM
TrackA
Arvind Sharma
Manish Sinha
Track A: Demystifying and Designing a Long-Term XDR Strategy
Arvind Sharma, Enterprise Technology Specialist, APAC, Trellix
Manish Sinha, Director of Sales Engineering, South Asia, Trellix

As a CISO or a key member of your organization's SecOps team, you've watched the attack surface expand over the last decade. The target field of endpoints has dramatically expanded to other attack vectors, forcing a shift from EDR (endpoint detection and response) to XDR (extended detection and response). 

The session will cover: 

  • Why organizations should adopt XDR architecture to enhance threat detection & security operations capabilities 
  • How to build a long-term XDR strategy and achieve the business outcomes. 
  • Accelerating the XDR framework by taking telemetry, analytical and a service-centric approach
  • 11:00 AM
  • 11:29 AM
TrackB
Vivin Sathyan
Track B: Hybrid IAM With a Zero Trust Approach
Vivin Sathyan, Senior Technical Evangelist, ManageEngine

Cloud adoption indeed boosts digital transformation for organizations embarking on a modernization program — the main reason why organizations often opt for a hybrid Active Directory approach. However, the other side of the coin to the hybrid AD approach is that your network perimeters disappear. Organizations can address this new challenge by building a unified security strategy with hybrid identity management at the center.

The session will cover:

  • Challenges with the new network perimeter
  • Bridging the security gaps in the cloud
  • Establishing hybrid IAM best practices with a ‘zero trust’ strategy
  • 11:30 AM
  • 12:01 PM
TrackA
Arvind Sivaramakrishnan
Track A: Protecting Sensitive Patient Data: Applying the Principles of Data Privacy to Healthcare
Arvind Sivaramakrishnan, Group CIO, Apollo Hospitals

The medical industry holds sensitive personal data along with other critical data. The healthcare industry, unlike financial institutions with stringent cybersecurity policies, lacks strong regulations around cybersecurity and privacy. This turns out to be a bottleneck for practitioners in adhering to certain best practices for data privacy. 

The session will cover: 

  • How are labs and hospitals handling patient data
  • Relevance of policy guidelines like GDPR to healthcare services
  • Evolution of data privacy and protection principles for the healthcare industry
  • 11:30 AM
  • 12:01 PM
TrackB
Kumar KV
Track B: Is Privacy a CISO’s Problem? How to Operationalize It?
Kumar KV, Group CIO & CISO, Narayana Health

Most security leaders believe that they are not protecting technology but people. But can fraud, breach and privacy be viewed together? The fundamental questions that arise are is privacy a CISO’s problem, and how to operationalize privacy in the context of security and data protection issues?  

How much security is really required in an environment where openly shared data and research results fuel business? Where privacy and security matters are concerned, is a CISO more than just another corporate policy developer and technology evangelist? What role does a CISO play in operationalizing data protection and privacy regulations? 

The session will cover: 

  • The intersection between security and privacy 
  • How much is a CISO accountable for privacy 
  • Data protection vs. security controls
  • 12:15 PM
  • 12:44 PM
TrackA
Pushkal Mishra
Track A: Are You Cloud Ready? A CISO’s Manifestations
Pushkal Mishra, CISO, Dr Lal PathLabs

Organization believe that cloud computing brings a whole new level of autonomy and functionality, besides enhancing performance, agility, productivity and scalability. The pandemic has created the urgency for enterprises to move to cloud, and enterprises are in a race to adopt the ‘cloud-first’ strategy to optimize the IT spend and secure their hybrid work environment.   

CISOs are tasked with building a cloud-first security strategy and mitigating the risks arising from this.  

The session will cover:  

  • Cloud migration and its bottlenecks 
  • A holistic approach to cloud security and compliance  
  • Governance and risk
  • 12:15 PM
  • 12:44 PM
TrackB
Sumeet Prasad
Track B: Assessing the Effectiveness of Your Cyberthreat Intelligence Program: Building a Business Case
Sumeet Prasad, Vice President-Cybersecurity, Wells Fargo

India and SAARC region has witnessed the most prominent organizations hitting the headlines. It is beyond doubt that organizations have a huge staff and a myriad of cybersecurity tools to secure their environment; yet, they were breached. The current approach is insufficient, and the deployed technologies do not provide the necessary intel to detect the blind spots. 

It is imperative to assess the effectiveness of the cyberthreat intelligence program, and building a business case is essential in driving actionable threat intelligence.

The session will cover: 

  • Understanding what cyberthreat intelligence gives to an organization 
  • Reasons for taking a risk-based approach 
  • Using technologies and integration to drive actionable threat intelligence 
  • 12:45 PM
  • 01:15 PM
TrackA
Sanjay Kumar Das
Track A: Does Government Need a CISO? The Fallacy of Service Over Security
Sanjay Kumar Das, Joint Secretary, State CISO, Government of West Bengal

The Government of India has passed a regulation stating that every ‘State’ government needs to have a CISO to regulate the security procurement and controls, apart from appointing a security incident response team. 

The fundamental question that arises is ‘whether the government needs a CISO and what should be the CISO’s role and responsibilities in protecting the critical infrastructure against growing threats’? 

How do CISOs balance services with security and face the dichotomy, and what needs to change in their approach in the current hybrid cyberwar?   

The session will cover: 

  • Balancing security and regulatory controls with Public Service Delivery
  • Changing role of government CISOs
  • Effective ways to implement security controls in the hybrid cyberwar
  • 12:45 PM
  • 01:15 PM
TrackB
Deepak Kumar (D3)
Track B: Are CISOs Thinking Like Hackers? Understanding an Attacker’s Mind
Deepak Kumar (D3), Sr. Cyber Intelligence and Digital Forensics Professional,

The first question that provokes security practitioners is: How can they handle stealth and gain insights into how hackers plan their attacks even before contemplating which security solutions to deploy? 

The key to strengthening cyber defense is to understand an attacker’s mind about how they conduct detailed reconnaissance activities and develop custom-tailored campaigns to penetrate the network to steal sensitive corporate data, intellectual property, business plans and personal information. 

The session will cover:  

  • A virtual demo of how hackers enter your networks  
  • Using threat intelligence in the right context 
  • How CISOs need to discover, investigate and contain the attacks across all phases of the threat cycle
  • 01:30 PM
  • 01:59 PM
TrackA
Rohas Nagpal
Track A: Crypto Challenges: Security Defenses
Rohas Nagpal, Chief Blockchain Architect, Hybrid Finance Blockchain

India and SAARC region is making a headway in the cryptocurrency businesses and as a result, users could prove to be vulnerable to risks.  

The government is working to regulate cryptocurrency exchanges in line with guidance from the intergovernmental Financial Action Task Force, which sets global standards for fighting money laundering and terrorist financing. The big challenges for security leaders are to assess risks, strengthen incidence response capabilities and employ defenses in addressing the challenges.  

The session will cover:  

  • How to work closely with law enforcement  
  • Reducing the exposure to risk  
  • Complying with regulatory norms  
  • 01:30 PM
  • 01:59 PM
TrackB
Manish Dave
Track B: Case Study: The Road to Zero Trust Security
Manish Dave, Head of Information Security, Aarti Industries Ltd

Where does the journey to ‘zero trust’ begin, what are the typical entry points, and how can it unfold? Experts agree that ‘zero trust’ is based on the premise of ‘assume breach,’ and treat every asset as breached and all traffic as hostile.   
The session will cover:

  • How the approach to security has changed dramatically as security perimeters have dissolved 
  • Assessing the maturity of the ‘zero trust’ state with a realistic look at security and its dependencies on other functions in securing future work environments
  • Aligning ‘zero trust’ with people, processes and technologies to establish security
  • 02:00 PM
  • 02:30 PM
TrackA
Agnidipta Sarkar
Mathan Babu Kasilingam
Vinayak Godse
Akhil Verma
Track A: Panel: Indigenous Cybersecurity Solutions: Are CISOs Diving In?
Agnidipta Sarkar, Group CISO, Biocon
Mathan Babu Kasilingam, Chief Technology Security Officer & DPO, Vodafone Idea Ltd
Vinayak Godse, Senior VP, DSCI
Akhil Verma, CISO, Paytm Money

India is the third most cyber-attacked nation in the world, reports say. Enterprises need to comply with privacy regulations to protect their sensitive data. 

Most security leaders have questions if the Indian cybersecurity companies are redefining cybersecurity and offering state-of-the-art technology and tools that help them protect their environment against threats. How have the indigenous cybersecurity technology partners supported enterprises in building a cyber-resilient enterprise?  

The session will cover:  

  • Are CISOs reconsidering leaning toward Indian security products?  
  • Benefits and shortcomings in using homegrown products   
  • How are indigenously grown technologies helping in building a cyber-resilient enterprise? 
  • 02:00 PM
  • 02:30 PM
TrackB
Anuj Tewari
Sk. Shakil Ahmed
Track B: Two-Way Street: A Cybersecurity Debate Between CTO vs. CISO — Where Is the Disconnect?
Anuj Tewari, CISO, TMF Group
Sk. Shakil Ahmed, Head of Technology, Nagad

Almost all CISOs across regions have a single most significant challenge of getting the necessary funding to support their cybersecurity programs. Are security leaders creating value for business and being a part of technology innovation? Is the CTO function aligned with security in driving innovation? Are the CTOs and CISOs meeting the expectations?

The session discusses how to get a CTO and the CISO to collaborate on a common goal to facilitate the continued success of their organization. Where is the disconnect?

  • 02:30 PM
  • 02:59 PM
TrackA
Sudarshan Rajagopal
Track A: OT Security: Bridging the Silos
Sudarshan Rajagopal, Security and Compliance Lead, Shell India Markets Pvt Ltd

Most OT systems are designed with very little consideration for security. With increased cyber risk in this new digital transformation era, any approach to bridge the IT and OT divide is mission critical for enterprise security.    

As a CISO, can you reduce risk, security and risk management function silos to bridge the security gaps?  
 
Can you deploy suitable asset inventory methods and map the IT/OT risks?   

This session will cover:   

  • Building complete visibility to and monitoring of your IT and OT assets with the right access control   
  • Integrating OT threat monitoring into SOC for threat detection   
  • Essential steps to establish OT security 
  • 02:30 PM
  • 02:59 PM
TrackB
Milind Mungale
Track B: You Have Been Breached: Building an Effective BCM Plan
Milind Mungale, EVP & CISO, Protean eGov Technologies Ltd (Formerly NSDL e-Governance Infrastructure Ltd)

Cyberattacks are no longer about 'if' but 'when' you are breached. The daunting task for security leaders today is to build an effective business continuity plan to manage the breach incidents and to resolve the many issues that the incident ushers in.  

Security teams are made accountable for reputational problems, disruption of business processes, and penalties for noncompliance with increasingly rigid data protection laws. 

The session will cover: 

  • Understanding compliance and legal regulations 
  • Integrating various business functions to work on a recovery plan 
  • Revisiting your data encryption plan and understanding security gaps
  • 03:00 PM
  • 03:32 PM
TrackA
Ashutosh Jain
Sunari Dandeniya
Sujit Christy
Shivani Arni
Track A: Panel Discussion: Impact of the Hybrid Cyber Warfare on the Supply Chain: Sizing Up the Security Risks
Ashutosh Jain, CISO, IndusInd Bank
Sunari Dandeniya, CISO, Commercial Bank of Ceylon PLC
Sujit Christy, Group CISO, John Keells Holdings PLC
Shivani Arni, Information Security Officer, TransUnion

We typically think of supply chain attacks as stealthy attacks on hardware components, such as malware on laptops and network devices. Yet, the supply chain attack on a service provider cannot be ruled out as it is a significant intrusion of the entire ecosystem. The supply chain attacks usher in the risk: Supplier vulnerabilities are the common cause of compromise. Keeping a watchful eye on suppliers' security status – always knowing the risks they bring in – is an essential part of building resilience and response.  

The session will cover:  

  • Impact of the on-going hybrid cyber warfare on the supply chain across enterprises 
  • How to measure the risks and respond to supply chain attacks
  • The 'Security by Design' approach to secure software applications and evaluate the suppliers’ products
  • 03:00 PM
  • 03:36 PM
TrackB
Brijesh Singh
Anuprita Daga
Atanu Roy
Shirantha Peiris
Track B: Panel Discussion: To Pay or Not to Pay Ransom: The C-Suite Debate
Brijesh Singh, Additional Director General of Police, Govt of Maharashtra
Anuprita Daga, President & CISO, Yes Bank
Atanu Roy, SVP & GROUP CIO - INFO-TECH, Biocon Ltd
Shirantha Peiris, Head-Information Security, Mobitel

Ransomware attacks continue to plague organizations at an alarming pace; the debate among the C-suite on the issue of paying the ransom or refusing to pay and dealing with the consequences is getting critical.  

Some experts say that paying the ransom makes an organization vulnerable to reputational risk. This also means that the organization's risk calculations are no longer accurate. Another argument is that payment of extortion monies may encourage continued criminal activity. 

The session will cover: 

  • What should be the C-suite's approach in case of a ransomware attack 
  • How to engage with the law enforcement before taking the decision 
  • Prepare now or pay later - CISO's take 
Impact of the Hybrid Cyberwar on the CII in the APAC Region
Grant Schneider, Senior Director for Cybersecurity services ( Former U.S. federal CISO), Venable LLP
Scott Flower, Adjunct Associate Professor at University of Western Australia and Director, Pareto Cyber
Dr Yask, CISO, Indian Oil Corp
Brijesh Singh, Additional Director General of Police, Govt of Maharashtra

This exclusive interactive session is specially curated for senior information security professionals of our premier global industry leader’s community as an extension of the opening keynote address by Lt General Rajesh Pant, National Cyber Security Coordinator, National Security Council Secretariat, which will be taken up for a further deep dive with global perspectives on it.

This session will not be available on-demand. This is a CyberEdBoard exclusive session for members only. Existing members can access the on-demand session on the members' portal. Join the CyberEdBoard Community, by sending in your application here.

Contact the CyberEdBoard concierge team at the booth, to know more about joining the session.

Grant Schneider
Scott Flower
Dr Yask
Brijesh Singh
  • 03:30 PM
  • 04:29 PM

Speaker Interviews

Critical Infrastructure Security Summit Preview - Grant Schneider on Water, Power and Financial Services
Critical Infrastructure Security Summit Preview - Grant Schneider on Water, Power and Financial Services
Critical Infrastructure Security Summit Preview - Grant Schneider on Water, Power and Financial Services
Cryptocurrency's significant year with landmark arrests, an executive order, and outrageous fraud schemes.
Cryptocurrency's significant year with landmark arrests, an executive order, and outrageous fraud schemes.
Cryptocurrency's significant year with landmark arrests, an executive order, and outrageous fraud schemes.
Importance of Medical Ethics in Cybersecurity - Christopher Frenz on Patient Care After a Cyberattack
Importance of Medical Ethics in Cybersecurity - Christopher Frenz on Patient Care After a Cyberattack
Importance of Medical Ethics in Cybersecurity - Christopher Frenz on Patient Care After a...
Transforming an Organization's Security Culture - CISO Bobby Ford on Building a New Cybersecurity Operating Model
Transforming an Organization's Security Culture - CISO Bobby Ford on Building a New Cybersecurity Operating Model
Transforming an Organization's Security Culture - CISO Bobby Ford on Building a New Cybersecurity...
Profiles in Leadership: Rob Hornbuckle, CISO, Allegiant - Beyond Security, More Than Business: Where is CISO Role Headed?
Profiles in Leadership: Rob Hornbuckle, CISO, Allegiant - Beyond Security, More Than Business: Where is CISO Role Headed?
Profiles in Leadership: Rob Hornbuckle, CISO, Allegiant - Beyond Security, More Than Business: Where...
Profiles in Leadership: Selim Aissi, IMT (Ellie Mae) - Perspectives on the CISO Relationship With the Board
Profiles in Leadership: Selim Aissi, IMT (Ellie Mae) - Perspectives on the CISO Relationship With the Board
Profiles in Leadership: Selim Aissi, IMT (Ellie Mae) - Perspectives on the CISO Relationship...
UK Cyber Security Council to Tackle Education, Standards - Dr. Claudia Natanson Describes Vision of U.K.’s New Self-Regulatory Body
UK Cyber Security Council to Tackle Education, Standards - Dr. Claudia Natanson Describes Vision of U.K.’s New Self-Regulatory Body
UK Cyber Security Council to Tackle Education, Standards - Dr. Claudia Natanson Describes Vision...
Data Risk Governance: The BISO's Perspective - Patrick Benoit of CBRE on Necessary Ingredients for a Mature Program
Data Risk Governance: The BISO's Perspective - Patrick Benoit of CBRE on Necessary Ingredients for a Mature Program
Data Risk Governance: The BISO's Perspective - Patrick Benoit of CBRE on Necessary Ingredients...
CISO Spotlight: Troels Oerting, World Economic Forum - Veteran Cybersecurity Leader on Evolution of Threats, Technology and Leadership
CISO Spotlight: Troels Oerting, World Economic Forum - Veteran Cybersecurity Leader on Evolution of Threats, Technology and Leadership
CISO Spotlight: Troels Oerting, World Economic Forum - Veteran Cybersecurity Leader on Evolution of...
Driving Healthcare Innovation With a Security Mindset - ChristianaCare CISO Anahi Santiago on Securing Hospitals Without Borders
Driving Healthcare Innovation With a Security Mindset - ChristianaCare CISO Anahi Santiago on Securing Hospitals Without Borders
Driving Healthcare Innovation With a Security Mindset - ChristianaCare CISO Anahi Santiago on Securing...
Touhill: What It Takes to Be Resilient - Ex-Federal CISO Starts New Role as Head of SEI’s CERT Division
Touhill: What It Takes to Be Resilient - Ex-Federal CISO Starts New Role as Head of SEI’s CERT Division
Touhill: What It Takes to Be Resilient - Ex-Federal CISO Starts New Role as...
Art Coviello: 'It's a Roaring '20s for Technology' - RSA's Former CEO on State of the Industry and Technologies to Watch
Art Coviello: 'It's a Roaring '20s for Technology' - RSA's Former CEO on State of the Industry and Technologies to Watch
Art Coviello: 'It's a Roaring '20s for Technology' - RSA's Former CEO on State...
Election Security: Lessons Learned from 2020 - FBI's Elvis Chan on Why This Was 'Most Secure Election of My Career'
Election Security: Lessons Learned from 2020 - FBI's Elvis Chan on Why This Was 'Most Secure Election of My Career'
Election Security: Lessons Learned from 2020 - FBI's Elvis Chan on Why This Was...
CISO Spotlight: Marene Allison, Johnson & Johnson - Reflections on Seismic Change in 2020 and Opportunities in the Year Ahead
CISO Spotlight: Marene Allison, Johnson & Johnson - Reflections on Seismic Change in 2020 and Opportunities in the Year Ahead
CISO Spotlight: Marene Allison, Johnson & Johnson - Reflections on Seismic Change in 2020...
Do You Need a Human OS Upgrade? - CISO of World Health Organization on Multilayered Defense Strategies
Do You Need a Human OS Upgrade? - CISO of World Health Organization on Multilayered Defense Strategies
Do You Need a Human OS Upgrade? - CISO of World Health Organization on...
Ariel Weintraub Takes Charge of Cybersecurity at MassMutual - New Head of Enterprise Cybersecurity Succeeds CISO Jim Routh
Ariel Weintraub Takes Charge of Cybersecurity at MassMutual - New Head of Enterprise Cybersecurity Succeeds CISO Jim Routh
Ariel Weintraub Takes Charge of Cybersecurity at MassMutual - New Head of Enterprise Cybersecurity...
Zero Trust': An Outdated Model? - Cyjax CISO Ian Thornton-Trump Offers a Critique
Zero Trust': An Outdated Model? - Cyjax CISO Ian Thornton-Trump Offers a Critique
Zero Trust': An Outdated Model? - Cyjax CISO Ian Thornton-Trump Offers a Critique
Zero Trust: 'What Are You Trying to Protect?' - Father of Zero Trust, John Kindervag, on How Conversation, Industry Have Evolved
Zero Trust: 'What Are You Trying to Protect?' - Father of Zero Trust, John Kindervag, on How Conversation, Industry Have Evolved
Zero Trust: 'What Are You Trying to Protect?' - Father of Zero Trust, John...
Better Identity Coalition: A Project Update - Jeremy Grant, Coalition Coordinator, Discusses Identity Management Progress
Better Identity Coalition: A Project Update - Jeremy Grant, Coalition Coordinator, Discusses Identity Management Progress
Better Identity Coalition: A Project Update - Jeremy Grant, Coalition Coordinator, Discusses Identity Management...
Changing Authentication for Employees - Navy Federal Credit Union’s Thomas Malta on Applying CIAM Techniques
Changing Authentication for Employees - Navy Federal Credit Union’s Thomas Malta on Applying CIAM Techniques
Changing Authentication for Employees - Navy Federal Credit Union’s Thomas Malta on Applying CIAM...
Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains - ‘Supply Chain Security Is Broken, and It’s Time for a Change’
Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains - ‘Supply Chain Security Is Broken, and It’s Time for a Change’
Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains - ‘Supply Chain Security Is...
The Critical Role of Dynamic Authentication - Wells Fargo's Sridhar Sidhu on Redefining IAM for Remote Workforce
The Critical Role of Dynamic Authentication - Wells Fargo's Sridhar Sidhu on Redefining IAM for Remote Workforce
The Critical Role of Dynamic Authentication - Wells Fargo's Sridhar Sidhu on Redefining IAM...
NIST's Ron Ross: 'The Adversary Lives in the Cracks' - SolarWinds Breach Calls Attention to Fundamental Need for Better DevSecOps
NIST's Ron Ross: 'The Adversary Lives in the Cracks' - SolarWinds Breach Calls Attention to Fundamental Need for Better DevSecOps
NIST's Ron Ross: 'The Adversary Lives in the Cracks' - SolarWinds Breach Calls Attention...

May 17 - 18, 2022

India & SAARC Summit

© 2023 Information Security Media Group, Corp.
Privacy & GDPR Statement  |  CCPA: Do Not Sell My Personal Data
Summits Engage Roundtables Faculty About Contact Us