The Art of Mapping Security Goals to Existing InvestmentsCISO Aditya Vardhan on Ensuring Good Security Culture When Joining a New Company
How does a CISO map his goals to the security investments made by a company long before he came onboard? How can you balance the short-term and long-terms goals at a new organization? Aditya Vardhan, CISO of Jindal Power & Steel, shares his insights on ensuring a smooth transition.
"Once I got into this role, I identified there were certain initiatives which were already lined up and there are certain investments which the company has already done," says Vardhan, who joined the company in December.
For example, he says, CISOs need to understand the organization's maturity level for threat detection and response. "We all understand there are various maturity levels within that program," Vardhan says. "The initial stage is to ensure that all the right kinds of logs are captured and retained as per the compliance need."
Vardhan's long-term goal is to automate the entire threat detection and response cycle with new technologies and capabilities. "But this can't be taken as the first step as it is not only about the technology maturity but the maturity of the organization to consume."
In this video interview with Information Security Media Group, Vardhan also discusses:
- How to leverage existing security investments;
- His road map for 2023;
- How to map security goals to business goals.
Vardhan has more than two decades of experience across consulting, security, cybersecurity architecture, risk and compliance, and board-level engagement. He has established and led information security programs for leading enterprises such as PepsiCo, Adani Enterprises, Cairn India and L&T ECC.