3rd Party Risk Management , Artificial Intelligence & Machine Learning , Audit

SolarWinds Hack: The Strategic Implications

Two Experts Discuss Urgent Action Items
From left: Abid Adam, group CISO and group head of privacy at Axiata and Sujit Christy, group CISO at, John Keells Holdings

Organizations in the APAC region are not immune to the impact of the SolarWinds supply chain hack, so it’s essential that they reassess their risk management practices and audit their suppliers, two security experts stress.

See Also: Shift From Perimeter-Based to Identity-Based Security

Companies considering using new suppliers must take steps to ensure this does not create additional exposure to risk, says Malaysia-based Abid Adam, group CISO and group head of privacy at Axiata, a large telecommunications firm.

Sri Lanka-based Sujit Christy, group CISO at John Keells Holdings, notes: "We need to undertake vendor and supplier reviews as part of the [contract] agreement and include a clause allowing us to audit the suppliers.”

In this video panel discussion, the two experts address:

  • Risk lessons learned from SolarWinds’ supply chain hack;
  • How to respond to software coding challenges;
  • The need to evaluate third-party products and conduct audits.

Adam is Axiata Group's CISO and head of privacy, responsible for providing strategic direction, implementation, oversight, and guidance for cybersecurity and privacy across the Southeast Asia region. Previously, he led the cybersecurity function and implemented transformational programs for a large multinational financial services organization.

Christy is a group CISO at John Keells Holdings. Experienced governance, risk, compliance, and cybersecurity professional, he is also a director of Layers-7 Seguro Consultoria Private Limited and a board member of the ISACA Sri Lanka Chapter.

About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Vice President - Conferences, Asia, Middle East and Africa, ISMG

Nandikotkur is an award-winning journalist with over 20 years of experience in newspapers, audiovisual media, magazines and research. She has an understanding of technology and business journalism and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a group editor for CIO & Leader, IT Next and CSO Forum.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.