Securing the approach towards cybersecurity
Darshan Dwarkanath
Cybersecurity Manager @ Bosch | Driving Secure Innovations in Automobile & IoT Security | ISO 21434 & ISO 27001 Expert ????
With over a decade of experience in the IT Industry, being a developer, engineer to the project manager, I moved towards cybersecurity. Early in 2020, my focus shifted towards being an eye for the security needs of projects. From careful guidance from my managers and peers, I jumped the wagon of the security manager for several projects.
“Nothing in the universe can stop you from letting go and starting over.” —Guy Finley
Not that cybersecurity was new to me, just that I needed the unlearning and starting over with the eye for security aspects. The whole approach towards the project or product changes on how things can be hacked and how is best way to protect it as an organization asset.
Organization needs to lucky always, but Hackers need to be lucky just once. -Sources pending.
Cybersecurity is an ocean, as the saying goes: Learning and knowing is just a drop is an ocean of unknown. As days progressed, I enrolled for various online programs from Coursera, Simplilearn, and others. The best so far where I could lay my hands-on experience was from Jigsaw academy in collaboration with HackerU-A premier cybersecurity training institute from Israel.
With this knowledge, I had the mammoth task of translating the approach into usable & executable approaches to implement the security process. Also to keep in mind, the organization has excellent & detailed security policies for various types of projects and had mandated this process way before but it always bottle-necked the successful delivery of the project.
With experience in Project Management, I re-looked on how we streamline this mandatory process and induce this as a part of thinking :
- Give me the Data - the biggest pain was in collecting and refining.
- Talk to Project Manager - get the current status of the project.
- Applicability of security aspects - 99.999% of them needed it, no exception.
- Follow with the Project team - if not, efforts are just wasted or looked up as a part painful process.
- Be a Hacker - It's better you break the system & fix it rather a hacker breaks-in to steal your information
- The long-term approach - Don't just deliver & forget, keep eye on vulnerability fixes in the roadmap.
- Mindset change and Approach - It seems naive for grown-ups but its reality when working under pressure and striving for delivery.
- Awareness about Security needs - the major challenge is bringing in the awareness about the topic to various levels of management and teams.
The best way to induce this thinking was at the beginning of any project. So that project team, project managers, and especially the top management will be aware of how their products will be secured in the market and can be the USP for selling.
With these approaches, I come with hope to wrinkle out few issues in delivering a successful project/product to the customers. Any internet experts out there can voice your opinion to learn and collaborate in making the internet a little safer than yesterday.
#cybersecurity #Organization #needofthehour #Security #ITSecurity #hacker #India #ITjourney #experts #internetsafty
Industry consultant and on line coaching at Self employed
4 年A thoughtful approach to cybersecurity.best wishes
Product/Program Management | Bosch | Diverse experience across Mobility (Powertrain, ADAS), Retail, Embedded Systems, IoT, AI, Web/Cloud domains.
4 年All the best, Darshan !