| | July 20188CIOReviewBUILDING SECURITY CAPABILITIES IN CORPORATIONSBy Siva Sivasubramanian, Global Chief of Security at AirtelIntroductionWith business embracing digitization and automation; Internet of Things (IoT) on the anvil, virtualization and cloudification rampant, the rapid coalescence of the business and technology, fast convergence of IT and network technologies and all of them coupled with a chronic shortage of deployable cybersecurity professionals; the challenge in building a strong security organization is only turning acute.Studies and surveys in this area tend to call out discreet factors such as the nature of threats faced, lack of budgetary allocations and the reactive ways of working of the security apparatus as those that hamper effective security organizations. These surveys tend to illuminate the facets of the iceberg above the water and fail to illuminate the problem holistically or call out the problems hidden out of sight. Notable among those hidden out of sight factors are: (a) the security culture of the corporation, (b) executive over-dependence on technology and (c) shortage of core security skills in the market. This article discusses three core factors one must consider in building effective security capabilities in corporations.Understanding the Security CultureSecurity culture is how corporations practice security. One can observe that most business view security as an impediment to businesses agility and a cost to business IN MY OPINION
< Page 7 | Page 9 >