Infosys chief information security officer Vishal Salvi believes that there are several core pillars that make up a strong cybersecurity posture: policy, implementation, and execution with the right architecture, and security culture that ties it all together.
As Infosys CISO, Salvi's job is to oversee all of these core security pillars across Infosys, as well as and the company's customer base, and the company has invested heavily into cybersecurity to make this a reality.
We chatted to him about the company's approach to cybersecurity, and how its Cyber Defence Centres support everything from day-to-day customer security to powering the latest threat intelligence.
“As we know, security is as good as the weakest link, so we want to make sure that every aspect of security controls are not ignored. We are constantly implementing these controls and we have a strong team that is empowered to drive the security agenda across different stakeholders, whether those stakeholders are business functions, finance, leaders, or end-users.
Salvi says that the company has a strategy in which it operates up to a year ahead of the market and its peers, thanks in part to its R-D and innovation investment. In a security context, this means Infosys is continuously trying to understand adversaries, their strategies, and their techniques. Infosys then creates its own strategies to counter adversaries' attempts.
“We have a clear zero tolerance towards poor security hygiene. It's important to get the fundamentals right, like acquiring new technologies, maintaining good visibility of assets, blacklisting unauthorised software and rogue applications, and refreshing architecture so there's no end-of-life infrastructure.
The company's Cyber Defence Centres (CDCs) are a key part of the Infosys security offering. These centres are located in India, Europe and the United States to provide an in-house cyber defence to prevent, detect, assess and respond to cybersecurity threats and breaches.
“The Cyber Defence Centres provide a platform that is able to do everything required, such as protecting customers, threat and anomaly detection, and basically identifying the proverbial needle in the haystack. We also leverage findings to identify more patterns, which can, in turn, identify further threats," explains Salvi.
Infosys also leverages technologies such as security orchestration and automation response (SOAR) to automate many different solutions to address the almost infinite threat landscape that filters through the enormous amount of data and transactions that happen every second of the Infosys network.
“While that helps to identify and correlate, anomaly-based detection can look at patterns and flag anything happening out of turn. Indicators of attack (IoA) and indicators of compromise (IoC), CVE vulnerabilities, have been standardised worldwide and are fed into our cyber threat intelligence platform. This platform and the team that monitors it are sensing threats and protecting client systems.
“Customers also understand what their risk posture is based on what their business models are and we collaborate to resolve their security challenges. These are essentially the broad capabilities of our Cyber Defence Centres.
Salvi says there are 500 people working across the Infosys Cyber Defence Centres worldwide - and it's people who make up the most important security asset in any business.
“Organisations much ensure that every person knows what they need to do - that can be a challenge when people come from different backgrounds. They must all be aligned to a cause and understand security. People need to know how to understand the larger purpose of what they're trying to do, why they're protecting their organisation.
Another challenge is enabling organisations to get full visibility into their security postures. If they don't have visibility of their IT infrastructure, it can be difficult for them to protect it. Salvi stresses that it's important to have a comprehensive collection of log files.
“Organisations are moving to the cloud because it is faster, cheaper, more reliable, and I think organisations will also look to global cyber defence centres for similar reasons.
At Infosys, the company engages with every customer to understand the full context of the business and co-create a solution that works for them. Salvi says that Infosys does the hard work, but customers are the guides that ensure Infosys is delivering the right protection.
“A cybersecurity problem is everyone's problem. It can be hard for organisations to solve these problems on their own, especially if cyber and technology are not core parts of their business models. Companies like Infosys build fully-fledged solutions that deliver security and value for organisations.