Business-Driven Security: How It WorksRSA's Rajnish Gupta on Setting the Right Priorities
Security practitioners need to look at security from a business risk perspective and protect what matters most to the organization, says Rajnish Gupta, RSA's country head, India and SAARC.
Key steps in business-driven security, he says, include understanding risks in real time and speeding the response to breaches through effective orchestration, he explains in an interview with Information Security Media Group.
"In the realm of this business-driven security, practitioners have started mapping risks and making a shift from threat management to risk management," he says.
Rather than focus on protection, organizations must focus on detection, he emphasizes. More security practitioners are engaging with the business team and the C-suite to build a comprehensive risk registry in the business context, he adds.
In an interview at the recent RSA Conference in Sinapore (see audio link below photo), Gupta offers insights on:
- How practitioners are shifting to business-driven security;
- The need for effective orchestration for better security;
- Detecting high-priority risks with high visibility.
Before joining RSA in a leadership role, Gupta worked at Symantec, where he managed the north and east regions in India as well as the government business throughout the country He has also held senior level positions atn Cadence, MindTree and Wipro. He started his career at PCS.