Starting out with enterprises equating information security with just having an antivirus, or a firewall, to cutting edge technologies are being adopted in security today – some uncommon even in more developed markets – the Indian Information Security domain has evolved.
“We have come a long way from where the Indian journey in security started – information security is a board-level issue today,” says KK Mookhey – Principal Consultant and Founder, Indian security consultancy, Network Intelligence. “A lot of innovation is also happening in this market now, and we are seeing Indian products make it big on the global stage. This is something that excites me,” he says.
The first major milestone in the Indian Information Security space was the Gopalkrishna Committee report, he says, which provided some guidelines to banks in the information security, risk and fraud domain. This galvanized a lot of banks into taking action and improving their awareness and maturity. The RBI has since followed up with other key guidelines, and Mookhey expects this process towards maturity to continue, across sectors.
“Already we have one of the most secure transaction systems in the world, thanks to RBI’s strong regulatory role,” he says, “and more and more, I am also seeing enterprises in non-traditional, non-IT businesses in India, taking a keen interest in cybersecurity.”
With regard to being a security consultant in India since the early 2000s, Mookhey says that one major cultural differentiator in the Indian market is the speed of decision-making viz a viz other regions like the Middle East, where NII operates. “Indians are traditionally risk-averse and conservative. In comparison I have seen an openness in the Middle East to adopt new ideas and technology,” he says. While being conservative in terms of security can be a good thing sometimes, in the age we are living in, the volume and variety of threats necessitate decisiveness.
In this candid interview with the Information Security Media Group, Indian InfoSec veteran Mookhey speaks about being a security entrepreneur in India and the evolution he has witnessed first-hand in this space over the span of his career. He speaks about the cultural aspects and the challenges in store, going forward. Mookhey comments on:
- The major milestones in Indian InfoSec;
- Key differentiators in the Indian market;
- Some prominent trends going forward.
KK Mookhey is one of the pioneers of the Information Security industry in India. Having established Network Intelligence in 2001, it has grown from a one-man show to a team of 200, focused security professionals working across numerous locations in India and the Middle East. He is a consultant and trainer with strong technical know-how as well as a keen sense of business, ensuring that priorities are met while designing and implementing security controls. His experience ranges across banking, financial services, IT, shipping, oil and gas, law-enforcement, as well as various United Nations agencies.
He is also the author of two books and numerous articles on information security and entrepreneurship, and continues to be hands-on with skills across security assessments, audits, security architecture, control frameworks, incident response, forensics and designing security solutions.
Experience of over a decade in the IT and CyberSecurity domain. A cyber-detective by nature,
and has solved numerous cyberattack-cases during his tenure at Network Intelligence. When not solving cybercrimes, he enjoys video-games and photography.