CSO100 Award 2019
Vasudevan Nair, Head IT and CISO at Writer Corporation is an IT leader with two decades of multi-industry experience with broad and in-depth knowledge of nearly all facets of information technology. He is a cybersecurity strategist and advisor to stakeholders in the areas of enterprise IT strategy & execution, digital transformation, business continuity & enterprise applications, scalable & resilient IT infrastructure - (Native, Hybrid & Cloud), risk governance & compliance, security awareness & training, application security and incident response management. Prior to joining Writer Corporation, Nair worked with Angel Broking Ltd, Mangal Keshav Financial Services LLP, Emkay Global Financial Services Ltd and ICICI Infotech.
KEY SECURITY INITIATIVES
Writer Corporation is a leading multi-business enterprise with over 8500 employees across geographies. Writer handles and securely stores data for various customers including banks and financial institutions. So the organization is indirectly being governed by regulatory bodies and regularly audited by customers and stakeholders. This has enabled the company to invest in various security and compliance initiatives not only to meet regulatory requirements, but also to protect mission-critical business data. As a part of these efforts, Writer is leveraging technologies to produce better and more efficient compliance results by implementing an advanced Secure Web Gateway (SWG) and Data Loss Prevention (DLP) framework. The framework is a combination of perimeter and endpoint security tools deeply integrated with SIEM. More than compliance, the way in which the Secure Web Gateway (SWG) and Data Loss Prevention (DLP) framework is deployed, configured and maintained, greatly improved the organization's overall security posture. The framework helped Writer overcome limitations in terms of adopting different policies for each business/functions, controlling cloud and cloud storage solutions, controlling various collaboration solutions and public email providers, monitoring and reporting on a granular level to proceed towards effective detection and response.