SlideShare una empresa de Scribd logo

Cyber Resilience - Contemporary once again for Managing Data Protection post-Pandemic

S
SSFIndia1

Cyber Resilience - Contemporary once again for Managing Data Protection post-Pandemic Pervez Workingboxwalla - Chief Risk Officer, WNS Global Services https://sharedservicesforum.in/digital-leadership-e-summit--2020/

Empresariales
1 de 5
0 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved © Copyright 2020 WNS (Holdings) Ltd. All rights reserved Shared Services Forum Cyber Resilience - Contemporary once again for Managing Data Protection post-Pandemic August 28, 2020
1 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved Sudden Emergence of Work from Home Environment Caused by the Pandemic - Challenges / Risks 1 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved Operational Risks Impact on Collaboration Cyber Security Risks Impact on Productivity Overworking / Unplugging Morale and Motivation Knowledge Management Continuity Risks Regulatory Risks Health & Safety Managing Remote Workforce Interpretative Governmental Orders MIS / Data Risks Privacy Risks Sudden Volume Variability Credit Risks
2 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved Rapid Operations Delivery Model Inversion 2 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved ▪ Secure ODCs were closed overnight due to government enforced lockdowns in most geographies and almost simultaneously ▪ Regulations existed that disallowed / disincentivized WFH in some geographies ▪ Operational delivery models involved using hardened non- portable computing devices (desktops) ▪ Employees able to access systems and data in an unsupervised environment ▪ Most employees did not have high-speed internet connections (>10Mbps) at home nor the infrastructure for home working, including stable power supply ▪ Access had to be enabled to client application systems through using the internet and not through secure MPLS circuits ▪ Our IT architecture was designed for secure in-premise service delivery model and not for a WFH environment ▪ Hardened end-points in secure Offshore Delivery Centers (ODC) accessible for service delivery only to employees belonging to a particular client program ▪ No access to data storage and transmitting devices for employees in the operating environment ▪ Access to client applications only through secure and high bandwidth MPLS connection to client data centers. IP whitelisting at the client data center for in-bound connections for our employees ▪ Highly regulated access to the internet through a secure proxy solution and highly restricted email access and sending right for employees ▪ Internal systems not reachable from the internet and protected by layers of security ▪ Highly supervised environment with electronic and manual oversight ▪ Well designed system logging, correlation and analytical routines for early breach detection Pre-COVID Operating Environment Post COVID Operating Environment
3 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved Key Success Factors – Enabling WFH at scale during a pandemic 3 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved 1. Strong Business Continuity programs – enabled for early tracking of the COVID-19 outbreak and advance planning 2. Stakeholder transparency – ensure that all stakeholders understand residual risks appropriately in a WFH environment 3. Carry forward as many technical security controls existing in the in-premise end-point architecture deployment when architecting for remote working solutions. Add security to allow for secure remote engagement with client systems (VPN + MFA, ZT, DLP, VMDR etc). 4. Balance between security and other risks –remote working environment for most organizations was borne out of crisis and not strategy. A difficult balance had to be drawn between security and operability while maxing out our monitoring controls 5. Employee training assumed even more importance in a remote working environment where F2F team messaging is not possible. Humans are the weakest link in the information security chain 6. Enabling infrastructure at home (internet and power) assumed tremendous importance from user experience as well as enabling information security. 7. Design log capture and correlation analysis for new systems as they are introduced into the Hybrid Tech Model architecture for supporting the security monitoring activities 8. Strengthen your SOC – An organization is most susceptible to attacks during a crisis as has been visible in the current environment. Integrate multiple threat intelligence feeds that provide timely inputs for correlation of threat events in a distributed operating environment and allow for evasive action to be taken. 9. Lastly, Architect for the future – a Hybrid Tech Model to support multiple combinations of workspace / workers (in-premise / hybrid agents and full-time employees / part time subject matter experts)
4 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved WNS.COM This presentation and any files attached and/or transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. No part of this presentation may be given, lent, resold, or disclosed to any unintended recipients or exploited for any commercial purposes. If you are not the intended recipient and you have received this presentation in error, please return this material to the sender immediately and forthwith delete and destroy the presentation including any copies thereof from your records. We hereby notify that disclosing, distributing, copying, reproducing, storing in a retrieval system, or transmitting in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, or taking any action in reliance on the contents of the presentation in its entirety or any part thereof is strictly prohibited without the prior written consent of WNS, such consent being given at the sole discretion of WNS. Any views or opinion expressed in this presentation are those of the author and do not necessarily represent that of WNS. WNS makes no representations and to the full extent permissible by applicable law, WNS disclaims any warranties of any kind, express or implied, including any warranty of merchantability, accuracy, fitness or applicability for a particular purpose, and non-infringement of third party rights, as to the information, content and materials.

Recomendados

Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
karthikasivakumar3
 
Information security policy
Information security policyInformation security policy
Information security policy
BalachanderThilakar1
 
Incident handling.final
Incident handling.finalIncident handling.final
Incident handling.final
ahmad abdelhafeez
 
Cyber Essentials Requirements for UK Government
Cyber Essentials Requirements for UK GovernmentCyber Essentials Requirements for UK Government
Cyber Essentials Requirements for UK Government
David Sweigert
 
Importance Of Structured Incident Response Process
Importance Of Structured Incident Response ProcessImportance Of Structured Incident Response Process
Importance Of Structured Incident Response Process
Anton Chuvakin
 
NIST Patch Management SP 800-40 Rev 3
NIST Patch Management SP 800-40 Rev 3NIST Patch Management SP 800-40 Rev 3
NIST Patch Management SP 800-40 Rev 3
David Sweigert
 
code of conduct
code of conductcode of conduct
code of conduct
David Waddell
 
Incident response process
Incident response processIncident response process
Incident response process
Bhupeshkumar Nanhe
 

Recomendados

Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
karthikasivakumar3
 
Information security policy
Information security policyInformation security policy
Information security policy
BalachanderThilakar1
 
Incident handling.final
Incident handling.finalIncident handling.final
Incident handling.final
ahmad abdelhafeez
 
Cyber Essentials Requirements for UK Government
Cyber Essentials Requirements for UK GovernmentCyber Essentials Requirements for UK Government
Cyber Essentials Requirements for UK Government
David Sweigert
 
Importance Of Structured Incident Response Process
Importance Of Structured Incident Response ProcessImportance Of Structured Incident Response Process
Importance Of Structured Incident Response Process
Anton Chuvakin
 
NIST Patch Management SP 800-40 Rev 3
NIST Patch Management SP 800-40 Rev 3NIST Patch Management SP 800-40 Rev 3
NIST Patch Management SP 800-40 Rev 3
David Sweigert
 
code of conduct
code of conductcode of conduct
code of conduct
David Waddell
 
Incident response process
Incident response processIncident response process
Incident response process
Bhupeshkumar Nanhe
 
5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses
Wilkins Consulting, LLC
 
Computer Security Policy
Computer Security PolicyComputer Security Policy
Computer Security Policy
everestsky66
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
DLT Solutions
 
Throughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlThroughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security Control
Aruj Thirawat
 
Incident Response in the wake of Dear CEO
Incident Response in the wake of Dear CEOIncident Response in the wake of Dear CEO
Incident Response in the wake of Dear CEO
Paul Dutot IEng MIET MBCS CITP OSCP CSTM
 
information security technology
information security technologyinformation security technology
information security technology
garimasagar
 
Should You Be Automating
Should You Be AutomatingShould You Be Automating
Should You Be Automating
Siemplify
 
Viruses, worms, and trojan horses
Viruses, worms, and trojan horsesViruses, worms, and trojan horses
Viruses, worms, and trojan horses
EILLEN IVY PORTUGUEZ
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
Resilient Systems
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
Andris Soroka
 
Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001
Donald E. Hester
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assurance
Vaughan Olufemi ACIB, AICEN, ANIM
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET Journal
 
Information Security : Is it an Art or a Science
Information Security : Is it an Art or a ScienceInformation Security : Is it an Art or a Science
Information Security : Is it an Art or a Science
Pankaj Rane
 
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
eLearning Consortium 電子學習聯盟
 
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Resilient Systems
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from Ransomware
David Sweigert
 
Network Security
Network SecurityNetwork Security
Network Security
EILLEN IVY PORTUGUEZ
 
Info Sec2007 End Point Final
Info Sec2007 End Point FinalInfo Sec2007 End Point Final
Info Sec2007 End Point Final
Ben Rothke
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
EnergySec
 
Review of Considerations for Mobile Device based Secure Access to Financial S...
Review of Considerations for Mobile Device based Secure Access to Financial S...Review of Considerations for Mobile Device based Secure Access to Financial S...
Review of Considerations for Mobile Device based Secure Access to Financial S...
Eswar Publications
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security Breach
CloudLock
 

Más contenido relacionado

La actualidad más candente

information security technology
information security technologyinformation security technology
information security technology
garimasagar
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
Resilient Systems
 
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Resilient Systems
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
EnergySec
 

La actualidad más candente (20)

5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses
 
Computer Security Policy
Computer Security PolicyComputer Security Policy
Computer Security Policy
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
 
Throughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlThroughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security Control
 
Incident Response in the wake of Dear CEO
Incident Response in the wake of Dear CEOIncident Response in the wake of Dear CEO
Incident Response in the wake of Dear CEO
 
information security technology
information security technologyinformation security technology
information security technology
 
Should You Be Automating
Should You Be AutomatingShould You Be Automating
Should You Be Automating
 
Viruses, worms, and trojan horses
Viruses, worms, and trojan horsesViruses, worms, and trojan horses
Viruses, worms, and trojan horses
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
 
Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001Information Technology Security A Brief Overview 2001
Information Technology Security A Brief Overview 2001
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assurance
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
 
Information Security : Is it an Art or a Science
Information Security : Is it an Art or a ScienceInformation Security : Is it an Art or a Science
Information Security : Is it an Art or a Science
 
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
 
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from Ransomware
 
Network Security
Network SecurityNetwork Security
Network Security
 
Info Sec2007 End Point Final
Info Sec2007 End Point FinalInfo Sec2007 End Point Final
Info Sec2007 End Point Final
 
Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
 

Similar a Cyber Resilience - Contemporary once again for Managing Data Protection post-Pandemic

Review of Considerations for Mobile Device based Secure Access to Financial S...
Review of Considerations for Mobile Device based Secure Access to Financial S...Review of Considerations for Mobile Device based Secure Access to Financial S...
Review of Considerations for Mobile Device based Secure Access to Financial S...
Eswar Publications
 
ISCA Slides - Barun Kumar v1.0
ISCA Slides - Barun Kumar v1.0ISCA Slides - Barun Kumar v1.0
ISCA Slides - Barun Kumar v1.0
Barun Kumar
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- ingles
isidro luna beltran
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
EY
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile security
JAYANT RAJURKAR
 
Sample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxSample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docx
rtodd599
 
Sample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxSample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docx
jeffsrosalyn
 

Similar a Cyber Resilience - Contemporary once again for Managing Data Protection post-Pandemic (20)

Review of Considerations for Mobile Device based Secure Access to Financial S...
Review of Considerations for Mobile Device based Secure Access to Financial S...Review of Considerations for Mobile Device based Secure Access to Financial S...
Review of Considerations for Mobile Device based Secure Access to Financial S...
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security Breach
 
Securing Nuclear Facilities
Securing Nuclear FacilitiesSecuring Nuclear Facilities
Securing Nuclear Facilities
 
ISCA Slides - Barun Kumar v1.0
ISCA Slides - Barun Kumar v1.0ISCA Slides - Barun Kumar v1.0
ISCA Slides - Barun Kumar v1.0
 
OWASP Cloud Top 10
OWASP Cloud Top 10OWASP Cloud Top 10
OWASP Cloud Top 10
 
CloudSecurity
CloudSecurityCloudSecurity
CloudSecurity
 
Three Keys to Building a Secure Mobile Infrastructure in Government Environments
Three Keys to Building a Secure Mobile Infrastructure in Government EnvironmentsThree Keys to Building a Secure Mobile Infrastructure in Government Environments
Three Keys to Building a Secure Mobile Infrastructure in Government Environments
 
Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- ingles
 
Tufin SecureCloud
Tufin SecureCloudTufin SecureCloud
Tufin SecureCloud
 
CYBERSECURITY.pptx
CYBERSECURITY.pptxCYBERSECURITY.pptx
CYBERSECURITY.pptx
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
Symantec Migration infographic
Symantec Migration infographic Symantec Migration infographic
Symantec Migration infographic
 
Investigative analysis of security issues and challenges in cloud computing a...
Investigative analysis of security issues and challenges in cloud computing a...Investigative analysis of security issues and challenges in cloud computing a...
Investigative analysis of security issues and challenges in cloud computing a...
 
IT Network Security Policy
IT Network Security PolicyIT Network Security Policy
IT Network Security Policy
 
Module 1 / Unit 5 Digital Cybersecurity
Module 1 / Unit 5 Digital Cybersecurity Module 1 / Unit 5 Digital Cybersecurity
Module 1 / Unit 5 Digital Cybersecurity
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile security
 
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009
 
Sample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxSample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docx
 
Sample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxSample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docx
 

Más de SSFIndia1

Más de SSFIndia1 (20)

Towards Boundaryless Finance
Towards Boundaryless FinanceTowards Boundaryless Finance
Towards Boundaryless Finance
 
Digital Journey
Digital JourneyDigital Journey
Digital Journey
 
Digital Journey – KEY TAKEAWAYS
Digital Journey – KEY TAKEAWAYSDigital Journey – KEY TAKEAWAYS
Digital Journey – KEY TAKEAWAYS
 
Key Takeaways
Key TakeawaysKey Takeaways
Key Takeaways
 
Future of Finance
Future of FinanceFuture of Finance
Future of Finance
 
Creating the Foundation for Digital Leapfrogging
Creating the Foundation for Digital LeapfroggingCreating the Foundation for Digital Leapfrogging
Creating the Foundation for Digital Leapfrogging
 
Embracing New Normal
Embracing New NormalEmbracing New Normal
Embracing New Normal
 
The Challenger – “Lead” or “be-led”: New Rules of the Game
The Challenger – “Lead” or “be-led”: New Rules of the GameThe Challenger – “Lead” or “be-led”: New Rules of the Game
The Challenger – “Lead” or “be-led”: New Rules of the Game
 
Post Event Report HR Leadership Summit-2018
Post Event Report HR Leadership Summit-2018Post Event Report HR Leadership Summit-2018
Post Event Report HR Leadership Summit-2018
 
BREAKING BOUNDARIES: THE POWER OF ENTERPRISE SERVICES - A REPORT
BREAKING BOUNDARIES: THE POWER OF ENTERPRISE SERVICES - A REPORTBREAKING BOUNDARIES: THE POWER OF ENTERPRISE SERVICES - A REPORT
BREAKING BOUNDARIES: THE POWER OF ENTERPRISE SERVICES - A REPORT
 
DIGITAL LEADERSHIP FOR WINNING EDGE - A REPORT
DIGITAL LEADERSHIP FOR WINNING EDGE - A REPORTDIGITAL LEADERSHIP FOR WINNING EDGE - A REPORT
DIGITAL LEADERSHIP FOR WINNING EDGE - A REPORT
 
BUILDING ORGANIZATIONS OF TOMORROW - A REPORT
BUILDING ORGANIZATIONS OF TOMORROW - A REPORTBUILDING ORGANIZATIONS OF TOMORROW - A REPORT
BUILDING ORGANIZATIONS OF TOMORROW - A REPORT
 
CROSSING THE RUBICON – A REPORT
CROSSING THE RUBICON – A REPORTCROSSING THE RUBICON – A REPORT
CROSSING THE RUBICON – A REPORT
 
BPM & Shared Services Landscape in Global India
BPM & Shared Services Landscape in Global IndiaBPM & Shared Services Landscape in Global India
BPM & Shared Services Landscape in Global India
 
The Evolving Direction to Success Insights from Survey 2012
The Evolving Direction to Success Insights from Survey 2012The Evolving Direction to Success Insights from Survey 2012
The Evolving Direction to Success Insights from Survey 2012
 
Become ‘Future Relevant’ by ReShaping Transformation Strategy in today’s Digi...
Become ‘Future Relevant’ by ReShaping Transformation Strategy in today’s Digi...Become ‘Future Relevant’ by ReShaping Transformation Strategy in today’s Digi...
Become ‘Future Relevant’ by ReShaping Transformation Strategy in today’s Digi...
 
Global India – The Power of BPM
Global India – The Power of BPMGlobal India – The Power of BPM
Global India – The Power of BPM
 
Triggers of BPM
Triggers of BPMTriggers of BPM
Triggers of BPM
 
4th Shared Services & BPM Conclave: Process Agility & Cost Optimization In Se...
4th Shared Services & BPM Conclave: Process Agility & Cost Optimization In Se...4th Shared Services & BPM Conclave: Process Agility & Cost Optimization In Se...
4th Shared Services & BPM Conclave: Process Agility & Cost Optimization In Se...
 
BPM & Shared Services Landscape in Global India
BPM & Shared Services Landscape in Global IndiaBPM & Shared Services Landscape in Global India
BPM & Shared Services Landscape in Global India
 

Último

Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGParadip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
pr788182
 
Mckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for ViewingMckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for Viewing
Nauman Safdar
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 
Structuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdfStructuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdf
laloo_007
 
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pillsMifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Abortion pills in Kuwait Cytotec pills in Kuwait
 

Último (20)

Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Falcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to ProsperityFalcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to Prosperity
 
Falcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business PotentialFalcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business Potential
 
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGParadip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
Mckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for ViewingMckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for Viewing
 
CROSS CULTURAL NEGOTIATION BY PANMISEM NS
CROSS CULTURAL NEGOTIATION BY PANMISEM NSCROSS CULTURAL NEGOTIATION BY PANMISEM NS
CROSS CULTURAL NEGOTIATION BY PANMISEM NS
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
Rice Manufacturers in India | Shree Krishna Exports
Rice Manufacturers in India | Shree Krishna ExportsRice Manufacturers in India | Shree Krishna Exports
Rice Manufacturers in India | Shree Krishna Exports
 
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
 
Structuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdfStructuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdf
 
Buy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail AccountsBuy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail Accounts
 
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pillsMifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
 
PHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation Final
 
BeMetals Investor Presentation_May 3, 2024.pdf
BeMetals Investor Presentation_May 3, 2024.pdfBeMetals Investor Presentation_May 3, 2024.pdf
BeMetals Investor Presentation_May 3, 2024.pdf
 
New 2024 Cannabis Edibles Investor Pitch Deck Template
New 2024 Cannabis Edibles Investor Pitch Deck TemplateNew 2024 Cannabis Edibles Investor Pitch Deck Template
New 2024 Cannabis Edibles Investor Pitch Deck Template
 
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
 
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business Growth
 

Cyber Resilience - Contemporary once again for Managing Data Protection post-Pandemic

  • 1. 0 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved © Copyright 2020 WNS (Holdings) Ltd. All rights reserved Shared Services Forum Cyber Resilience - Contemporary once again for Managing Data Protection post-Pandemic August 28, 2020
  • 2. 1 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved Sudden Emergence of Work from Home Environment Caused by the Pandemic - Challenges / Risks 1 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved Operational Risks Impact on Collaboration Cyber Security Risks Impact on Productivity Overworking / Unplugging Morale and Motivation Knowledge Management Continuity Risks Regulatory Risks Health & Safety Managing Remote Workforce Interpretative Governmental Orders MIS / Data Risks Privacy Risks Sudden Volume Variability Credit Risks
  • 3. 2 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved Rapid Operations Delivery Model Inversion 2 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved ▪ Secure ODCs were closed overnight due to government enforced lockdowns in most geographies and almost simultaneously ▪ Regulations existed that disallowed / disincentivized WFH in some geographies ▪ Operational delivery models involved using hardened non- portable computing devices (desktops) ▪ Employees able to access systems and data in an unsupervised environment ▪ Most employees did not have high-speed internet connections (>10Mbps) at home nor the infrastructure for home working, including stable power supply ▪ Access had to be enabled to client application systems through using the internet and not through secure MPLS circuits ▪ Our IT architecture was designed for secure in-premise service delivery model and not for a WFH environment ▪ Hardened end-points in secure Offshore Delivery Centers (ODC) accessible for service delivery only to employees belonging to a particular client program ▪ No access to data storage and transmitting devices for employees in the operating environment ▪ Access to client applications only through secure and high bandwidth MPLS connection to client data centers. IP whitelisting at the client data center for in-bound connections for our employees ▪ Highly regulated access to the internet through a secure proxy solution and highly restricted email access and sending right for employees ▪ Internal systems not reachable from the internet and protected by layers of security ▪ Highly supervised environment with electronic and manual oversight ▪ Well designed system logging, correlation and analytical routines for early breach detection Pre-COVID Operating Environment Post COVID Operating Environment
  • 4. 3 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved Key Success Factors – Enabling WFH at scale during a pandemic 3 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved 1. Strong Business Continuity programs – enabled for early tracking of the COVID-19 outbreak and advance planning 2. Stakeholder transparency – ensure that all stakeholders understand residual risks appropriately in a WFH environment 3. Carry forward as many technical security controls existing in the in-premise end-point architecture deployment when architecting for remote working solutions. Add security to allow for secure remote engagement with client systems (VPN + MFA, ZT, DLP, VMDR etc). 4. Balance between security and other risks –remote working environment for most organizations was borne out of crisis and not strategy. A difficult balance had to be drawn between security and operability while maxing out our monitoring controls 5. Employee training assumed even more importance in a remote working environment where F2F team messaging is not possible. Humans are the weakest link in the information security chain 6. Enabling infrastructure at home (internet and power) assumed tremendous importance from user experience as well as enabling information security. 7. Design log capture and correlation analysis for new systems as they are introduced into the Hybrid Tech Model architecture for supporting the security monitoring activities 8. Strengthen your SOC – An organization is most susceptible to attacks during a crisis as has been visible in the current environment. Integrate multiple threat intelligence feeds that provide timely inputs for correlation of threat events in a distributed operating environment and allow for evasive action to be taken. 9. Lastly, Architect for the future – a Hybrid Tech Model to support multiple combinations of workspace / workers (in-premise / hybrid agents and full-time employees / part time subject matter experts)
  • 5. 4 © Copyright 2020 WNS (Holdings) Ltd. All rights reserved WNS.COM This presentation and any files attached and/or transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. No part of this presentation may be given, lent, resold, or disclosed to any unintended recipients or exploited for any commercial purposes. If you are not the intended recipient and you have received this presentation in error, please return this material to the sender immediately and forthwith delete and destroy the presentation including any copies thereof from your records. We hereby notify that disclosing, distributing, copying, reproducing, storing in a retrieval system, or transmitting in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, or taking any action in reliance on the contents of the presentation in its entirety or any part thereof is strictly prohibited without the prior written consent of WNS, such consent being given at the sole discretion of WNS. Any views or opinion expressed in this presentation are those of the author and do not necessarily represent that of WNS. WNS makes no representations and to the full extent permissible by applicable law, WNS disclaims any warranties of any kind, express or implied, including any warranty of merchantability, accuracy, fitness or applicability for a particular purpose, and non-infringement of third party rights, as to the information, content and materials.