10830614452?profile=RESIZE_710x

We had a community round table with CISOs of top firms to create a tangible community playbook that could be used by the community in the future. We are extremely thankful to the contributors for this playbook.

 

 

CISO Contributors

  • Dr. Anton Chuvakin, Security Solutions Strategy, Google Cloud
  • Bikash Barai, Co-Founder FireCompass, Advisor CISO Platform
  • Vijay Kumar Verma, SVP and Head Cyber Security Engineering, Jio Platforms Ltd
  • Manoj Kumar Shrivastava, CISO, Future Generali India Insurance Ltd
  • Mihirr P Thaker, CISO, Allcargo Logistics Ltd
  • Prasenjit Das, CISO, TCS
  • Suprakash Guha, General Manager, Lumina Datamatics
  • Anwaya Bilas Sengupta, CISO, ERLDC
  • Gowdhaman Jothilingam, Sr Manager IT/CISO, LatentView Analytics
  • Palanikumar Arumugam, Head Technology, Shiksha Financial Services India Pvt Ltd
  • Raghavendra Bhat, Head of Security Validation India, SAP Labs
  • Rajeev Mittal, CIO, Endurance Technologies Ltd
  • Ashok Kannan, President - IT, Sintex Industries Limited

 

 

Key Pointers

  • Challenges - Licensing, use cases, log volume optimization - how to outsource? How to select a provider? - refining SOC Practices (operations)
  • Mitigation Strategies

 

 

Discussion Highlights

 

1.Major challenges : 

  • Convince the top management for SOC
  • Log volume management
  • Management commitment
  • Partner outsourcing
  • Skill gap & awarness training - people
  • Choosing right tool - native with multiple dashboard OR aggregate logs and create correlation use cases and playbooks
  • Organizations have assets on various platforms (Jio, AWS, Google etc.)
  • Effective building of correlation use cases
  • Building SOAR capability on ground
  • Maturity of the SOC (measure active response)

 

2. How to have effective detection and response mechanism built and the right kind of soc or the program where soc is a part of it.

  • Many company still are not able to implement soc and that is the major challenges what we are facing
  • Lack of convincing the top management on the budget, how we can take it forward and what is the return of investment
  • Due to huge logs and without the dedicated team or the central team it is difficult to manage and that's why we get stuck
  • Management commitment challenges and the other auxiliary challenges
  • SOC are ruined by lack of commitment from executives than by volumes of logs

 

3. Outsourcing to manage security services whether it's a global firm, we should explicitly drag it to the light

  • SOC to be looked at with 2 aspects : need to have tools, people and a processes built around it & one side build protection controls
  • SOC is one of the prime area where we measure the active response
  • Lack for the vulnerability targeted to the porter

 

4. Threat landscape

  • Log management optimization sources has caused number of soc to crash and not go well
  • Detection and Observation comes first and then sources needed

 

5. Always drill the management crisis, pick up various scenarios and do analysis. How much time it takes for the organization to respond and recover or does the organization have the capability to respond and recover. SOC is the strategy to put things in place

 

6. We need to have tools, people and process around a successful SOC. Protective controls involve Firewall, EDR etc. An effective SOC allows you to validate if your protective measures are working well.  

 

Votes: 0
E-mail me when people leave their comments –

Community Head, CISO Platform

You need to be a member of CISO Platform to add comments!

Join CISO Platform

Join The Community Discussion

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)
 

 

 

CISO Platform Talks : Security FireSide Chat With A Top CISO or equivalent (Monthly)

  • Description:

    CISO Platform Talks: Security Fireside Chat With a Top CISO

    Join us for the CISOPlatform Fireside Chat, a power-packed 30-minute virtual conversation where we bring together some of the brightest minds in cybersecurity to share strategic insights, real-world experiences, and emerging trends. This exclusive monthly session is designed for senior cybersecurity leaders looking to stay ahead in an ever-evolving landscape.

    We’ve had the privilege of…

  • Created by: Biswajit Banerjee
  • Tags: ciso, fireside chat

CISO Talk (Chennai Chapter) - AI Code Generation Risks: Balancing Innovation and Security

  • Description:

    We’re excited to invite you to an exclusive CISO Talk (Chennai Chapter) on “AI Code Generation Risks: Balancing Innovation and Security” featuring Ramkumar Dilli (Chief Information Officer, Myridius).

    In this session, we’ll explore how security leaders can navigate the risks of AI-generated code, implement secure development guardrails, and strike the right balance between innovation and security. AI…

  • Created by: Biswajit Banerjee
  • Tags: ciso talk

CISO MeetUp: Executive Cocktail Reception @ Black Hat USA , Las Vegas 2025

  • Description:

    We are excited to invite you to the CISO MeetUp: Executive Cocktail Reception if you are there at the Black Hat Conference USA, Las Vegas 2025. This event is organized by EC-Council & FireCompass with CISOPlatform as proud community partner. 

    This evening is designed for Director-level and above cybersecurity professionals to connect, collaborate, and unwind in a relaxed setting. Enjoy…

  • Created by: Biswajit Banerjee
  • Tags: black hat 2025, ciso meetup, cocktail reception, usa events, cybersecurity events, ciso

6 City Playbook Round Table Series (Delhi, Mumbai, Bangalore, Pune, Chennai, Kolkata)

  • Description:

    Join us for an exclusive 6-city roundtable series across Delhi, Mumbai, Bangalore, Pune, Chennai, and Kolkata. Curated for top cybersecurity leaders, this series will spotlight proven strategies, real-world insights, and impactful playbooks from the industry’s best.

    Network with peers, exchange ideas, and contribute to shaping the Top 100 Security Playbooks of the year.

    Date : Sept 2025 - Oct 2025

    Venue: Delhi, Mumbai, Bangalore, Pune,…

  • Created by: Biswajit Banerjee