COMPANY NAME
This is the headline of the feature DIGITAL REPORT 2021
Creating a holistic approach to cyber security IN ASSOCIATION WITH:
DIGITAL REPORT 2022
IN ASSOCIATION WITH:
TATA CONSULTANCY SERVICES
2
tcs.com
CREATING A HOLISTIC APPROACH TO CYBER SECURIT Y
tcs.com
3
TATA CONSULTANCY SERVICES
Narayan Sharma, Identity Access Management Lead for TCS outlines how the company has utilised technology to respond to the rise in cyberattacks
A
s technology develops and becomes more disruptive, the number of cyber security threats facing businesses has grown rapidly. Attackers are finding new ways to exploit vulnerabilities in systems, causing significant problems for enterprises. A catalyst for this growth was the coronavirus pandemic. As people moved out of the office and worked from home, they were more vulnerable to cyber attacks. In fact, according to Deloitte, 47% of people fall for a phishing scam while working at home. With its technical expertise and business intelligence, Tata Consultancy Services (TCS) provides its customers with the solutions to combat cyber attacks and improve their cyber resilience. TCS, part of Tata Group, India's largest multinational business group, is a global leader in IT services, consulting, and business solutions. The company “provides consulting, professional services, and managed services to the world’s biggest and most important companies,” explained Narayan Sharma, its Global Head of Identity Access Management offerings under TCS Cyber Security Unit. 4
tcs.com
Example of an image caption tcs.com
5
TATA CONSULTANCY SERVICES
Creating a holistic approach to cyber security
He added: “As a global company, we offer a full suite of cyber security services across consulting, professional services, and managed services around areas such as Managed Detection and Response, Identity and Access Management, Cloud Security, Governance Risk and Compliance, Enterprise Vulnerability Management, Data Security and Privacy, Fraud and Forensics, OT/IoT Security, etc. We deliver these services through Threat Management Centers setup across the globe to meet our customers’ unique business and regulatory requirements.” To combat the rise in cyber security risks, TCS partners with alliance partners and academia to provide high-quality and contextual solutions to its customers. “TCS has strong and strategic global partnerships with the likes of Microsoft, AWS, Google, 6
tcs.com
IBM, Ping Identity, BeyondTrust, CyberArk, SailPoint, One Identity, Saviynt, Palo Alto – to name a few. These strategic partnerships bring in a lot of security toolsets and capabilities,” to strengthen TCS’ solutions, explained Sharma. Helping clients become proactive with cyber defences Outlining the cyber security risks that come with advances in technology and tech-driven open business models, Sharma stressed the importance of education in cyber: “As businesses move into a multi-cloud hybrid models, highly regulated environments, and advanced threat vectors, organisations need to focus on maturing from being compliant, to being risk aware, to being risk managed – i.e. becoming truly cyber resilient.”
TATA CONSULTANCY SERVICES
TCS encourages its customers to proactively respond to threats. The company’s bespoke, adaptable, managed detection and response services encompass both threat hunting and red teaming, a systematic and rigorous way to identify an attack path that breaches the organisation's security defence. By combining this with comprehensive intelligence, TCS ensures that enterprises block stealth adversaries and recover quickly from any incidents when they occur. TCS helps its customers define a comprehensive cyber security strategy with a long-term strategic roadmap. This roadmap enables companies to navigate enterprise risk, meet regulatory requirements and make informed choices on security solutions. Following this, the company integrates security solutions into the fabric of its clients’ enterprises through its secure-by-design, zero-trust, and cyber resiliency frameworks. In doing so, TCS creates a foundation for resilience and simultaneously addresses advanced threats as well as cyber risks.
“ As businesses set up a multi-cloud hybrid model and as traditional network perimeters disappear, organisations need to move towards cyber resilience mindset from being compliant mindset” NARAYAN SHARMA
GLOBAL HEAD, IAM, CYBER SECURITY TATA CONSULTANCY SERVICES
As risk management approaches evolve, Sharma explained, the Zero Trust (ZT) architecture approach “provides architectural blueprint to enable contextual and riskdriven security controls at deeper granularity to enforce core principles of Resource Visibility, Zero Attack Surface, Least Privilege, Data Centric Security, Security Visibility and Analytics, and Security Orchestration Automation and Response.”
EXECUTIVE BIO NARAYAN SHARMA TITLE: GLOBAL HEAD, IAM, CYBER SECURITY COMPANY: TCS LOCATION: INDIA Narayan has over 21 years of experience in cyber security consulting and large-scale cyber security transformations delivered for global customers in BFSI and other industries. He currently heads Identity and Access Management
(IAM) practice under TCS Cyber Security unit, and is responsible for IAM service strategy, revenue growth, partner GTM, customer advisory, and governance of strategic IAM programs. He is based in Pune, India.
tcs.com
7
Simplifying secure identity and access for over 27 million users IBM Office of the CIO establishes future-proof digital authentication with IBM Security Verify
scale. Transforming IBM’s authentication would require significant infrastructure modernization and consolidation to efficiently deliver large-scale reliability and security. After gathering requirements and considering all options, the team chose IBM Security™ Verify (SaaS). Key factors in the decision were that the APIs enabled a seamless application migration and that they’d be able to customize the user interface to fit their exact requirements without draining their development resources. By embracing IBM Security Verify as the standard platform for all B2E and B2B identities, IBM would be poised to deploy more modern identity capabilities with enhanced security, scale and user experience.
Simplifying secure identity and access for over 27 million users The expression “caught between a rock and a hard place” comes to mind when describing challenges facing the IBM Office of the CIO. First, imagine having to provide identity and access authentication for over half a million IBM employees, with a highly customized, single tenant, on-premises platform. And also, having to provide similar for over 26 million global IBM clients with a separate, first-generation identity as a service (IDaaS) solution. The IBM Office of the CIO was dealing with two distinct identity and access management (IAM) platforms offering different technologies, levels of maturity, reliability and functionality at enormous
With the new solution, IBM could expand internal user choice for authentication. Twofactor authentication (2FA) significantly protects against password compromise but it’s often cumbersome. IBM implemented adaptive features of 2FA that used backend analytics to determine where to require additional authentication. The shift offered enhanced choice for IBMers to passwordless authenticate options. By adopting IBM Security Verify, IBM improved the user experience while tightening security at scale. With IBM Security Verify, anyone who interacts with IBM, now has frictionless, secure, state-ofthe-art access to information resources … and that’s just the beginning.
Learn more
TATA CONSULTANCY SERVICES
10
tcs.com
TATA CONSULTANCY SERVICES
“TCS also offers an integrated platform based on the ‘as-a-service’ model through its Cyber Defense Suite,” outlined Sharma. “Some of the offerings under incubation right now are managed detection and response for connected vehicles, security for AI/ML ecosystems, and 5G security,” he added. Adopting new approaches to respond to changes in technology These new approaches are essential as attacks become more sophisticated. “The traditional approach to security is not sustainable anymore,” said Sharma. “So, organisations today have to anticipate risks, including potential black swan events like the pandemic that we saw. They need
“We are focused on enabling the future cyber resiliency vision of enterprises” NARAYAN SHARMA
GLOBAL HEAD, IAM, CYBER SECURITY TATA CONSULTANCY SERVICES
to get the right security controls based on the industry standard security frameworks like NIST (National Institute of Standards and Technology)/CIS (Ceter for Internet Security) to withstand and recover from an attack. Organisations should also continuously monitor the effectiveness of security controls for further fine-tuning for better Cyber Resilience,” he added. Now, these security controls utilise a number of different technologies to ensure enterprises are protected from security threats of all kinds. “With continuously evolving sophisticated attack vectors, machine and deep learning will take centre stage for detection and response,” explained Sharma. tcs.com
11
Enhancing customer engagement with fast, frictionless, and secure digital experiences. Customers want fast and frictionless digital experiences that balance security and convenience. Use the PingOne Cloud Platform to build, test, and optimize digital experiences with a no-code orchestration engine that weaves together authentication, user management, and MFA to enhance security, drive engagement, and boost revenues.
Seamlessly and Securely Engage Your Customers Today
TATA CONSULTANCY SERVICES
He continued: “AI can collect and correlate data across systems, applications, networks, and inputs, and analyse these inputs to provide visibility and context in revealing advanced attacks.” To respond to the need for AI within cyber security applications, TCS is incubating research and building solutions based on this technology as well as 5G and quantum encryption, to support enterprises to counter evolving sophisticated threats. “We are seeing an increase in the adoption of some of these services that customers are really banking on. Technology has a critical role to play in improving the risk posture for
any organisation. As we see today, everything is becoming so dynamic. We have the set of controls and advanced technologies to be able to detect the attacks as well as protect the organisations through those attacks,” said Sharma. Creating a holistic cyber security strategy Undoubtedly, cyber attacks will continue to grow as technology advances. As technology systems are incredibly advanced, cybercriminals are increasingly targeting human vulnerabilities. These types of attacks get people to unknowingly let cybercriminals into their enterprise’s software as opposed to targetting vulnerabilities in technological systems. To ensure both types of attacks are protected against, a more holistic approach is essential. tcs.com
13
TATA CONSULTANCY SERVICES
With this approach, training for employees is essential to ensure they can protect themselves against cybercriminals. Without it, both organisations and employees would continue to be vulnerable. Recognising this importance, TCS is developing a “holistic and orchestrated Cyber Defense Suite, an integrated technology platform, which will be offered to enterprises that are looking to adopt an end-to-end cybersecurity strategy with 360-degree visibility to improve their cyber resilience,” said Sharma. 14
tcs.com
“These services will combat emerging risks by understanding and monitoring diverse risk factors, meeting compliance and regulatory requirements and balancing the right technology platforms with proactive services to effectively manage risks,” he added. TCS will also continue to help its clients chart long term strategic cyber security roadmaps to navigate enterprise risk, adopting security by designs to make informed decisions on security solutions. Sharma concluded: “We are focused on enabling the future cyber resiliency vision of enterprises, by bringing in a critical cyber
“ TCS also offers an integrated platform based on the ‘as-aservice’ model through its Cyber Defense Suite” NARAYAN SHARMA
competitive advantage that helps drive transformation, counter evolving threats, adopt new approaches and actively prepare for emerging and disruptive technologies like AI, 5G, 6G, IoT security, as well as quantum computing. It's all about helping customers, first of all, getting our service portfolio right for our customer needs of today, as well as the future and then elevating and scaling up our capabilities so that they can continue building purpose-led organisations with confidence.”
GLOBAL HEAD, IAM, CYBER SECURITY TATA CONSULTANCY SERVICES tcs.com
15
Tata Consultancy Services Limited 9th Floor, Nirmal Building, Nariman Point Mumbai 400 021, India T +91 22 6778 9595 www.tcs.com POWERED BY:
Company Name
Address line Address line Address line Address line T 01234 5678910 companyname.com POWERED BY: