Ravi Shanker Rao Ulapu is one of the reputed names in information security. As the Chief Information Security Officer of Hexagon Manufacturing Intelligence, a leading metrology and manufacturing solution provider, Ravi has implemented critical operational strategies to protect the business from cyber threats.
He sat down with CISO MAG Feature Writer Rudra Srinivas for a quick chat and discussed the threats in manufacturing intelligence space, artificial intelligence, importance of employee awareness, and much more.
Tell us a bit about your journey. What are the biggest challenges you face as a CISO?
I have been in the information technology and information security field for more than 20 years now. I joined Hexagon Manufacturing Intelligence last year. Prior to that, I was working with Intergraph, a part of Hexagon Companies. I have been fortunate to get all required support from business units and top management in implementing various IT and Security Projects. I have always worked very closely with business teams and most of the time with top management. That helps me to understand business requirements clearly and prepare appropriate strategies accordingly.
I believe some of the biggest challenges a CISO faces are related to integration of security solutions and services, lack of security awareness, and increasing regulations and compliance requirements among others.
According to you, which industries are most vulnerable to cyber-attacks?
In my point of view, financial, health care, and manufacturing sectors are most vulnerable to cyber-attacks.
What are the major cybersecurity concerns in the space of manufacturing intelligence?
With the increasing demand of adding intelligence to manufacturing solutions, this field is evolving rapidly, but at the same time becoming a major target for cyber criminals. This holds true for a company like Hexagon Manufacturing Intelligence (HMI) which is there from past 200 years and incorporated some of the biggest names in measurement and industrial metrology providing new measurement technologies, integrated manufacturing solutions, and process standards of the future.
What is Hexagon’s approach toward automation and orchestration of cyber threats?
We want to ensure our skilled professionals focus more on identifying critical threats and resolving them on priority instead of spending time on handling routine tasks. This can be possible by automation and orchestration of cyber threats and we are in the process of deploying right solutions to achieve this.
Do you think artificial intelligence (AI) will drive the future of cybersecurity?
I would like to say yes. As of now, AI is implemented in mostly experimental level with regards to cybersecurity. Some of the current solutions can identify the problem, but not many can clearly execute required critical security steps. Therefore, I think there is a long way to go.
Do you think cybersecurity awareness and training to employees play a key role in strengthening organization’s information security?
An organization’s security structure is majorly depends on employee’s security awareness. Even after implementing so many intelligent security solutions if people are not trained well, all efforts will be wasted. Cybersecurity awareness training is very critical for all the organizations
What are the essentials you would want an organization to adopt as cybersecurity practices?
Some things they can do are as follows:
- Prepare the threat profile of the organization and involve business teams to identify threats
- Top management must lead the cybersecurity programs
- Organization must maintain clear data of organization assets
- Review and Control Access Rights
- Patch systems and applications
- Regularly train employees to improve security awareness