At Wipro, security is integrated into large technology transformations from the beginning, rather than being an afterthought
The cybersecurity sector is facing a significant talent shortage despite its growing importance across industries, according to Saugat Sindhu, Senior Partner and Global Head of Advisory Services at Wipro Ltd. “Cybersecurity has evolved over the last 10 years. It’s not a corporate function anymore and is not seen through the lens of audit either. The best way to describe cyber security is to see it as a business enablement function. We know that it is required. Every company needs to investigate cyber security and have good practices around it,” said Sindhu, who oversees Wipro’s global advisory business for cybersecurity and risk services.
Sindhu emphasised that cybersecurity should not hinder business operations, as competitors could exploit any technological ignorance. A Chief Information Security Officer (CISO) must ensure that businesses have the necessary tools and technologies to grow, while also minimizing outages and reputational damage from security incidents. He noted, “Generative AI is a disruptor. 10 years ago, we spoke of cloud in the same way. To some extent, cloud is still a disruptor.”
Different sectors face varying levels of risk with AI adoption, Sindhu mentioned, with healthcare, manufacturing, and financial services being particularly vulnerable to attacks like data poisoning, denial of service, and supply chain vulnerabilities. “The productivity of GenAI models and AI models in general are as good as their data. Everyone is trying to ensure their models are better than their competition. This way, they can use more data. You must be cognizant of not exposing sensitive or confidential data in your model,” he warned.
Discussing Wipro’s approach, Sindhu stated, “Cybersecurity is a board concern for Wipro. It requires the audit office, risk office, core security office, and IT office to work together. They are more involved in technology business decisions now because you want adequate controls proactively and not reactively.” He added that while CISOs were previously part of the first line of defense, they now operate closer to the second line, aligning with audit functions. “CISOs are more about enabling the business than locking it up,” he said.
At Wipro, security is integrated into large technology transformations from the beginning, rather than being an afterthought. The risk and audit office approves all changes, and functional teams present enterprise risk, including cyber risk and privacy, to the board jointly. Legal teams are also heavily involved due to the importance of cybersecurity in business enablement.
To address the cybersecurity talent gap, Wipro invests heavily in training. “We approach it from two perspectives – ensuring our employees have adequate cybersecurity training and that our cybersecurity practitioners have the right certifications. We have tie-ups with major universities in India through their graduate programs where we support training courses,” Sindhu explained.
Despite Wipro’s efforts, the global shortage of cybersecurity professionals remains a challenge. “Cybersecurity is evolving so quickly that the industry finds it difficult to keep up,” he noted. Wipro currently employs over 9,000 cybersecurity specialists and operates 12 global cyber defense centers in more than 60 countries.
