Compared to the previous eras, the role of a Chief Information Security Officer (CISO) has never been more demanding. The rapid technological advancements and a constantly mutating threat landscape have made CISOs pivotal in safeguarding sensitive data while driving business growth.
However, striking this balance is not an easy task. With a three-decade legacy in delivering cutting-edge IT solutions, Accel Limited understands this challenge firsthand. Tackling the complexities of the business, its CISO & Practice Head-Cyber Security, Diptesh Saha, plays a pivotal role in Accel’s operations—from protecting customer data to mitigating financial risks.
Working closely with its clients, Accel designs and implements customized IT solutions for customers to meet their specific requirements—spanning Enterprise IT infrastructure, cybersecurity, and beyond, underscoring the multifaceted nature of modern IT environments.
Shielding Businesses
Today, businesses are more vulnerable to cybercrime than ever. Threat actors are getting smarter and more sophisticated, coming up with more methods to exploit businesses online. In the last few years, there has been a significant increase in ransomware attacks. Notably, the WannaCry and NotPetya attacks caused widespread disruption that has exposed vulnerabilities in both the public and private sectors.
Post-pandemic, phishing attacks have resulted in compromised accounts, financial loss, and unauthorized access to sensitive information. Spear-phishing attacks, targeting individuals within an organization, have been misused to gain access to high-level data.
For organizations, handling insider threats from employees or other individuals who misuse their access to data for malicious purposes has been the biggest worry. For example, a disgruntled employee leaking confidential information or an employee being exploited by external actors. Saha suggests keeping a close eye on supply chain attacks like SolarWinds, where malicious code gets inserted into the company’s software updates—affecting numerous organizations and IOT vulnerabilities.
Transformative Solutions
Accel Ltd. is a BSE-listed organization with a 31-year history of serving over 600 Fortune-class clients. Over time, the company has solidified its position as a trusted, long-term digital transformation partner for discerning enterprise customers.
Established in 2016, Accel’s Cybersecurity Advisory and Managed Security Services division provide strategic advisory to global clients. Headquartered in India with operational hubs in Chennai, Kerala, and the UK, the company has a global reach, serving customers across the APAC, UK, and US regions in various industries.
Accel specializes in delivering complex security projects across IT, operational technology, and IoT domains, particularly in highly regulated environments. The company’s security experts, with an average of fifteen years of industry experience, are qualified and certified professionals. Accel is dedicated to partnering with clients from project inception to completion, providing pragmatic and achievable security solutions. With a passion for innovation and a client-centric approach, Accel has established itself as one of the Most Trusted Cyber Security Companies to Watch In 2024.
The Dual Role
The dual role of CISO and practice head necessitates developing and refining the organization’s cybersecurity strategy, while concurrently building the requisite skills and technology infrastructure to empower customers to achieve cybersecurity maturity as they undergo digital transformation.
This role includes implementing and managing a comprehensive security program, connecting the dots between business risk and cyber risk—enabling the demonstration of the business impact on Accel’s customer base.
Saha is passionate about building an array of Cyber Security Practices, with a primary focus on the following areas:
- Security Advisory Services, Maturity assessment
- BIA & Risk Assessment
- Security Design & Implementation
- SOC Upliftment Design & Implementation Programs
- ISO27001, GDPR, SOC2 Audit
Passion-Driven Networking Journey
Diptesh Saha completed his Engineering in Electronics & Communication. He got the opportunity to learn Computer Networks during his final semester—sparking his interest in Networking.
In the early 2000s, the demand for CCNA and CCNP certifications was growing, enabling people to boost their Networking careers. To capitalize on the potential growth opportunities and channel his passion better, Saha decided to pursue networking as his professional career.
The initial significant opportunity arrived during Saha’s tenure as an engineer for the Aditya Birla Group—leading to a transition to Network Security Engineer with an opportunity at Nextgen. The same transition helped his professional development and presented him with an opportunity at CSS Corp as a Technical Consultant for a global project.
For Diptesh Saha, Redington was a turning point in his professional career, where he drove the System Engineering practice that eventually helped him build a strong skillset in design and consulting.
The years 2015-16 were especially pivotal, as Saha transitioned into a specialized Cybersecurity design and consulting role. With passion and motivation from mentors, he developed and acquired skills in this domain. Saha emphasizes that he was fortunate to have the opportunity to set up a Global Security Operations Center (SOC)—encompassing people, processes, and technology.
This experience in a specialized role enhanced Saha’s ability to work with organizations as an advisor—enabling him to help develop Security Programs, including SOC upliftment across India and the Middle East. Moreover, securing global gold certifications such as CISSP and CISM boosted Saha’s hands-on learning further.
By this time, Saha had now amassed over 15 industry certifications, expanding his knowledge over the years and enabling him to deliver expected results consistently. Working with various organizations enhanced Saha’s ability as a cybersecurity advisor. Owing to these efforts, Saha was entrusted to spearhead the Cybersecurity practice as a Business Leader.
Challenging yet Rewarding Leadership
The COVID-19 pandemic dramatically altered the cybersecurity landscape. As organizations shifted to remote work, cybercriminals exploited the expanded attack surface. A surge in phishing attacks, often COVID-19 themed, and ransomware targeting critical infrastructure ensued. The rapid adoption of VPNs introduced new vulnerabilities, as many struggled to handle increased traffic. Economic uncertainty fueled insider threats as job insecurity rose. Overall, the pandemic accelerated digital transformation while simultaneously creating a perfect storm for cyberattacks.
A CISO must balance various factors—tackling evolving threats, regulatory compliance, and the right talent acquisition. With constant evolution, CISOs need to stay updated and adapt their security strategies accordingly.
Finding the right talent and retaining them is the biggest challenge facing the industry today. “If I need to say about reward, this role definitely provides a sense of purpose and accomplishment,” emphasizes Saha. As you help organizations shape the strategic direction and help in reducing financial risk, the position of CISO gives you good recognition and respect in the industry.
To become a successful cybersecurity leader, one must demonstrate high ethical standards, integrity, and deep technical expertise. Moreover, a strong grasp of security frameworks coupled with the ability to identify, assess, and mitigate risks is vital. Strategic thinking is essential to align security objectives with business goals.
Striking that work-life balance is also crucial. To achieve this, Saha emphasizes delegation and collaboration and embraces continuous learning. “Build trust with your team and empower them. Establish clear boundaries for work-life balance and prioritize tasks.” He also suggests minimizing unproductive meetings and emails and leveraging technology to streamline tasks and focus on strategic initiatives.
“Success is not an accident, it’s hard work, perseverance, sacrifice, learning every day, and most importantly love of what you are doing.”
How Should Businesses Improve Their Cybersecurity?
Improving an organization’s cybersecurity posture begins with a comprehensive assessment. Identifying critical assets and evaluating potential cyber risks through a Business Impact Analysis (BIA) is crucial. With a strategic roadmap, encompassing short-, medium, and long-term goals, businesses can implement effective security measures.
Beyond that, prioritizing process and control improvements is key to enhancing security maturity. Recognizing that human error is a common vulnerability, robust employee awareness programs are vital. By aligning business risks with human factors and cyber threats, organizations can develop tailored strategies to strengthen overall security posture.
Company Information:
Website: http://www.accelits.com |
Industry: IT Services and IT Consulting |
Company size: 1,001-5,000 employees |
Headquarters: Chennai, Tamil Nadu |
Type: Public Company |
Founded: 1991 |
Mr. Saha’s Suggestions for Strategic Advisors:
- Simplify cybersecurity concepts: Use clear and plain language to explain complex security topics.
- Create engaging narratives: Develop stories around cybersecurity to make them relatable and understandable.
- Foster a learning culture: Encourage knowledge sharing and peer learning among colleagues.
- Prioritize open communication: Create opportunities for questions and feedback.
- Integrate security into the business: Make security an essential part of every business function.