• CyberFrat
  • November 26, 2017

Delzad P Mirza

Organisation

Tata Technologies

Designation

Global Head Information Security & Compliance

Define yourself as what you are known for?

Being straightforward, brutally honest, ponytail 🙂

How does your average day look like?

Wow, there is a whole gamut of things that I need to do every day. From day to day operations to meeting management expectations and at the same time being aware of the latest threats…To tackle it all I need my coffee that too black and strong else I don’t function 🙂 

So whilst I have that i start chalking down tasks that I need to accomplish for the day, check for critical alerts, SIRT dashboard, check my calendar for meetings, follow up on action items from stakeholders, team and project updates (current state vs what is going to be accomplished in the near future), working lunch whilst reading up on cybersecurity news / threats, IT leader staff meeting, updates to the CIO, more coffee, evenings are usually connecting with folks in other territories, etc.

What does your current role mean to you?

Being is a CISO is a herculean task. Just look at the last couple of months citing an example of the chaos ransomware has caused across the globe. The company and mgmt. looks to you to ensure that they are safeguarded from cyber threats and count on your expertise at all times.

What helped you to achieve your current Position/Role?

I started my career with programming, then went on to networking and server mgmt. & finally got into InfoSec. It just clicked. There is a very apt saying which goes something like – “The good guys have to win every time, but the bad guys only have to win once.” That’s what I like about being a CISO…making sure my company stays safe…

As a Risk Leader what keeps you awake at night?

The cyber boogeyman… lol Yes you read that right…You are going to be hacked and or attacked – it’s NOT if, it’s WHEN?? Everyone has a plan until they get punched in the face…then what? Do you freeze due to fear? It’s how you react to adversity that defines you. 

In short, the thought of being compromised is something that keeps me awake….

Your vision for Risk Strategies in future? How are you going to beat Challenges?

At Tata Technologies, we’ve defined a solid InfoSec roadmap over the next couple of months which are relevant and address today’s threats and risks. At the same time, a major focus area of mine is to create a pervasive information security culture within the organization and which must be continuous.

How do you keep up with the latest Risk/security issues and methods?

logs, news, conferences, advisories, and of course WhatsApp – CyberFrat 🙂 no seriously, I think the way all of us are sharing information on threats, best practices, what’s going on in the cyber world thru these groups is simply amazing. Keep it up, guys…

How do you convince or sell Risk Management to other executives? 

I like the quote by Donald Rumsfeld goes something on the grounds of  “There are known knowns. These are things we know that we know. There are known unknowns. That is to say, there are things that we know we don’t know. But there are also unknown unknowns. There are things we don’t know we don’t know….” that’s something that is a headache for all CISOs. There will always be “unknown unknowns” new risks arise, but other people are familiar with these unknowns. A formal or structured risk assessment can help you uncover some of the “unknown unknowns” and plan accordingly.

Try to make it real for the C suite, if you translate threats and risks into a language they understand, they’ll be on board and support you. One of the things I do is – I show how each $ spent on Infosec will address existing business risk and help improve the enterprise risk posture & align Infosec spend to compliance issues reported and recorded.

Information security is not about pitching a tool and saying it will fix everything. There is no silver bullet and neither does management need to know the nitty-gritty of all the technicalities. 

Advice for the teams that are doing digital innovation

Don’t let security be an afterthought…. 🙁

Which two organizations outside of your own do you know the most people at and why?

I work closely with one of the Big 4’s quite a lot and I do get a lot of information from them as well…

What inspires you? What are your aspirations?

To stay ahead of the game…learn something new every day. 

How do you keep yourself stress-free from challenges in your current role?

I ride a 1700 cc beast of a motorcycle (Triumph Thunderbird Storm), that’s one of the reasons I am still single 🙂 hahaha

If not in Risk Profession, where would you have been?

Armed Forces most likely

Something that People Don’t know about you?

I am covered in tattoos, 5 to be precise 🙂 No you can’t see them 😛

You are a new addition to the crayon box, What color would you be and why?

Black…always Black… 🙂 Its because the color black represents strength, seriousness, power, and authority. 

Advice to students and young aspirants who want to build their career in Risk Management.

There is an Italian saying – “fidarsi è bene non fidarsi è meglio” which translates to trust is good not to trust is better. Learn something new every day and stay safe.

 

× How can I help you?