Cybersecurity expert Agnidipta Sarkar has joined Biocon as Group CISO. Prior to joining Biocon, Sarkar was working as Director, Cybersecurity at CMS IT Services Pvt. Ltd. Working out of Bangalore, he spent more than two years at the company. There, he was responsible for the tranformation of the cybersecurity practice to address the latest cybersecurity challenges as the most reliable cybersecurity systems integrator in India.
Sarkar has also authored and launched “Defensible Cybersecurity” as the new approach to cybersecurity based upon ISO27001 and its family of standards, Lockheed Martin’s Cyber-Kill-Chain, NIST cybersecurity framework, and DOE C2M2.
Having established the base profile with 5 services, he is currently working on enhancing the market offerings to include incident response, cybersecurity automation, behaviour analytics, security orchestration and critical information infrastructure protection. He specializes in the Assessment, Analysis, Advisory and Audit of current state of
1. (Cybersecurity Governance) … cybersecurity controls and governance to provide frameworks, guidelines and techniques to improve Cybersecurity Governance & Oversight to optimize resources, costs and time to address changing requirements of clients and regulatory bodies.
2. (Business Continuity & Resilience) … business continuity and change resilience through strategies, frameworks, guidelines and techniques to achieve Business Resilience with an eagle eye view on Critical Computing environments and related internal functions due to changes in organization, applicable legislation or client requirements.
3. (Risk Optimization) … risk management & optimization programs to provide frameworks, guidelines and techniques to enhance organizations to build capability to optimize risk management to enable relevant teams to take risks or contain them in order to align to the tone at the top.
4. (Privacy Assurance) … privacy controls & their governance to provide to create or improve a wholesome privacy program based upon the relevant exposure to applicable laws (GDPR/CCPA/PDPA) across the world for both controllers and processors.
5. (Integrated Management Systems) … management systems that lead to multiple ISO certifications, to integrate, consolidate and optimize on the costs and the efforts associated with business operations that can use an integrated process mechanism. This can leverage standards like ISO9001, ISO20000, ISO22301, ISO27001, ISO27017, ISO27018, ISO29100 etc.
6. (Business Assurance Program) … existing and new practices to help meet market expectations by evangelizing technology solutions not only in these areas, at the confluence of risk, cybersecurity, privacy and continuity to establish assurance capabilities for both digital and brisk & mortar businesses.