The One About Controls
RSA Conference 2024 · Track Session
In "The One About Controls," Sri (Sriram), Deputy CISO at Genpact, presents a refreshing perspective on managing cybersecurity controls, moving beyond a checkbox mentality to a dynamic, business-aligned lifecycle approach. Drawing inspiration from Abraham Maslow's hierarchy of needs, Sri argues that the vast array of available security controls must be prioritized and adapted to an organization's specific circumstances, needs, and aspirations rather than uniformly applied. The talk emphasizes that effective control management is not a static state but an ongoing, cyclical process of identification, selection, implementation, validation, and refinement, heavily influenced by an organization's capabilities, capacity, and cost constraints.