Revenue Encryption Strategies in the Age of Digital Compliance

Vikas Gupta

Encryption is going to play a key role in view of the Digital Personal Data Protection Act (DPDP) which prescribes a hefty penalty in case of any material Cyber Security breach, shared Vikas Gupta, Chief Risk Officer, Canara HSBC Life Insurance in an exclusive interaction with Srajan Agarwal of Elets News Network (ENN).

Given your extensive experience across banking, consulting, and insurance, how have you observed the role of robust security evolving within the insurance industry over the past two decades? What are the key driving factors behind this evolution, and how do they impact risk management strategies?

There has been a paradigm shift in the operating information & cybersecurity landscape necessitated primarily owing to the evolving threat landscape, attack vectors, and prevailing regulatory environment. There have been a few breaches noted in the BFSI industry as well as other key Institutions prompting the regulator to be proactive and work towards overhauling the cyber security guidelines for regulated entities. Also, this DPDP Act passed by the Parliament is going to redefine Insurance business processes encompassing Data Principals, Fiduciary as well and Data Processors. Also, the punitive provisions require entities to be proactive in deploying controls toward prevention as well as early detection of events. These aspects have resulted in cybersecurity and privacy-related risks being consistently rated among the Top 10 risks most entities face globally.

Could you share specific instances or strategies where encryption has played a pivotal role in enhancing the company’s security posture while maintaining regulatory compliance?

The company continues to transform its overall IT infrastructure & underlying platform towards reducing its time to market, building resiliency and agility in its IT setup. Cloud adoption has played a key role herein. In this regard encryption with regards to data at rest as well as data in motion helps allay fear of misuse of data resulting due to a cyber security incident.

How does the company envision the role of encryption in fostering digital innovation while maintaining customer trust and data integrity?

Encryption is going to play a key role in view of the DPDP Act which prescribes a hefty penalty in case of any material cybersecurity breach. Encryption with respect to data at rest shall ensure that in spite of a security incident, the confidentiality of sensitive personal data is not breached. The same is also recommended for encrypting payload containing sensitive PII / PCI data when in transit over and above a secure (https) connection. Consequently, the net exposure to the Data Principal as well as Data Fiduciary is minimised and the Data Protection Board is likely to take a softer view than in a scenario wherein data was not encrypted.

Thus encryption encompassing data at rest as well as data in motion has helped in fostering innovations towards securely integrating applications via API and helping us build a connected world without compromising on the security aspect.

Also Read | Digital Transformation in BFSI: Strategies For Success in An Era Of Constant Innovation

Cyber threats and data breaches globally, how does Canara HSBC Life Insurance continuously assess and strengthen its security posture? Can you share any ongoing initiatives/ plans? What insights can you provide into the future of the insurance space regarding security and risk management? How do you envision emerging technologies like AI, blockchain, and IoT shaping the landscape, and what implications do they have for risk mitigation strategies?

As companies evolve on their cloud adoption journey, the security of cloud infra as well as securing POD’s are crucial. Cloud security posture management solutions and securing of pods and infrastructure via Endpoint Detection & Response (EDR) and Cloud Workload Protection (CWP) are crucial. EDR plays a key role in protecting environments against next-gen threats using behavioral monitoring. Also having continual attack surface monitoring as well as brand protection services ensures the company is timely apprised of any vulnerabilities.

"Exciting news! Elets Banking & Finance Post is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest insights!" Click here!

Elets The Banking and Finance Post Magazine has carved out a niche for itself in the crowded market with exclusive & unique content. Get in-depth insights on trend-setting innovations & transformation in the BFSI sector. Best offers for Print + Digital issues! Subscribe here➔

Get a chance to meet the Who's who of the Banking & Finance industry. Join Us for Upcoming Events and explore business opportunities. Like us on Facebook, connect with us on LinkedIn and follow us on Twitter, Instagram & Pinterest.