The Board as 'Fourth Line of Defense' in Security
State Bank of India Board Member Bhaskar Pramanik Spells Out Boards' ResponsibilitiesBanks' boards of directors need to understand the implications of cybersecurity in terms of the overall risk structure, says Bhaskar Pramanik, a board member at State Bank of India and former chairman of Microsoft India.
See Also: Cloud Security and Developers: Role of Zero Standing Privilege
"I consider the board to be the fourth line of defense," he says. The other lines of defense, including the CIO, the CISO and the internal audit team, need to work together to understand security dynamics, he says.
In a video interview at Information Security Media Group's recent Security Summit in Mumbai, Pramanik discusses:
- The board's accountability to all the stakeholders in tackling cybersecurity risk;
- The board's involvement in assigning roles and responsibilities for a security strategy;
- The need to eliminate obstacles for smooth functioning of security.
Pramanik retired as chairman at Microsoft India in September 2017 after a 45-year career in the technology industry. He now is an independent board member of the State Bank of India, Sankhya Infotech Ltd, and TCNS clothing Co., Ltd. He is also on the advisory board of a number of other companies and organizations.