work from home era

Get set for the work from home era

Many IT and ITeS organisations had been practising work from home (WFH) even before the pandemic set in. It was a part of their work culture, but for many others, it’s a new phenomenon. WFH was not a practical option for those in manufacturing, hospitality, performing arts, heavy industries and the government sector. The culture of these organisations had always been work from office. Fixed working hours and managing the productivity of the hours spent in the office were the norm. In the current Covid environment, even those who never accepted the idea of WFH have embraced it for their greater good.

After six months, the economy, globally, is unlocking and employees have started to go-to-office. However, the phenomenon of going-to-office is a function of the comfort of an organisation and the guidelines that the local government has issued.

Digital Transformation
As of now, most of the companies, irrespective of the organisation’s DNA and work culture, are scared of returning to the traditional way of working. They understand the responsibility and risks posed by Covid.

The organisations that have their employees working from home have taken all possible measures to prevent further spread of the virus and data privacy issues while taking care of the comfort of employees working from home. Most of the companies have also brought in digital tools for efficient management of the workforce and ensured that everyone is performing their tasks, thereby bringing in efficiency in operations.

Going forward, companies would progressively look after protection of data, better employee-employer communications, streamlining operation process, controlling the quality of production, and mental and physical health of employees. Most importantly, they would invest in improving data security, IT hardware and software infrastructure. This situation also warrants an organisation-wide digital transformation. We are likely to witness an exponential rise in digital transformation offerings.

Many Benefits
During the lockdown, we saw that the IT and ITeS industry transitioned to the WFH model smoothly providing business continuity to clients without lowering quality or productivity, surprising industry leaders and customers alike. A key reason was strict adherence to quality processes and availability of communication bandwidth from homes. This forced experiment of WFH has been a sizable success and has thrown open a new debate – why can’t we continue with WFH?

The group that is promoting the idea of WFH is also propagating the idea of work from small towns. They count the benefits in the form of improved recruitment and retention equity, reduced infrastructure expenses, reduced transport, real estate and operating costs. They argue that the IT and ITeS industry has adopted delivery processes that are designed for quality output from its inception. Moreover, the argument is based on the fact that the IT and ITeS industry is designed to do remote consulting, operations and development.

Telecom giant AT&T, between 2000 and 2005, tripled its team of WFH or work from remote (WFR) location workers. This helped AT&T save $180 million — $30 million in real estate costs and $150 million in increased productivity, apart from improving retention rates.

work from home era

Biggest Challenge
Experts believe small towns are better equipped to handle the business continuity programme. The group that is promoting the idea of WFR are exploring how organisations can take care of regulatory requirements. Experts are evaluating the issues of data protection, management of GDPR (General Data Protection Regulation) issues and other cyber theft challenges.

The biggest challenge of WFH option is data protection. It is believed that when employees work from home, it is harder for employers to supervise the handling of confidential information and data. Organisation and industry bodies should consider reviewing contracts of employment to ensure they have robust confidential information clauses, and that the employee is adhering to the clauses.

It isn’t reasonable to say everyone who has an internet connection, Zoom, or a Microsoft Teams account is good for remote work. Using only employer-approved devices for office work, only employer-approved video-conferencing facilities, accessing internet on a secure device, using secured wi-fi networks, restriction to open or download only secure sites, prohibition on downloading or saving of employer’s confidential information on personal devices, restricting access to confidential information, providing access to information to only those who work on data to perform their duties, etc, should be seriously considered.

The other challenge companies may face is performance evaluation and employee behaviour during work hours. Employers must make it clear through their policies what is a suitable and acceptable behaviour when working from home. Moreover, it is also important to evaluate the social impact angle of WFH. It is observed that WFH has enabled some individuals to change their working practices for the better, but in most cases, daily routines have gone for a toss. The working hours too got longer. It is critical for the HR to understand that an employee’s health and safety are the prime responsibility of an organisation, irrespective of WFH or office.

Promising Returns
WFH is here to stay but its final shape will evolve with time. Several major companies, including Twitter, Facebook and TCS, have already announced a temporary or permanent shift to WFH, heralding the beginning of a new era in work culture.

This shift was desired and much needed for we’d have certainly faced the reality of WFH in the next decade. The pandemic has only accelerated the process. Organisations will now have to accept the WFH environment, realign their work culture, update process and technology, and rethink structuring their workforce.

Organisations need to come up with the process that manages the data protection requirements. To protect confidential information, employers should review their confidentiality policies and implement new technologies and statutory measures that specifically deal with WFH. WFH may result in more value in terms of equitable distribution of wealth, better inclusivity, improved diversity, more women employees, reduction in migration to metros, etc. The returns of WFH on the social equity front in very promising.

Also Published at

Industry 4.0 and Digital Transformation

Industry 4.0 and Digital Transformation

Industry 4.0 is a huge deviation from the traditional manufacturing setup. It is the total integration of manufacturing systems, production processes, digital communications technologies and automated machines. It effectively uses expertise of IT systems, internet of things (IoT), adaptive manufacturing systems and other new age technologies.  As I understand, Industry 4.0 revolutionizes the manufacturing ecosystem, bringing greater agility through improved data analyses and digitized processes.

Samsung has taken the role of digital transformation with Industry 4.0 very seriously. For example, the surface inspection systems for digital TV production by Samsung reduces human operator intervention in the production line, increases throughput and reduces errors in the product inspection. System operation supports capturing TV surface image from high-resolution camera devices. This helps Samsung not only improve the quality of production but also reduces the human intervention in production.

 The Industry 4.0 team of Samsung has also developed a post-processing system for an image captured by the camera to make it amenable to automatic detection. The IIoT machines at Samsung uses automatic surface defect detection algorithm to distinguish a real defect from a false one on the digital TV. These were two of many such initiatives undertaken by Samsung to lead the benefits of digital transformation with Industry 4.0.

The integration of digital transformation with Industry 4.0 is not just a technical process, it is the sumtotal of internal integration which includes technology, cultural integration, resource optimization, financial inclusion, and services integration, and external integration which includes political, economic, social, legal, and many other external environmental issues.

Digital transformation with industry 4.0 has efficiently bridged the gap between physical and digital worlds. A few forward-thinking companies have done amazing things using the Industrial Internet of Things (IIoT) and data analysis. They hook up with others with whom they can create new ecosystems of value. Here, it is important to talk of how Nokia and BSNL have collaborated for Industry 4.0 and have transformed traditional wired factory networks to wireless networks leading to improved equipment mobility for enhanced flexibility of manufacturing infrastructure.

BSNL was one of the early adoptions of IIoT applications in industry. This exercise has improved productivity and operational efficiency of the telecom operator, but it failed to cash in the momentum. As I understand, BSNL could not manage to transform the softer side of the transformation. It failed to integrate the key internal and external transformation elements. It could not improve on the services for the benefit of consumer.

Business success today requires a customer centric digital transformation strategy. It starts with prioritizing a superior and relevant customer experience and aligning the organization, processes, employees and technology to empower it.

In this ever-changing consumer centric economy, the needs of the customers keep on changing. It is responsibility of the management to script the digital transformation journey to match the pace of the change. All leading companies are re-imagining customer experience with a strong focus on digital.

The successful managers of our times are fully aware that digital is not just about being technology-led but also about recreating new experiences and service models for transforming their business. They understand that digital transformation helps organization shortened  time  to  market  to  develop; produce  and  market  new  products  and services; increased  customization  to  satisfy  individual  consumer  demands; manage higher product individualization; offer higher flexibility  with  faster  and  more  versatile  production  processes; offer expertise to produce smaller lot quantities with high quality and a cost-effective way. Managers at Rockwell Automation were one of the first few who understood the benefit of integration of digital transformation with Industry 4.0. The impact of Rockwell Automation’s digital transformation has been very encouraging. It has helped Rockwell Automation in increasing delivery from 82 to 90 per cent, reduced its lead times by fifty per cent, increased productivity by five per cent and reduced capex by thirty per cent.

The integration of digital transformation with Industry 4.0 in the manufacturing setup produces both short- and long-term benefits. It offers – transparency, manufacturing agility, improved productivity, improved efficiency, staffing flexibility, reduced costs, reduced training time and expense, improved quality, end-to-end manufacturing, as some of the key benefits. The effective integration of digital transformation with Industry 4.0 also helps organization in the decentralized decision-making process; pave the way for lean organization structure; help build base for the technology innovations; help develop innovation capability and culture; provide opportunities to increasing mechanization and automation, digitalization and networking, decentralized production and supply.

Organizations who have already embarked on the road to digital transformation are making impressive advances. They are shifting organizations’ goal, changing how people work and deploying technology to achieve value.

As I understand planning a customer journey blueprint, organizational cultural changes and the right operating model are often the most challenging elements to tackle in the journey of digital transformation. The path of digital transformation is not an easy journey. It demands organizations to define the digital landscape; establishing connection with customers; understand what customers’ feel about their brands; explore what customer expectations are; building momentum amongst management to lead the transformation journey; enable collaboration with partners; educate employee about the change; reengineer the organization culture; enable sense of digital accountability, among many other challenges.

The initial deployments of digital transformation with Industry 4.0 have offered us benefits in term of reduced costs and improved efficiencies. The next wave of digital transformation with Industry 4.0 calls for significant business value in terms of delivery efficiencies, new revenue streams, customer experiences, etc. However, in order to reap the benefits and potential, it’s not enough to understand what one can do with these technologies.

India: A Lucrative Cyber Security Market

India: A Lucrative Cyber Security Market

Cyber-attacks have become a regular phenomenon globally and India is no exception to it. We are experiencing new threats every day with a potential cost to the economy that cannot be fathomed. It’s not surprising that organizations are taking cybersecurity seriously, with a large portion of their budget going into implementing measures to fight cyber-attacks. Progressively, cybersecurity is becoming an important strategic issue in almost every organizations executive board room discussions. Organizations are planning to spend more on cybersecurity, devoting increasing resources to improving their defences and working harder to embed security-by-design. This also gets reflected in the cyber security market size. NASSCOM, Data Security Council of India & PwC Report, India’s cybersecurity market for products and services will grow up to $35 billion by 2025 creating 1 million + jobs in security domain with a robust ecosystem of 1000 security start-ups. This is yet another opportunity for the established IT players and start-ups to make maximum out of it.

In one recent attack, an Indian bank lost 944 million rupees (US$13.5m) after hackers installed malware on its ATM server that enabled them to make fraudulent withdrawals from cash machines.

If Indian IT players want to grow their business and the IT startups wants to establish themselves in the global market, cyber security offers them that opportunity.  NASSCOM, Data Security Council of India & PwC Report also suggest that India cybersecurity market is forecasted to grow at a CAGR of over 19% during 2018-2023. Growth in the market is expected to be driven by multiple driving force including – one, rising number of government initiatives towards digitizing; two, increasing awareness of business and individuals towards cyber security; three, rapid adaptation of security initiatives in healthcare, BFSI, education and other vital sectors; four, rapid adoption of Social, Mobile, Analytics, Cloud & IoT technologies by business, government, and individuals. The projection of the exponential growth projected by NASSCOM and other consulting organizations is based on the basic facts that Indian market comes with certain competitive advantages which makes it as a preferred destination. Some of the USP’s of the Indian market are– one, preferred destination of global SoCs; two, mature security practice of Indian IT services companies; three, security services operations set up by MNCs; four, preferred destination for security R&D; five, Existing GIC (Global In-house Centre) security operation centers; six, competitive IT product ecosystem, seven, existing network of 100 + Indian security companies; eight, availability of skill sets – 150,000 + experienced security professionals; trust factor that IT industry brings in to the global IT players.

As of now, India’s cyber security landscape is passing through transformational journey and it is too early to say that the joint effort of the government, regulators and industry are showing results, but the Indian cyber security industry is doing good and projected to do wonders.

Also Published at

Cybersecurity Culture

Cybersecurity Culture

Cybersecurity should no longer be viewed as a function of information technology alone. The review of cyber security as a function should move under COO or CEO. It needs to form an integral part of culture and strategy of the organization. It should be reflected in every facet of the organization, right from the strategy to the behavior of an individual employee. We have also started to observe that the performance of any business on stock market is also dependent of their cyber security policies and practices.

An organization’s security culture is not something that grows in a positive way organically. One must invest in a security culture just when a security culture is sustainable, it transforms security from a one-time event into a lifecycle that generates security returns forever. A sustainable security culture has four defining features. First, it is deliberate and disruptive. The primary goal of a security culture is to foster change and better security, so it must be disruptive to the organization and deliberate with a set of actions to foster the change. Second, it is engaging and fun. People want to participate in a security culture that is enjoyable and challenging. Third, it is rewarding. For people to invest their time and effort, they need to understand what they will get in return. Fourh, it provides a return on investment. The reason anyone does security is to improve an offering and lower vulnerabilities; we must return a multiple of the effort invested.

It is an established fact that the computers do exactly what we tell them to do. The challenge is with the humans, as they need a framework to understand what is right thing and what is wrong for security. Making of cybersecurity culture includes following points – One, cybersecurity is the battle that can only be won by joining hands with other companies that are part of the ecosystem; Two, the journey of the cybersecurity culture must start with identifying and defining Internet governance in collaboration with governments and regulators; Three, the code of cybersecurity ethics can be created for each industry separately based on their needs; Four, the act of cyberattack transparency will build trust with everyone from suppliers to customers; Five, CEOs should be presenting cyber security as the DNA of the organization which is a part of their business model and value chain, including their leadership structure; Six, CEOs should acknowledge that cybersecurity is not an “add-on” feature, instead, it is an integral part of “security by design”.; Seven, organizations should start to bring CISO (Chief Information Security Officer) to the board, who will help organizations protect Cybersecurity Value Chain; Eight, CEOs are in a position to influence Internet service providers as a first action to make the Internet more secure and to invest in implementing better base Internet protocols; Nine, despite many organizations focusing on developing cybersecurity awareness, not all individuals understand their role in the organization’s security culture; Ten, cyber security awareness is about changing the view of individuals who have the opinion that only security department is responsible for cyber security; Eleven, lack of employee buy-in is one of the main reasons that it is difficult for organizations to instill proper cybersecurity culture in their workforce.

Organizations can work on the idea of setting up the cyber security community within the organization.  It should be seen as the backbone of sustainable security culture. Security community is achieved by understanding the different security interest levels within the organization and addressing their needs.

‘Small’ steps to cybersecurity

‘Small’ steps to cybersecurity

Small organisations are part of large organisations’ value chain and any vulnerability at the former may reflect in latter’s security

To remain relevant in the era of Industry 4.0, traditional business and government departments are increasing their digital footprints, adopting technology and increasing engagement. In such a scenario, cybersecurity should lie at the heart of any digital transformation initiative and never be an afterthought. It should be built-in by design.

Industry 4.0 can be the catalyst of change in different fields like governance, management, administration of smart cities and other applications that are driving the vision of Digital India. But at the same time, it also presents a very lucrative opportunity to cybercriminals, who find many more easy and insecure entry points into networks and devices.

Cyberspace has no physical boundaries. The ubiquitous nature of cyberspace, pervasive cybernetwork and internet connectivity make the data of organisations, key government institutions, critical banking and financial transactions, digital assets of armed forces, etc, vulnerable to cyberattacks.

It is widely believed that large organisations are the easy victims of cyberattacks, but it is observed that small companies are more prone to cyberattacks as they are often ignorant about the possible threats. Even if they are aware of data breach, they are technically or financially not equipped to fight the battle of cybersecurity. Though most of the small companies are serious about data security, many don’t have the budget for proper cybersecurity infrastructure.

As Brian NeSmith, CEO and co-founder, Arctic Wolf Networks, puts it: “Small organisations are finally realising that they need to be as prepared as large organisations when it comes to cybersecurity, making it no longer an IT problem but a larger business challenge within every organisation. Additionally, we will see small businesses’ approach to cybersecurity impacting larger organisations through the supply chain vector. Hackers will take advantage of smaller organisations, which often fuel larger business supply chains, because they typically have security vulnerabilities that can be more readily exploited than larger ‘targeted’ companies”.

Increasing Vulnerability
Cybercriminals attack public, private or hybrid cloud technologies to get hold of trade secrets, customer data or other confidential information, which can put company, government agencies, or individual in deep trouble. In the absence of a structured cybersecurity framework, it has become easy for any cybercriminal to walk into our system and walk out with the information. This vulnerability is a function of technology, policies and education. The cybersecurity vulnerability, in India, is the sum total of many elements including:

• In India, most of the critical government IT infrastructure is owned by the private sector. There is no national security architecture that unifies the efforts of all these agencies to be able to assess the nature of any threat and tackle them effectively. Further, in the absence of a national regulatory policy for cybersecurity, there is a lack of awareness at the company as well as individual level.

• Companies often face big cybersecurity issues due to lack of capable people managing cybersecurity solutions. This vulnerability increases when organisations engage with vendors who don’t follow cybersecurity protocols and don’t value the importance of data. Moreover, in the absence of any legal framework, cyber espionage has become a norm in the connected world.

• Data produced by the ever-growing number of online transactions — be it customer information, results of product surveys, or generic market information — creates treasured intellectual property that is an attractive proposition for any cybercriminal. Data is critical for business and any breach brings in tremendous loss to business. There is a need for strong data protection policies and its effective implementation.

• Businesses should have a complete inventory of all the IT assets present in their network. It is observed that one who fails to have an IT asset audit at regular interval gets into deep trouble. In the absence of the IT audit, organisations will fail to identify gaps in their system and potential threats.

• In its Cyber Security Intelligence Index, IBM found that 60% attacks in an organisation are carried out by insiders. As the threats come from trusted users and systems, they are difficult to detect. It is important to have well-developed cybersecurity training centres that are designed to answer the requirements of government, business, and individuals.


Systemic Problems
“The future of cybersecurity will be led by a workforce that intentionally studied cybersecurity, rather than fell into it by default. We are just now beginning to see this generation of truly cybersecurity-trained students enter the workforce, and as they continue to do so, we will begin to solve some of the systemic problems that have been caused by the lack of a skilled workforce,” said Mike Stamas, Co-founder of GreyCastle Security.

Government, business and individuals can do their part by strategically working with cybersecurity experts and investing in solutions and infrastructures that protect their key digital asset, data, etc. The challenge of cybersecurity is bound to increase and it is important for us to be prepared. But is India cybersecurity ready?

According to a Nasscom, Data Security Council of India & PwC report, India’s cybersecurity market for products and services will grow up to $35 billion in 10 years from the present $4.5 billion. Cybersecurity offers an opportunity to established IT players to increase their market presence and creates an environment for startups to establish themselves in the market.

Immediate Opportunity
The immediate opportunity for cybersecurity experts and players includes data protection framework for Aadhaar and similar other initiatives, data protection framework for all e-commerce players, digital banks, ML/AI-enabled solutions, IoT-enabled solutions to achieve automation and efficiency, cloud-based security model and blockchain-based security model.

The organisations that have shown commitment toward cybersecurity are progressively using artificial intelligence, robotic process automation, machine learning and analytics to increase the cybersecurity of their key assets and data. They understand that the price of failure is high.

Also Published at