Safeguarding Banking and Leading the Way to a Secure Digital Future
Sarang Nagmote
Deputy Vice President-IT,
TransUnion CIBIL
Sarang Nagmote is a seasoned Information Technology leader with extensive experience in Information Security and Information Technology Management. With a background in Computer Science Engineering, an MBA from the Indian Institute of Management (IIM) Calcutta, and a Law degree from Mumbai University, Sarang possesses a unique combination of legal, business, and technical expertise.
Throughout his nearly two-decade career, Sarang has honed his skills in various areas of cybersecurity, including information security audits, technical audits, security assessments, IT contingency planning, compliance, and project management. He has successfully safeguarded organizations against evolving cyber threats and has a track record of driving high-end revenue growth in the Credit and BFSI (Banking, Financial Services, and Insurance) industries.
Sarang’s contributions have earned him recognition from media organisations as one of India’s finest CIOs. Beyond his professional achievements, he is dedicated to philanthropy and actively involved in the community, setting him apart as a leader.
With a focus on Cyber Security Strategy, Sarang demonstrates exceptional proficiency in risk assessment, security operations, architecture, threat management, investigation, and forensics. His in-depth knowledge empowers him to effectively tackle multifaceted cybersecurity challenges and protect organizations from a wide range of threats.
As an IT leader, Sarang understands the everevolving IT landscape and places significant importance on implementing robust security measures and staying updated with the latest threats. He fortifies defenses and safeguards sensitive data through strategic approaches, ensuring a secure digital future for the organisation despite persistent cybersecurity challenges. Sarang recognizes the significance of emerging technologies and promotes a culture of innovation, continuous learning, and agile practices. He also emphasises data privacy and governance, actively driving compliance efforts and establishing management practices aligned with industry best practices.
TradeFlock conducted an interview with Sarang to delve into his expertise in safeguarding organisations and paving the way for a secure and resilient digital future.
Tell us about your leadership style and how you ensure effective communication and collaboration within your team.
My leadership style is collaborative and empowering. I believe in building a culture of trust and open communication within my team. I value the diverse perspectives and ideas of team members and encourage their active participation and input. To ensure effective communication and collaboration, I prioritise transparent communication, active listening, encouraging collaboration, and empowering and developing team members.
Transparent communication involves providing clear expectations, goals, and feedback. Active listening allows team members to share their thoughts and concerns, while collaboration promotes knowledge sharing and collective ownership. Empowering team members includes granting them autonomy and investing in their professional development through training and mentorship.
What are the biggest challenges currently facing the IT industry? How do you plan to address them in your role as a Deputy Vice President?
The IT industry faces numerous challenges that require proactive measures to address them. To tackle the scarcity of skilled IT professionals, I will focus on comprehensive recruitment strategies, promoting diversity and inclusion, and implementing employee retention programmes centred around career development and competitive compensation packages.
With the rapid pace of technological advancements, staying ahead poses a challenge. To overcome this, I will foster a culture of continuous learning and professional development, facilitating upskilling and reskilling programmes while forging partnerships with educational institutions and technology vendors.
The escalating sophistication of cyber threats demands a robust cybersecurity strategy. I will prioritise cybersecurity by investing in advanced technologies, establishing strong governance frameworks, and fostering a security-aware culture across the organisation.
Legacy systems can impede agility and innovation within organisations. To address this challenge, I will spearhead initiatives to modernise legacy systems, embracing cloudbased solutions, scalable architectures, and automation to enhance operational efficiency.
Furthermore, navigating the complex landscape of regulations and compliance is crucial. I will establish comprehensive governance frameworks, conduct regular audits, and ensure compliance with relevant regulations to mitigate legal and reputational risks.
What are your strengths and weaknesses as a security professional?
As a security professional, my strength lies in my passion for continuous learning. I am driven to expand my knowledge and skills, keeping up with the latest exploits, vulnerabilities, and security techniques. I actively share my findings with others, fostering a culture of knowledge sharing.
On the other hand, one of my weaknesses is occasionally prioritising the growth and development of my team members over my personal growth. However, I am actively working on finding a balance between supporting my team and investing in my professional development.
Businesses worldwide are concerned about rising cybersecurity risks. How do you mitigate the risks associated with cybersecurity?
Cybersecurity risks are a significant concern for businesses globally. To mitigate these risks, I employ a multi-layered approach. I ensure the implementation of a comprehensive security framework that covers all aspects of IT infrastructure, including network security, application security, endpoint security, and data security. Conducting regular risk assessments to identify vulnerabilities, potential threats, and areas that require immediate attention helps prioritise security measures and allocate resources effectively.
Cybersecurity awareness and training programmes for all employees to create a securityconscious culture are two of my top priorities. This includes educating them about best practises, phishing attacks, social engineering, and the importance of strong passwords. Furthermore, I establish a well-defined incident response plan that outlines the steps to be taken in case of a security breach or incident. This involves incident detection, containment, recovery, and postincident analysis for continuous improvement. Finally, collaboration with external security experts, engaging in industry forums, and staying updated with the latest security trends and best practises allow me to leverage their expertise and incorporate industry-leading security measures.
What advice would you like to give to aspiring IT professionals in the industry?
First and foremost, embrace lifelong learning, as the industry is constantly evolving. Keep yourself updated with the latest technologies, trends, and best practises through self-study, pursuing professional certifications, and attending industry conferences.
In addition to technical expertise, it is crucial to develop soft skills. Cultivate essential skills such as effective communication, collaboration, and leadership. These skills will set you apart in a competitive job market and enable you to thrive in team environments.
Practical experience is invaluable in the IT industry. Seek opportunities to apply your knowledge through internships, freelance projects, or contributing to open-source initiatives. Practical experience will enhance your understanding of real-world scenarios and improve your problem-solving skills.
Building a strong professional network is also important. Engage actively with peers, attend industry events, and participate in online communities. Collaborating with others not only expands your knowledge but also opens doors to new opportunities.
The IT industry is known for its agility, so it is crucial to stay agile and adaptable. Be open to change and embrace new technologies and methodologies. Develop a growth mindset that allows you to adapt quickly to evolving requirements.
Lastly, establishing a strong personal brand can significantly impact your success in the IT industry. Share your knowledge through blogs, articles, or social media platforms, and contribute to open-source projects to showcase your skills and expertise. Effective communication, collaboration, and continuous learning are equally important alongside technical prowess.
How do your team members perceive you as a leader and inspiration in the field of cybersecurity, and how do you ensure their growth and learning path?
My team members view me as an approachable and supportive leader who treats them as friends and valuable resources. I prioritise knowledge sharing and pass on my learnings to my juniors and colleagues, offering guidance and solutions not only in information security but also in personal challenges. I take pride in their growth and success, encouraging their professional development through certifications and mentorship.
To ensure their growth, I actively engage with each team member, providing guidance and conducting knowledge-sharing sessions. I support their pursuit of relevant certifications and leverage my network to assist them in finding new opportunities. I emphasise the importance of building a strong foundation before considering transitions. Their growth and success are paramount to me, and I strive to be a mentor and facilitator in their professional journeys.