Building a Strong Compliance Culture: Experts Discuss Strategies for Effective Security and Compliance

The fireside chat titled "Building a Strong Compliance Culture" featured Pratyush Kukreja, Business Head - APAC, Scrut Automation, who shared his insights and expertise on developing a robust compliance culture within organizations. The discussion was moderated by Hilal Ahmad Lone, CISO at Razorpay, and touched upon various aspects of cybersecurity, compliance, and the challenges faced by the fintech industry.

Pratyush Kukreja, with his extensive experience across geographies and industries, emphasized the importance of a strong culture of compliance and security within organizations. He highlighted that compliance should not be seen as a hindrance to innovation but as a means to build trust, protect customer data, and ensure the organization operates in the right way.

Discussion on Achieving Balance

Hilal Ahmad Lone and Pratyush Kukreja delved deeper into the challenge of finding the right balance between a strong compliance program and maintaining operational agility. They acknowledged that in the highly regulated fintech industry, compliance is crucial to assure customers and investors that the organization operates ethically and securely. They stressed the need to optimize existing control requirements, evolve with licensing and reporting requirements, and establish benchmarks to ensure the compliance program is effective and efficient.

Addressing Unique Vulnerabilities at Scale

Pratyush Kukreja raised the issue of unique vulnerabilities faced by Traceability, as one of the largest payment gateways in the country, due to the vast amount of sensitive data it handles. Hilal Ahmad Lone responded by emphasizing the importance of continuous improvement in security and compliance. He highlighted the need to enhance visibility, invest in detection and prevention frameworks, and ensure that all employees are actively engaged and onboarded with security initiatives.

Impact of Generative AI and Preparing for Social Engineering

The discussion also touched on the role of generative AI in social engineering attacks. Hilal Ahmad Lone highlighted the growing concern and speed at which AI can be leveraged to gather sensitive information for targeted attacks. He shared his experience with AI-based malware analysis, showcasing the remarkable speed at which it provides insights that previously took days to obtain. The potential impact of generative AI on cybersecurity and the need for organizations to be prepared for this emerging threat were emphasized.

The session provided valuable insights into the importance of building a strong compliance culture and the challenges organizations face in achieving this goal. Pratyush Kukreja and Hilal Ahmad Lone emphasized the need for a top-down approach, investment in the right tools and frameworks, and continuous improvement to ensure organizations can navigate the complex landscape of compliance and security effectively.

The Chat served as a platform for industry professionals to gain a deeper understanding of the strategies, best practices, and emerging trends in compliance and security. Attendees left with actionable insights to strengthen their compliance programs and cultivate a culture of security within their respective organizations.