CIO & LEADER-Issue-10-January 2018 (1)

Face Off
Is CIO's vertical specialization
important? Pg 24
Banking
Why tech is the ultimate
cash cow for farmers? Pg 38
Volume 06
Issue 10
January 2018
150
TRACK TECHNOLOGY BUILD BUSINESS SHAPE SELF
Skills
CIOs will
Develop
& Hire to
Conquer
2018 page.
16
A 9.9 Media Publication

EDITORIAL
Shyamanuja Das
shyamanuja.das@9dot9.in
Beyond the
Hyperboles
A
For ensuring that
the organization
remains both
competitive and
responsible, one
of the immediate
priorities is
drawing of an
action plan
for systematic
reskilling
At the time of writing this, the annual meeting
of the World Economic Forum is on at Davos.
India, of course, is getting a lot of mindshare,
not just because of the plenary speech of prime
minister Narendra Modi in which he reiterated
India’s commitment to globalization but also
because India’s role in global economy is now
unquestionable!
Technology has become one of the recurring
themes in all global agenda setting. In a multidisciplinary,
cross-cultural platform like WEF
it is even more prominent—as technology now
touches and impacts all aspects of life.
What is somewhat new this year, however, all
that tech talk is not one-sided optimism. Global
leaders—including tech leaders—have started
discussing the adverse impact of technological
progress, incidentally one of the global risks
that WEF has been trying to measure in its
annual Global Risk Report (GRR).
Talking of GRR, this year, two of
the cyber risks—cyber-attacks and
data theft/fraud—have been identified
by thought leaders as two of the
five most likely risks for the world
in 2018.
But the WEF discussion goes
much beyond the immediate risks.
Apart from cyber security, other
impact of technology that has been
discussed is the impact that technology
has on children, on jobs, and on
society in general. Who could have
imagined a decade back that Cisco
CEO would stand on one of the most important global
platforms and urge the parents to control device
use among children?
This is but one example of the fact that the global
tech community is becoming far more responsible.
As an important constituent of that community, the
CIOs should keep this aspect in mind.
One of the more actionable items on that responsibility
agenda is doing something about new automation
making certain current functions redundant/
less important. For ensuring that the organization
remains both competitive and responsible, one of the
immediate priorities is drawing of an action plan for
systematic reskilling.
The recently released WEF report, Towards a
Reskilling Revolution: A Future of Jobs for All introduces
a new data-driven approach to identifying reskilling
and job transition opportunities.
But as a recent survey by us finds out—and our
cover story is based on that—our CIOs are more
than sensitized to the need of reskilling. The 2018
agenda is primarily to act. We present ten top CIOs’
take on what skills they are looking at hiring and
what skills that they are looking to acquire for themselves.
And they explain why.
Tell us about yours
January 2018 | CIO&LEADER
1

A 9.9 Media Publication
Face Off
Is CIO's vertical specialization
important? Pg 24
TRACK TECHNOLOGY BUILD BUSINESS SHAPE SELF
Banking Volume 06
Why tech is the ultimate Issue 10
January 2018
cash cow for farmers? Pg 38
150
16
CONTENT
JANUARY 2018
COVER STORY
16-23|
Skills CIOs Will
Develop & Hire To
Conquer 2018
advertisers ’ index
Godrej
Vodafone
Skills
CIOs will
Develop
Conquer
2018 page.
& Hire to
Cover Design by:
Shokeen Saifi
FC
BC
Please Recycle
This Magazine
And Remove
Inserts Before
Recycling
COPYRIGHT, All rights reserved: Reproduction in whole or in part without written permission from
Nine Dot Nine Interactive Pvt Ltd. is prohibited. Printed and published by Vikas Gupta for Nine Dot Nine
Mediaworx Pvt Ltd, 121, Patparganj, Mayur Vihar, Phase - I, Near Mandir Masjid, Delhi-110091. Printed at
Tara Art Printers Pvt ltd. A-46-47, Sector-5, NOIDA (U.P.) 2013011
This index is provided as an
additional service.The publisher
does not assume any liabilities
for errors or omissions.
2 CIO&LEADER | January 2018

AROUND THE TECH
04-07
Colonels, Commanders &
Cybersecurity
www.cioandleader.com
COLUMN
08-09
Essential Traits Of A
New Leader
By Priya Dar
10-11
How Enterprises Are
Redefining Businesses
With Big Data Powered
By AI
By Aashish Kalra
INSIGHT
26-27
Artificial Intelligence
Is Creating Happy
Workplaces
28-29
Tech Job Trends In
2018 And Beyond
32-33
When Cloud Gives You
Wings
SECURITY
34-36
Web Application
Security In A Digitally
Connected World
MANAGEMENT
Managing Director: Dr Pramath Raj Sinha
Printer & Publisher: Vikas Gupta
EDITORIAL
Managing Editor: Shyamanuja Das
Associate Editor: Shubhra Rishi
Content Executive-Enterprise Technology:
Dipanjan Mitra
DESIGN
Sr Art Director: Anil VK
Art Director: Shokeen Saifi
Visualisers: NV Baiju & Manoj Kumar VP
Lead UI/UX Designer: Shri Hari Tiwari
Sr Designers: Charu Dwivedi, Haridas Balan & Peterson PJ
SALES & MARKETING
Director-Community Engagement
for Enterprise Technology Business:
Sachin Mhashilkar (+91 99203 48755)
Brand Head: Vandana Chauhan (+91 99589 84581)
Assistant Product Manager-Digital: Manan Mushtaq
Community Manager-B2B Tech: Megha Bhardwaj
Community Manager-B2B Tech: Renuka Deopa
Associate-Enterprise Technology: Abhishek Jain
Assistant Brand Manager-B2B Tech: Mallika Khosla
Regional Sales Managers
South: Ashish Kumar (+91 97407 61921)
North: Deepak Sharma (+91 98117 91110)
West: Prashant Amin (+91 98205 75282)
Ad Co-ordination/Scheduling: Kishan Singh
PRODUCTION & LOGISTICS
Manager Operations: Rakesh Upadhyay
Asst. Manager - Logistics: Vijay Menon
Executive Logistics: Nilesh Shiravadekar
Logistics: MP Singh & Mohd. Ansari
OFFICE ADDRESS
Nine Dot Nine Mediaworx Pvt Ltd
121, Patparganj, Mayur Vihar, Phase - I
Near Mandir Masjid, Delhi-110091
Published, Printed and Owned by Nine Dot Nine Mediaworx
Private Ltd. Published and printed on their behalf by
Vikas Gupta. Published at 121, Patparganj,
Mayur Vihar, Phase - I, Near Mandir Masjid, Delhi-110091,
India. Printed at Tara Art Printers Pvt Ltd., A-46-47, Sector-5,
NOIDA (U.P.) 201301.
Editor: Vikas Gupta
January 2018 | CIO&LEADER
3

WHAT
CIOs ARE
TIRED OF
HEARING...
around
thetech
SECURITY
Colonels,
Commanders &
Cybersecurity
In 1978, Transformational Leadership
was introduced by expert, James Mc-Gregor Burns,
in his book “Leadership”. There are close to a dozen
CISOs in Indian industry—who have served in Indian
the defense forces—namely the Indian Army and Indian
Navy. Somehow, we do not see many ex-Airmen in the
list. But what exactly is prompting India, Inc. to go for
these defense personnel as CISOs? On the face of it,
many say current cyber threats require a real combat
mindset that comes naturally to the defense personnel.
Whatever it is, at present fauji CISOs seem to be ruling
the CISO-dom. Here is a list of a handful of CISOs.
“The Chief
Information Officer
role is nearing
extinction and may
cease to exist a few
years from now.”
AK Anand
Senior Vice President, Global
Practice Head & CISO
NIIT Technologies
Colonel in Indian Army
AJ Vijaykumar
CISO
Tata Communications
Lt Colonel in Indian Army
Brijesh Datta
SVP & CISO
Reliance JioInfocom
Colonel in Indian Army
Kaushal K Chaudhary
Executive Director – Group Head
IT & IS
Lanco Infratech
Jt Director Systems
(Commander of Indian Navy)
Manish Tiwari
CISO
Bharti Airtel
Director – CERT, Indian Navy
Murli Menon
CISO
Atos India
Commander at Indian Navy
Mukesh Saini
Head, IT Security
Essel Group
Commander at Indian Navy
Prashant Veer Singh
SVP, CISO and CIO
Bharti Infratel
Officer Commanding
Communications (Major) at
Indian Army
4 CIO&LEADER | January 2018

Around The Tech
BY THE BOOK
We recommend you to read Pedro
Domingos’ The Master Algorithm,
which gives us a peek inside the learning
machines that power Google, Amazon,
and your smartphone. The author
paints a picture through machine
learning's five major schools of thought,
showing how they turn ideas from neuroscience,
evolution, psychology, physics,
and statistics into algorithms ready
to serve you. Domingos, a Professor
at University of Washington, is also a
researcher in machine learning, creates
a blueprint of The Master Algorithm,
and discusses what it means for the
future of business, science, and society.
The quest for universal learning is one
of the most significant, fascinating, and
revolutionary intellectual developments
of all time. A ground-breaking
book, The Master Algorithm is the
essential guide for anyone wanting to
understand not just how the data revolution
will happen, but how to be at its
forefront.
makingheadlines
When people arrived in Las Vegas to attend CES in January this year, one of the
first things they noticed was Google’s massive promotional campaign for its
Google Assistant service. There were ads splattered on the sides of buildings,
painted on trains, and displayed on the screens of hotel room TVs. The effort
wasn't to make artificial intelligence a huge theme at this year’s show–mainly in
the form of digital assistants. Google, on the other hand, is also using its network
of Android devices and integrate its digital assistant service into millions of cars
from companies such as Ford, GM, Volkswagen and Volvo. Likewise, Amazon
left no stone unturned to showcase Alexa as the new wave in digital assistants.
Alexa's history preceded itself since it was the star of last year's CES. At CES
2018, Amazon's Alexa service has diversified into cookers from Whirlpool and
GE as well as Bluetooth-enabled portable devices such as smartwatches, headphones
and smartglasses.
Only 17% of senior roles are held by women in India.
The global survey by Grant Thornton – Women in business:
New perspectives on risk and reward, of 5,500
businesses in 36 economies further adds that 41%
of the Indian businesses surveyed have no women in
leadership roles, 7 points higher than the last year.
India continues to rank third lowest in the proportion
of business leadership roles held by women for the
third year consecutively.
At the global stage, Grant Thornton’s data shows
developing regions continue to lead the charge on
diversity with developed economies lagging behind.
Eastern Europe performs best, with 38% of senior roles
held by women in 2017 and just 9% of businesses
with no women in senior management. Meanwhile the
MINT economies (Mexico, Indonesia, Nigeria and Turkey)
saw the most improvement, with the proportion of
senior roles held by women rising from 24% in 2016 to
28% in 2017.
gender
bender
January 2018 | CIO&LEADER
5

Around The Tech
CES 2018
SPECIAL
matter of
twitter
Toyota president Akio Toyoda has announced e-Palette, the auto
company's on-demand autonomous vehicle solution for business
applications, which it said will essentially form on-demand cities.
E-Palette is one example of Toyota's vision for autonomous business
applications," Toyoda said at CES 2018.
E-Palette will be fully electric, and will be powered by Toyota's
autonomous technology. Or, if they prefer, partner companies can use
their own automotive driving system instead. In either case, e-Palette
will include Toyota's Guardian technologies, which will act as a
safety net. It's an open, flexible platform that can be easily adapted to
support a range of uses, including ride sharing, delivering, and retail.
Announced at CES 2018, the e-Palette could enable on-demand
use cases for retail experiences, personal shops, markets, showrooms,
and office sharing while transiting to and from the workplace.
Ride sharing transport could also share the space with on-demand
meal deliveries.
VITAL
STATISTICS
Digital business
maturity has a
direct impact on
CIO position
Percentage of CIOs reporting to the
CEO by digital maturity
70%
0%
31%
No Digital
Initiative
(n=260)
36%
Desire/
Ambition
(n=604)
41%
Designing
(n=851)
43%
Delivering
(n=799)
48%
Scaling
(n=417)
59%
Harvesting/
Refining
(n=94)
Source: Gartner's CIO Agenda 2018 Survey
6 CIO&LEADER | January 2018

Around The Tech
CIO Movements
Niranjan
Bhalivade
IS NOW
CEO - Information
Technology,
Trident Group
WAS
CIO, CEAT
Niranjan Bhalivade has
joined as the CEO -
Information Technology
at Trident Group, a
leading manufacturer
of textiles and based
in Ludhiana. Bhalivade,
who has served as a
jury member for annual
NEXT100 awards by
9.9 Media's IT NEXT
for multiple years, was
serving as the CIO of
CEAT for last eight years.
He will be leading the
digitalization program at
the group.
Manish
Tiwari
IS NOW
Senior VP and
Global CISO, Bharti
Airtel
WAS
CISO, Microsoft
India
Manish Tiwari has
joined as Senior VP and
Global Chief Information
Security Officer (CISO)
for Bharti Airtel, India's
largest telecom service
provider. Tiwari, an
ex-defence personnel,
who served as the
director for Indian Navy's
Computer Emergenecy
Response Team (CERT),
was most recently
serving as the CISO for
Microsoft India.
Anand
Thakur
IS NOW
Chief Digital Officer,
Jubilant Foodworks
Ltd
WAS
CTO, Koovs
Anand Thakur has
joined as the Chief
Digital Officer of Jubilant
Foodworks Ltd. This is a
newly created position at
the company. A techie,
Thakur served in various
IT companies including
Infosys, Perot Systems,
Adobe before having
a stint in online retail
companies including
Lenskart and Koovs.
His immediate last
assignment was as the
CTO of Koovs.
Major Vikas
Singh Yadav
IS NOW
CISO, Max Life
Insurance Company
WAS
CISO, Government
of India
Major Vikas Singh
Yadav, an experienced
information security
professional, who was
with the Indian Army
and was working most
recently in a government
assignment, has joined
as the Chief Information
Security Officer (CISO) at
Life Insurance company,
Max Life.
Vikas is a dynamic
professional with
excellent academic
record and cross domain
experience.
Arindam
Singha Roy
IS NOW
CIO, East India
Udyog
WAS
Head of IT,
SPML Infra
Arindam Singha Roy has
joined as the CIO of East
India Udyog, a major
transformer, conductor
and EPC company.
Before this, he was the
Head of IT at SPML
Infra where he was
responsible for setting
up IT infrastructure,
security and applications
and was in-charge of the
entire IT set-up. Arindam
had spent more than 12
years at SPML Infra.
January 2018 | CIO&LEADER
7

COLUMN
By Priya Dar
Essential
Traits Of A
New Leader
Priya Dar, Chief Information Officer,
Godfrey Phillips, writes about leadership
in the digital age
W
“Who is a leader?” - My 13-year old son asked me one day. This
got me thinking. Having spent some time in the leadership spectrum,
this is a hard truth to live by. You have to constantly ask yourself:
Are you a leader? A good leader? A conscientious leader? A
just leader?
Is he/she the one who stands front and center or is he/she the
one who stands in the back ensuring everything goes well? After
taking a scholastic approach, I think I have learnt a few things
about leadership.
In my opinion, anyone can become a leader. Are you a team
player?; Are you decisive enough without letting your ego get in
the way?; Do you communicate?; Are you approachable?; Do your
people know you have their back?
Know When To Change
Sometimes you will need to lead the troops, and at other times you
will have to nudge your people to take the plunge. Access the situation
and decide.
Be Decisive
Not with an iron fist though. Any attempt to rule with an iron fist
will go down like a lead balloon.
The author is Chief Information Officer
at Godfrey Phillips
Keep Learning
However, high on the career graph, you should be open to learning
from anyone around you – irrespective of rank.
8 CIO&LEADER | January 2018

Column
1
Promoting the
company's vision
2
Operationalizing
CSR
3
Obtaining top
management
support
4
Engaging diverse
stakeholders
5
Empowering
and developing
stakeholders
Sometimes you will need to lead the troops
and at other times, you will have to nudge
people to take the plunge
6
Communicating
with stakeholders
7
Measuring
performance
8
Setting ethical
standards
Source: Report by Russel Reynolds on Sustainable
Leadership: Talent requirements for sustainable enterprises
Be Appreciative
Just because it is a job, does not mean,
you cannot appreciate small things.
I have learnt from experience that
appreciation begets loyalty, which is at
the core of a successful leader.
Pace Yourself
Just because there is a book called
“First 100 days of a CXO” does not
mean you have to complete everything
within 100 days. Every organization is
different and so the list of accomplishments
will be different.
Build Relationships/
Network
Build your network - internally and
externally. One of my mentors used
to say this – a lot can be accomplished
over a cup of tea.
Delegate
As you go higher up the corporate
ladder, there are things you will
have to delegate. Create the bandwidth
for yourself by delegation and
then let the delegate handle the day to
day stuff.
Lead by Example
If you want people to respect policy
– start following it yourself. I have
seen people preach about the benefits
of strong passwords while their own
passwords are “abc123.”
Don’t Forget to Enjoy
You have earned it. Ultimately my
answer to my son was on similar lines
– a leader is not just someone who
leads but someone who inspires others
to follow
January 2018 | CIO&LEADER
9

COLUMN
By Aashish Kalra
How
Enterprises
Are Redefining
Businesses
With Big Data
Powered By AI
How these technologies is giving
businesses a new lease of life
T
The author is Chairman, Cambridge
Technology Enterprises Limited
The world is transforming and
economies like India and China that
remained undiscovered in early 90s,
hold the potential to be discovered as
growth stories and creators of asset
class because of their ability to create
unstructured data sets. Data is the
next natural resource, like air,
oil, water, and the convergence of
Big Data and Cloud powered by AI
and ML is a potential multi-trillion
dollar opportunity.
Artificial Intelligence is no longer
a theory, it is for real because of the
availability of unstructured data,
high bandwidth and affordable computing
resources.
Discovering AI is the
new normal
As the world transforms, businesses
are going to need a lot of elements to
implement AI. They need an element
of Big Data and Cloud, then they need
to manage data, followed by an ability
to see panoramic view of data to
innovate and help businesses leapfrog
and most importantly, draw
insights to take the decisions. Majority
of the companies will not be able
to articulate the problem or hire the
people to execute.
There will be businesses with the
resources and capital to get to decisions
while some may still be finding
the way to cross the bridge. Discovering
the power of AI for your business
will be the new impact. Gartner
recently estimated that the term “AI”
ranked seventh in the most searched
terms. This is significant jump compared
to January 2016 when “AI”
was not even in the top 100 for the
same category.
Artificial Intelligence is transforming
the way businesses are defined,
designed and delivered and enterprise
value is captured. Asian economies
like India and China are poised to
leapfrog the world in Artificial Intel-
10 CIO&LEADER | January 2018

Column
ligence as the demography is not constrained
by legacy usage of computers
or tablets so they can move directly to
the phone. Also, India and China are
creating unstructured data at a very
rapid pace and has datasets in volume
that very few countries possess.
In the Asian context, India is a
country with inefficiencies and lack
of infrastructure in financial services,
retail, education, health services,
insurance and manufacturing. Most of
these sectors have limited innovation
in technology due to the majority of
transactions being done in cash. Now,
with the increasing adoption of digital
currency, it will create a treasure
trove of data in every industry. With
incredible advances in Artificial Intelligence,
India Inc. will have the ability
to upend, disrupt and create industryshaping
companies from scratch.
Mobility in India will drive digital
adoption. As the next 700 million
Indians get online – they will create
data on how they live, move, transact
and interact. This will in turn create
opportunities in healthcare services,
transportation, building better cities,
retail, e-commerce and media.
As we approach this future, we will
see startups and big companies alike
take advantage of Artificial Intelligence
to re-invent and innovate. The
vision of Digital India requires considerable
investment and a sustained
push to create better infrastructure
and development of talent to support
this transformation. If we can combine
the efforts in government policy and
innovation that young Indians are
creating today, India will leapfrog the
technologies of yesterday and emerge
as the engine of global growth.
On a larger context, application
of Artificial Intelligence to crossfunctional
departments can generate
insights adding immense value to ingrained
business processes in terms
of improving performance on a proactive
basis. For implementing Artificial
Intelligence at an enterprise level,
both AI and businesses have to ‘Think
Gartner recently estimated that the
term “AI” ranked seventh in the most
searched terms
Big, Start Small and Act Fast’.
So, that’s the global context of what
businesses should be trying to solve.
The first thing is to capture the data
and place it in databases that can
handle that volume of data. This is not
your traditional databases. The second
part is how you analyse it. Today, the
world analyzes it by brute force but
tomorrow, we are convinced that the
world will analyze large parts of data
with Artificial Intelligence. Once you
get to that point, the way we deal with
information, the way the world works
transforms itself. It is no longer transactional,
it is relationship.
Identifying hidden correlations is
the aim of applying AI to business
processes. Data-rich and digitally
transformed organizations are going
to have an advantage here compared to
ones that are not capturing their data.
Former organizations should start
understanding the power of AI and
start identifying different processes in
business units where they can maximize
results with the usage of AI.
In the years to come, enterprises
will scale new heights by exploring
this untapped data and extract incremental
value. AI powered by Big
Data will affect almost all facets of our
existence ultimately influencing the
way enterprises chase growth, to
positive effect.
Whether businesses are ready
or not, AI is going to take us overwith
its disruption and it is going to
work in the favor of those who are better
prepared
January 2018 | CIO&LEADER
11

COLUMN
By Rahul Kumar
Cloud
Security:
A Case For
Effective
Encryption
Having an effective encryption and key
management solution is vital to the
success of any security strategy
I
It has not yet reached epic proportions, but the number of organizations
adopting cloud-based technologies is growing dramatically.
Organizations of all sizes across industries are turning towards
cloud-based infrastructure and cloud computing for better scalability,
accessibility and a collaborative work environment. However,
after moving to the cloud, many organizations mistakenly assume
that it is the role of the cloud service provider (CSP) to secure data
and ensure compliance.
Even though the CSP may provide services for protecting data,
organizations must understand the fact that virtual environments
are not always fully secure and that they—organizations—too have a
role in protecting the security and privacy of their data. Remember,
the liability to notify those affected and remediate damages is on you
should your company suffer a data breach!
The author is Country Manager for
India at WinMagic
Knowing the levels of responsibility
does matter
When it comes to choosing between cloud infrastructure and cloud
computing, companies must make the decision backed by a plan to
implement the right security solution. The solution should effectively
address issues such as securing data, managing risk related
to unauthorized access, and meeting compliance and regulatory
requirements. Remember, the cloud is subject to the same threats
12 CIO&LEADER | January 2018

Column
With increased sophistication of threats, cloud security is
becoming even more dynamic as it evolves
as a data center. Whether cloud or onpremise,
organizations have to deal
with human error, malicious breaches
from internal and external sources, as
well as system glitches. The massive
amounts of data located on shared
cloud servers always entice criminals.
Things get a lot more complicated
when a multitude of mobile devices
are used in organizations.
With increased sophistication of
threats, cloud security is becoming
even more dynamic as it evolves.
Organizations continue to be responsible
for security, privacy and compliance
even when under different cloud
service models. The need for consistent
policies, password rules and
specialized data encryption methods
has never been greater. Both the organization
and the CSP have roles that
vary in scope, but then both also have
different levels of responsibility that
encompass the entire gamut of operations—from
data classification,
endpoint protection, identity and
access management, application and
network level controls, to host and
physical security.
There are clear boundaries defined
and responsibilities identified for
organizations and CSPs. For instance,
in both on-premise and cloud models,
the organization is responsible for
ensuring that the data is classified
and encrypted in compliance with the
regulatory obligations. In the case of
endpoint devices, CSPs may facilitate
the management of these devices by
providing secure device management,
mobile application management, and
PC management capabilities; however,
the responsibility of implementing the
security solution again lies with the
customer organization.
Who is responsible for
a breach?
There is no question about who is
responsible when a breach occurs. For
businesses, the vital consideration in
securing the infrastructure and data
relates to where the CSP’s responsibility
ends and the organization’s begins
so that a breach does not occur in the
first place. This means that while the
provider is responsible for protecting
the hardware, software, physical facilities
and other aspects involved with
running the cloud services provided,
businesses maintain control over a
number of key security measures.
Some key security measures for
January 2018 | CIO&LEADER
13

Column
businesses include:
Network configuration and security
(such as firewalls)
Data Security (including encryption)
The use of third-party security tools
such as encryption key management
software
Determining the type of content and
data to store in the cloud
Access control and management
Making life simple with encryption
There is abundant evidence to show
the difference that encryption makes
in containing the volume of loss and
associated costs when a breach occurs.
In fact, according to a study, extensive
use of encryption is the second most
impactful factor that can limit the costs
of a data breach. Despite all pointers
that emphasize its advantages, usage
of encryption is limited in many businesses
across industries. Although the
adoption of encryption has increased
over the last decade, only a mere 37 percent
of businesses employ it as a cloud
security strategy.
Remember, encryption is the important
first step for businesses that wish
to take control of the ownership of
data; better encryption key management
follows next.
While encryption renders data
into a format that can only be read by
authorized users, it does not make a
powerful strategic tool if not combined
with effective key management. Far
too often, companies follow a laissezfaire
approach to key management,
which makes its utilization needlessly
complex and cumbersome. Problems
do get out of hand when there is no
clear ownership of keys within the
organization, when no skilled personnel
is in charge of the keys, or when
a siloed approach is followed for key
management.
Having an effective encryption and
key management solution is vital to
the success of any security strategy.
Data encryption, when executed
properly, ensures the protection of
sensitive information. Although there
are many myths surrounding data
Encryption is the important first step for businesses
that wish to take control of the ownership of data;
better encryption key management follows next
encryption (too expensive, too difficult
to manage, etc), the surprising truth is
that it is indispensable. In fact, encryption
provides the foundational framework
to any data security protection
strategy.
There are security options out there
to help organizations in:
Encrypting and managing data
stored on virtual machines and
Infrastructure-as-a-Service (IaaS)
platforms.
Encrypting files at the endpoint
before they are synchronized to
enterprise file sync and share (EFSS)
services across a range of enterprise
platforms.
Managing encryption keys across
the enterprise
Whether data is stored in public,
private, or hybrid cloud environments,
organizations need a robust
solution to ensure full control of
encryption and its keys. Much of the
encryption related problems can be
alleviated with the adoption of file
encryption software, and ideally with
an intelligent key management system
that encrypts virtual machines and
removes encryption keys at the conclusion
of each virtual instance.
Using a single platform often is
more effective as an organization can
ensure the implementation of a unified
encryption strategy across any
endpoint, provide a virtualized or
cloud environment with increased
enterprise security, ensure encryption
compliance, and reduce complexities
of risk management and audits
14 CIO&LEADER | January 2018

Skills
CIOs will
Develop
& Hire to
Conquer
2018 By
Shubhra Rishi

Cover Story
L
et's address the elephant
in the room: The world is
staring at a talent crisis.
The Fourth Industrial
Revolution is disturbing
the demand supply equilibrium
- creating a shortfall
of new skills. This is a classic Catch-
22 situation where, on the one hand,
CIOs are shifting their investments
in favour of digital transformation.
On the other hand, skilled IT workers
are hard to come by. In a recent Skill
Survey conducted by CIO&Leader, we
found that 45% of Indian CIOs find it
"hard" to hire the right skills for their
department while 14% agree that it is
rather "very hard" to fill in these highskilled
positions.
This is hardly a surprise because
CIOs across the board identify the IT
skills gap as a serious impediment to
their growing digital ambition and
they are under enormous pressure
to help their organizations become
agile and stay relevant in the current
digital age.
Every CIO is probably in a classic
fear-of-missing-out moment with
technology. One in every third CIO is
either implementing an AI-powered
digital initiative or leading the digital
transformation initiative in the organization.
According to recent Skill
Survey, CIOs will hire skills in BI &
Analytics, security, cloud, infrastructure,
networking, vertical-specific
skills, enterprise architecture, business
consulting, among others.
Today's business expect CIOs and
their IT organizations to develop digital technology and
business skills such as design thinking, data sciences, usercentric
design and exposure to new technologies, such as
IoT, Machine Learning, Big Data, and Blockchain, to drive
transformation and sustain long-term benefits.
Traditionally, CIOs have hired IT consultants, contrac-
Vertical-specific
skills
10%
Which specific skills will CIOs hire in 2018?
Cloud/Infrastructure/
Networking
17%
Enterprise
Architecture
17%
Business
Analyst
17%
BI & Analytics
17%
Security
48%
Which leadership/business skills are CIOs planning
to hone in 2018?
3% 3%
Marketing
Vendor
Mgmt
14%
Financial
Mgmt
21%
Team
Mgmt
59%
Business
Transformation
January 2018 | CIO&LEADER
17

Cover Story
Which tech skills are you planning to develop in 2018?
10%
IT
Security
26%
Cloud
Services
33%
Big
Data
64%
Digital
Technologies
Which skill is more important to develop in 2018?
“Every CIO is
probably in the
middle of a classic
fear-of-missingout
moment with
technology”
7%
Leadership
27%
Technology
66%
All of the
above
What is the level of difficulty you face/have faced in
hiring skills for IT?
7%
Easy
27%
Medium
45%
Hard
14%
Very Hard
7%
None of
the above
Source: Skills survey 2018
tors and outsourcing services to meet this challenge. But we
all know the reality of the modern world that this solution
is far from sustainable, and is definitely expensive (even if
companies can afford to spend on it) in the long run. Developing
and retaining IT talent is a critical issue that organizations
are already facing or likely to face in the future. CIOs
find themselves tacking this problem head first. The other
not-so-immediate solution is for CIOs to focus on reskilling
and upskilling their workforce. This is definitely not an
option, but is a necessity of modern times.
Some of the leading CIOs in the industry are already
advocating a radical new approach. They are identifying
and incubating small technology start-ups within their own
organizations. This way they are able to add new skills,
capabilities and competencies to their teams and stay not
only relevant to their organizations, and win from within.
As they cultivate new skills, CIOs are not leaving any
stone unturned to develop their own leadership and technology
skills. CIOs today want to be in the know and get
their hands dirty as new technologies get deployed within
their organizations. In the survey, 65% of CIOs said that
they want to develop skills in digital technologies namely
IoT, artificial intelligence, and robotics, closely followed by
big data (35%), cloud services (36%) and IT security (10%).
Similarly, business transformation continues to be a top priority
for CIOs.
In order to dig deeper, we probed 10 leading Indian CIOs
to tell us how they are finding top talent– and how they are
planning to hone their leadership and technology skills and
develop new competencies in 2018. Here's what they said:
18 CIO&LEADER | January 2018

Cover Story
Alok Khanna
Executive Director –
Information Systems
Indian Oil Corporation
Limited
Skill I Plan To Hire in 2018
At Indian Oil, a number of digital transformation projects are already
under way. We are taking another step towards procuring a dealer
management plus CRM system. There are primarily four areas where
we plan to hire digital skills, namely big data and analytics, machine
learning, IoT and chatbots. Artificial intelligence is an important area of
investment for us. Last year, we deployed a chatbot as a downloadable
application to serve as a digital assistant to all our delegates at a global
conference. This year, we will also be focused on hiring predictive analytics
and big data skills to drive positive business outcomes through
actionable insights. Cyber security is an area where skills are hard to come by, and
therefore our focus will be to deploy a service model supported on cloud or an onpremises
model managed by experts.
Alok wants
to focus on
developing big
data analytics
and cybersecurity
skills in 2018
Skill I Plan To Hone in 2018
Considering there are a number of digital initiatives underway at IOCL, my main
focus is to deliver them in a timely manner. Nevertheless, I am planning to hone
my skills in mainly two areas namely big data & analytics and cyber security; the
latter, I believe will come handy in probing complex and ever-evolving ransomware
and IoT-related threats -- and thus, help me in identifying future threats and finding
staff that can mitigate those risks.
Ashok wants to
focus on adopting
and promting
a culture of
collective
leadership in
2018
Skill I Plan To Hire in 2018
No business has been left untouched by the impact of technology.
The Paints industry is undergoing a transformation. Therefore,
in 2018, we will be hiring innovative skill set in artificial intelligence
and social media for better reach to our consumers and
mobility for helping us bring together all functions and complex
processes.
Skill I Plan To Develop in 2018
In 2018, I will focus on adopting and promoting the culture of
collective leadership. What it means is accepting the fact that no
one is the master of everything, and we need to create more and
more leaders in various IT sub-domains. CIOs need to break classical
reporting structures, form a pool of expertise using multiple
sources for innovation and distribute leadership role across business
and technology. I will pay more attention to how business
functions impact business performance and how technology can
help. I will personally focus on learning more about blockchain
and how it can be used in our business and industry. There will be
an additional focus on understanding more about AI and Machine
Learning which is the future.
Ashok Jade
CIO
Shalimar Paints
January 2018 | CIO&LEADER
19

Cover Story
Skill I Plan To Hire in 2018
2018 is the year of mobility and analytics. IoT will also be a
prime area of focus. Therefore, we will focused on hiring talent
in these digital technologies. Cloud computing is set to continue
on its high-velocity path as business shifts from legacy to
cloud-based systems. We are also in the process of adopting
digital business strategies. Additionally, I believe that the selection
of the right partner is extremely important if you choose an
outsourced model. It is because you're outsourcing your business,
and therefore, it is a critical part of the CIO's job today.
Farhan Khan
Head-IT
Radico Khaitan
Farhan's focus
will be on
hiring mobility,
analytics and
IoT talent
Skills I Plan To Develop in 2018
The changing technology dynamics warrant a new set of skills
for a CIO. I believe that I wish to continue to develop my understanding
of IT infrastructure and enterprise architecture. The
CIO will have to showcase an intuitive understanding of finance,
marketing, operations, HR as well as other functions. Additionally,
I will also be looking at developing skills in business process
reengineering, project management, and strategic planning.
I believe that leading through that change is probably the
most critical skill a CIO can possess.
Glory Nelson
Senior Vice President-IT
Spice Jet
Skill I Plan To Hire in 2018
In 2018, we will be focused on delivering an outstanding customer experience.
However, getting UX skills is extremely hard. In order to do that,
I will be hiring UX architects who play a critical role in understanding
what the user expects from a product. A good UX specialist has a strong
knowledge code, and should be well-versed in creating strategic plans
that will help us improve overall customer experience.
I will also be investing in hiring business consultants who are well-versed
in business and technology. The other key area of skills investment will
be broadly in Robotics Process Automation (RPA). As individual technology
skills are very hard to find, we leverage partners who can provide advanced
analytical and business intelligence skills in the RPA domain to eliminate a number
of mundane and repetitive tasks.
Skill I Plan To Develop in 2018
Data science is a field that has constantly piqued my interest. Mining large
amounts of structured and unstructured data to identify patterns can help an
organization rein in costs, increase efficiencies, recognize new market opportunities
and increase an organization's competitive advantage. I will also be seeking
certifications in developing UX skills and RPA. The idea is to gain knowledge
as we advance our deployments in these technologies.
Developing
know-how in
robotics, data
science and UX
will be Glory's
main focus in
2018
20 CIO&LEADER | January 2018

Cover Story
Jaspreet Bindra
Senior Vice President –
Digital Transformation,
Mahindra Group
Skills I Plan To Hire in 2018
In 2018, my main focus will be to develop hard skills in digital
technologies and not just legacy tech. I will work with my
team to develop use cases that will help them implement
digital initiatives with ease. I will also look for people with
entrepreneurial experience and those who have exposure to
new technologies such as Internet of Things (IoT), Machine
Learning, Big Data, and Blockchain. Not only that, I will also
look for people with soft skills such as design thinking, agile
way of working, tolerance for failure, risk taking, storytelling
and change management.
Skills I Plan To Develop in 2018
The current times call for leaders to constantly learn something
new. Whether it is for creating new business models or
great customer experiences, leaders today must know how to
make effective use of digital technologies available to them
and foster innovation. We have used blockchain— one of the
newest technologies—in our financial services sector. In 2018,
my focus will be to develop design thinking capabilities, hone
coaching, and coding skills.
Jaspreet's
main focus will
be to develop
design thinking
capabilities in
2018
Kamal's focus will
be on completing
his research on
Flexibility in IT
systems from IIT,
Delhi
Skill I Plan To Hire in 2018
When it comes to hiring in 2018, our focus at RJ Corp will be to hire people
who have worked in AI, machine learning and IoT skills. Our aim is to hire
emerging talent for a number of ongoing digital projects in the organization.
However, skill gap being one of the biggest obstacles of digital India,
good skills are difficult to find. To tackle this issue, we are incubating startups
or working with them to recruit fresh talent for our various digital projects.
We are also hiring entry level professional from top engineering and
management schools.
Skill I Plan To Develop in 2018
CIOs must upgrade their skills every year. They must keep an eye on the
latest digital technologies in the market. CIOs must focus on personal skill
development. They must also know how to enable strategic innovation and
disruption in their organization. For instance, I'm pursuing my research in
Flexibility in Information Technology from Indian Institute of Delhi where I
focus on how flexible Information technology systems can become such
that the business can use it to drive flexibility strategically. In retail, flexibility
of IT systems can increase the value of your overall business. As part of
my research, I collected a lot of data and spoke to a lot of organizations. In
a few months, I will be submitting my thesis.
Kamal Karnatak
Group CIO
RJ Corporation
January 2018 | CIO&LEADER
21

Cover Story
In 2018, Priya's
main focus will
be on developing
greater business
understanding
Skills I Plan To Hire in 2018
We are experimenting with a lot of initiatives involving automation,
bots, data, and dashboards. With such a barrage of digital projects
commencing in 2018, there is a huge need to set aside a project governance
plan in place In 2018, I hope to hire a digitally enabled project
manager who understands enterprise IT, understands the new digital
changes, and works with the team to ensure some of the initiatives
are taken to implementation and acceptance by business. Data understanding
will be a big part of all the job profiles that go out this year.
Skills I Plan To Develop in 2018
As I grow to a more strategic role, technology understanding without
business knowledge won’t be of any use or outcome. We need to
concentrate more on business understanding, how technology can
be used in a cost effective way to reduce some pain points of business
starting from reducing cycle times, removing resources from
mundane jobs to data-based decision making to increase profits. In
an ever-changing technology world, everyone has to have basic understanding
of data and some level of analytics. I plan on taking some
courses, reading on this aspect of data, and encourage my managers
to do the same.
Priya Dar
CIO
Godfrey Phillips India
Suresh Kumar
CIO
Grant Thornton
Skills I Plan To Hire in 2018
As we embark on our Digital transformation journey, I will need to
hire resources skilled in digital technologies. We plan to build our
Digital data lake to be more agile and derive real-time business
insights; mine value from unknown and large amount of data;
enable data driven mindset across the organization and harness
the power of big data in a cost effective manner. I will need to hire
skilled resources for Hadoop, Yarn, Tableau and Power BI.
Skill I Plan To Develop in 2018
I would like to hone my leadership skills further. With many millennials
joining the team, it is imperative to change your leadership
style. Instead of ‘managing’ people, one needs to empower people
and lead from the front. I plan to spend time learning about each
of the businesses of the organization in greater detail and ‘partner’
with them to not only provide solutions to meet their requirements
but also help in developing new innovative services. My
focus this year will be to learn digital technologies including Big
Data, AI, Analytics and Robotics and use all possible avenues to
acquire these skills.
In 2018, Suresh
plans to develop
his leadership
style , empower
people, and lead
from the front
22 CIO&LEADER | January 2018

Cover Story
Sunil Mehta
Senior Vice-President
& Area Systems
Director – Central
Asia
JWT
Skill I Plan To Hire in 2018
The shift to a digital economy is creating a talent crisis that is putting
companies’ survival—and CIOs’ own careers—on the line. Today the nature
of the skills that organizations need in IT is changing. Digital business is
being built cloud-first and mobile-first, and is heavily dependent on analytics,
automation and new security models. My main area of focus will be
to create a culture of growth, empowerment, and transparency; and above
all, making sure work is meaningful, challenging, and fun. Additionally, I will
also be focused on sourcing good artificial intelligence skills available in
the market.
Skill I Plan To Develop in 2018
The IT skills gap is an ongoing concern for CIOs, particularly in the search
for cyber security talent. Complex and ever-evolving threats, from the rise
in ransomware to the emergence of billions of BYOD and IoT devices,
mean the risks and staffing needs are always growing and changing Even
though organizations are progressively looking for a modern business
environment, CIOs today are concerned about having a proper security
environment in place owing to the open nature of the Internet and increasing
cyber threats. In 2018, I will focus on developing and honing security
skills to prepare for modern security warfare.
In 2018, Sunil's
focus will be
on developing
cybersecurity
skills
Yateen has
authored a book
titled ' Life of
CXO' - a skill
development
guide for the
future
Skill I Plan To Hire in 2018
Hiring has undergone a transformation in the last three years. In my book, Life of CXO, I
have explained how the skills required for future have replaced the skills of the past. Given
the enormous operational and strategic importance of IT today, CIOs should act as CEO's
IT advisor who understands the business as well as the technology. CIO is no longer
focused on just technical matters: they are integral to company strategy, security
and risk management, and how companies and customers interact. In 2018, I will
look for managerial level skills in core areas such as Strategic mindset, Risk management,
Emotional Intelligence, Vendor management, Smart sourcing and negotiation
skills. I will also look for technical expertise in areas such as Project and
Operations management, Mobile, Web, Omni Channel application development,
Data mining, Data Warehouse and Big data management, Next Gen Data centre
technologies: Converged Infrastructure Rack management, and Cloud.
Yateen Chodnekar
Group CIO
Writer Corporation
Skill I Plan To Develop in 2018
The success or failure of a company is often linked to its highest level executives. Being
the CIO I am at the driver’s seat as a custodian of data and technology decision maker.
Therefore, I am rightly positioned to shape success of a business with use of latest technologies
which can cross physical boundaries and achieve exponential business volumes.
As part of my learning agenda in 2018, I wish to focus on developing strategic, financial
and business orientation, BI and analytics, Blockchain, and Enterprise Architecture.
January 2018 | CIO&LEADER
23

FACE OFF
//HOW IMPORTANT IS A CIO'S VERTICAL SPECIALIZATION?
I have worked in the healthcare sector
for only a decade as compared to my
overall experience of over 20 years or
so, and yet, I have been labelled as a
healthcare CIO despite the fact that I
come from a varied experience in organizations
such as Microsoft (MS) and
manufacturing in GE and Xerox.
However, the market reality is that
CIOs in specific industries such as
Telecom, Healthcare and Banking are
preferred due to their vertical specialization.
It is slowly becoming a norm
in order to reduce the learning and
assimilation cycles. Today, the return
of investment on most IT and digital
projects is less than a year, thus making
it necessary to hire people with
relevant experience.
However, in the organizations that I
have worked in, I have hired IT Infra
folks from retail space to allow cross
pollination of people, ideas and innovation
to flow. However, people in the
core application had to be hired from
the healthcare vertical.
However, it is also true that due to a
tight market situation, it doesn’t allow
people to experiment and hire people
from across industries, which is an
unfortunate market reality.
Quick View
Rajesh Batra, VP-IT,
Kokilaben Dhirubhai Ambani
Hospital, says that CIO's
vertical specialization is
a necessary evil in the
competitive age
RAJESH
BATRA
VP-IT, Kokilaben
Dhirubhai Ambani
Hospital
In my own view, I do NOT agree with
silo mindset of the market. It would
NOT have allowed me to experience
various industries from manufacturing
to cards (my days at American
Express) to software company like
MS and then Healthcare. It not only
gave me a perspective of the industry
but allowed ideas and practises to
flow from one industry to another. For
example, when I joined my previous
organization, healthcare was ripe for
workflow adoption but nobody had
implemented. Despite not possessing
a healthcare background, it took
conviction and courage to implement
the workflow system. My team and I
succeeded in implementing it without
prior experience, and today workflow
management systems are a norm.
However, keeping in mind current
industry norms, I believe that
CIO's vertical specialization is a necessary
evil.
“In certain sectors,
CIOs with vertical
specialization are
preferred. It is
slowly becoming
a norm in order to
reduce the learning
and assimilation
cycles”
24 CIO&LEADER | January 2018

Face Off
SUNIL MEHTA
Senior VP &
Area Systems
Director – Central
Asia – JWT
related implementation is taking place.
Let me give you another example.
Until a few years ago, CIOs were in
charge of enterprise IT, infrastructure
and security. Today because of digital,
if CIOs have not kept themselves relevant,
they will lose their jobs and companies
will hire people who are young
with relevant skills. However, just hiring
a digital expert doesn’t ensure that
he will also be able to perform a CIO's
responsibilities.
“The truth is that
a CIO's overall
experience, and
more specifically
IT experience,
matters more
than his vertical
specialization”
At a CIO level, I do not believe that vertical
specialization is important. Most
CIOs I know in the industry today
have worked across sectors – gaining a
wide-range of domain expertise.
In the past when CIOs were EDP
managers, they were responsible for
driving change with the help of technology.
Today technology has enabled
organizations to drive that change.
At JWT, the IT department has put
the mandate on the finance department
to choose their finance solution.
While the IT department deploys it,
the finance department is empowered
to select the right solution as per
their needs.
Times have changed. Today if a CIO
is in charge of IT transformation globally,
he can lead the transformation in
any industry. The truth is that a CIO's
overall experience matters more than
his/her vertical specialization— which
comes handy only when a domain
Quick View
Sunil Mehta, Senior Vice-
President & Area Systems
Director – Central Asia
– JWT, says that CIOs
primarily should know how
to run IT
The CIO role is transforming into a
digital specialist and he/she doesn't
have to be an expert overnight. However,
he or she should be able to use
the expertise in one area or vertical to
make a difference in the other.
If a CEO can be hired without any
vertical specialization, so can a CIO. So
if a CEO knows how to run the organization,
CIOs know how to run IT,
irrespective of which sector they work
or have worked in.
But at the same time, there are several
CIOs who have evolved, but there
are also those who won't transform,
and will not even want to step out of
their comfort zones.
January 2018 | CIO&LEADER
25

INSIGHT
Artificial
Intelligence Is
Creating Happy
Workplaces
As per Gartner, by 2022, personal devices will know more
about an individual's emotional state than his own family
due to the impact of AI
By CIO&Leader
26 CIO&LEADER | January 2018

Insight
EEmotion artificial intelligence (AI)
systems are becoming so sophisticated
that Gartner predicts that by 2022,
personal devices will know more about
an individual's emotional state than
his/her own family. AI is generating
multiple disruptive forces that are
reshaping the way we interact with
personal technologies.
"Emotion AI systems and affective
computing are allowing everyday
objects to detect, analyze, process and
respond to people's emotional states
and moods to provide better context
and a more personalized experience,"
said Roberta Cozza, research director
at Gartner. "To remain relevant, technology
vendors must integrate AI into
every aspect of their devices, or face
marginalization."
The current wave of emotion AI
systems is being driven by the proliferation
of virtual personal assistants
(VPAs) and other AI-based technology
for conversational systems. As a second
wave emerges, AI technology will
add value to more and more customer
experience scenarios, including educational
software, video games, diagnostic
software, athletic and health performance,
and the autonomous car.
"Prototypes and commercial products
already exist and adding emotional
context by analyzing data points
from facial expressions, voice intonation
and behavioral patterns will
significantly enhance the user experience,"
said Cozza. "Beyond smartphones
and connected home devices,
wearables and connected vehicles will
collect, analyze and process users'
emotional data via computer vision,
audio or sensors capturing behavioral
data to adapt or respond to a user's
wants and needs."
Other personal device predictions
from Gartner include:
By 2021, 10% of wearable
users will have changed
lifestyles, and thereby
extend their life spans by
an average of six months.
As AI emotion systems evolve there is
huge potential for specialized devices,
such as medical wristbands, which can
anticipate life-threatening conditions
and facilitate an early response system.
At the same time special apps are also
being developed for diagnostic and
therapy services that will help to recognize
conditions such as depression
or help children with autism.
"Even a basic wearable device could
have a positive impact on the wearer's
health," said Annette Zimmermann,
research vice president at Gartner. "We
are seeing growing numbers of users
actively changing their behavior for
the better with the adoption of a wearable
device. Not only can this have beneficial
influence on the amount of exercise
they do but there is evidence that
one or two out of 10 smart watch and
fitness band users discover a condition
such as sleep apnea or cardiac arrhythmia
through wearing the device."
By 2020, 60% of personal
technology device vendors
will use third-party AI
cloud services to enhance
functionality and services.
Cloud-based AI technologies are driving
compelling user experiences on
a variety of connected devices. Cloud
offerings from the big tech players,
such as Google, Microsoft, Amazon,
Tencent, Baidu and IBM, are starting
to proliferate due to their attractive
cost model, easy-to-use integration and
potential to create complex services.
A major catalyst for device vendors to
use cloud AI services is the increased
usage of VPAs and natural-language
technologies, while the adoption of
VPA-based, screenless devices such as
Amazon Echo and Google Home is also
on the rise, further increasing usage of
cloud AI services.
"We are starting to see adoption of
these services from high-profile vendors
that are using them to widen their
reach," said Anthony Mullen, research
director at Gartner. "Fitbit uses Alexa
Skills to make user stats and functionality
available through VPA speakers
just as Netflix uses Actions for Google
Assistant to voice control its service.
Ultimately, vendors will compete on
the best user experience and the smartness
of their products, not the technology
behind it."
Through 2022, security
technology combining
machine learning,
biometrics and user
behavior will reduce
passwords to account for
less than 10% of all digital
authentications.
Password-based simple authentication
is becoming less and less effective for
personal devices. Even today's popular
biometric technology — fingerprint
authentication — is only around 75%
successful due to contaminants such as
dirt and sweat.
"Users need more convenient and
accurate options for unlocking their
devices," said CK Lu, research director
at Gartner. "Security technologies that
combine machine learning, biometrics
and user behavior will become necessary
to improve ease of use, self-service
and frictionless authentications.
Within the next five years new security
technology will recognize the user,
prevent fraud and detect automation
threats such as malware, remote access
trojans and malicious bots."
January 2018 | CIO&LEADER
27

Insight
Tech Job Trends In
2018 And Beyond
In-demand IT roles have started to shift towards including
positions focused on advanced technologies, such as AI,
IoT, AR and VR
By Pradipto Chakrabarty
28 CIO&LEADER | January 2018

Insight
The transformation in the world
is happening at a pace which we
have not experienced in the past.
Implementation of new cuttingedge
technology is moving out from
a drawing board stage to being
practised by organizations
TThe transformation in the world of
technology is happening at a pace
which we have not experienced in the
past. Implementation of new cuttingedge
technology is moving out from a
drawing board stage to being practiced
by organizations across the world. As
more and more organizations undertake
the process of digital transformation
to offer tech-enabled products or
services, IT roles and skills is undergoing
radical shifts, something which we
are already observing. This will affect
the tech job scenario as we move into
2018 and beyond.
In-demand IT roles have started
to shift towards including positions
focused on advanced technologies,
such as artificial intelligence (AI), augmented
and virtual reality (AR and
VR), and the Internet of Things (IoT)
along with exciting positions within
cybersecurity, cloud computing, and
network technology.
Through these observations we have
identified the following as some of the
key job roles companies require as
they transform their businesses and
processes for the future:
Cybersecurity Analyst: This individual
will manage risk for organizations
through the use of relevant tools
and techniques to gather vital endpoint
and network host data with the
goal of identifying vulnerabilities.
Network Engineer: This role will
encompass coordinating between
cloud and traditional networking
resources to make a business communicate
efficiently. They will need
to know how to map technical network
elements (e.g., a router, an edge
device, a micro datacenter) to a company’s
business needs.
Vulnerability Assessment Manager:
The role of a penetration tester
has matured. Today’s pen tester does
more than hacking a server or using
fancy security tools. Today’s pen tester
takes a responsible approach and
conducts strong, comprehensive tests
to identify – and correct – unacceptable
risks.
Technical Support Specialist: Gone
are the days when the help desk
professional fixed PCs. The world
needs more tech support specialists
than ever before: today’s tech support
engineer helps manage increasingly
complex issues involving data
management, authentication, and
network troubleshooting.
Machine Learning Engineer:
Machine learning uses sophisticated
programming, such as R and Python
to develop AI machines and systems
that can learn and apply knowledge
to perform tasks. These professionals
will also work with complex datasets
and algorithms to convert machines
to intelligent machines.
Network Analysts: Businesses are
investing more heavily in their networks
as IoT is fast becoming critical
to manufacturing tech-enabled products.
A growing number of “things”
need to be connected in an efficient
way, and that's going to be a major
driver of demand there. Network
analysts in the coming years will
combine their technical skill set with
an understanding of how to apply it
to provide real-time trending information
on network traffic, and what
those insights mean for the business.
Cloud Engineer: Almost all businesses
are mobbing their on-prem
systems to cloud and are choosing
a hybrid approach, with multiple
vendors. In the coming years, cloud
engineers will need to create solutions
which are a mix of multiple
technologies. Gone are the days when
an Amazon engineer only worked
on AWS or Microsoft engineers only
knowing Azure
–The author is Regional Director,
CompTIA India
January 2018 | CIO&LEADER
29

Insight
Consumers Are Ready
To Say Goodbye To
Passwords
Indian consumers overwhelmingly favor use of
biometrics as a faster, easier, and more secure alternative
to passwords
By CIO&Leader
30 CIO&LEADER | January 2018

Insight
VVisa have announced a survey, conducted on Indians
exploring awareness and perceptions of biometric authentication
confirms that consumers continue to have a strong
interest in new biometric technologies that make their lives
easier. New forms of authentication, such as fingerprint,
facial, and voice recognition, can make unlocking accounts
and payments much easier and more convenient than traditional
passwords or PINs - which are difficult to type onto
tiny keyboards, easy to forget, and can be stolen.
“The payments ecosystem is witnessing a rapid change
in adoption of new form factors of payments and modes of
authentication. For financial institutions, the time has never
been better to integrate biometric technology into banking
apps and payments experiences for customers,” said TR
Ramachandran, Group Country Manager, Visa, India &
81% of consumers
sweepingly perceive that
biometrics are faster
than passwords
South Asia. “We are excited with the increased popularity
of biometrics across Indian consumers. Today smartphones
have advanced features increasing the accuracy and speed of
biometrics, such that they can be used for financial transactions.
Indian consumers too have discovered the ease of biometric
authentication and are open to using this technology
for transactions going forward, which augurs well for the
Indian payments industry.”
Authentication Survey Findings
According to the Visa study conducted of 500 Indians by
AYTM Market Research, 99% are personally interested in
using at least one biometric method to verify their identity,
and 99% are interested in using at least one biometric
method to make payments. Higher income consumers are
more interested than lower income consumers in facial
recognition. Younger consumers (36 and under) are more
interested than older consumers in vein pattern recognition.
Findings from the survey illustrate consumers’ desire to see
the implementation of biometric tools in payment authentication
processes.
Highlights from the survey include:
Consumers were most familiar with fingerprint recognition,
with 32% having used it once or twice and another
63% using it regularly. By comparison, about 48% have
used voice recognition in the past and 26% use it regularly.
The top benefits associated with using biometric authentication
for payments are the perception that it is more secure
than passwords/PINs (48%) and that it gives consumers
peace of mind that their payment is protected (46%).
Indian consumers overwhelmingly perceive that biometrics
are faster (81%) and easier (84%) than passwords.
51% are concerned both about the risk of a security breach
of sensitive biometric information.
To help financial institutions and merchants more quickly
adopt emerging biometric authentication solutions, the
Visa ID Intelligence platform provides a curated selection of
leading third-party authentication technologies. Visa clients
can create, test and adopt new authentication solutions with
simple integrations using Visa APIs and SDKs
January 2018 | CIO&LEADER
31

Insight
When Cloud Gives
You Wings
As per Synergy Research Group, cloud services and infra
market revenues reached USD 180 billion, a growth of
24% annually
By CIO&Leader
32 CIO&LEADER | January 2018

Insight
In 2016, cloud started
dominating many IT
market segments; In 2017,
cloud was the new normal
technologies, such as
artificial intelligence (AI),
augmented and virtual
reality (AR and VR)
NNew data from Synergy Research
Group shows that across six key cloud
services and infrastructure market segments,
operator and vendor revenues
for the four quarters ending September
2017 reached USD 180 billion, having
grown by 24% on an annualized basis.
IaaS & PaaS services had the highest
growth rate at 47%, followed by enterprise
SaaS at 31% and hosted private
cloud infrastructure services at 30%.
2016 was notable as the year in which
spend on cloud services overtook
spend on hardware and software used
to build public and private clouds, and
in 2017 the gap widened. In aggregate
cloud service markets are now growing
over three times more quickly than
cloud infrastructure hardware and
software. Companies that featured
the most prominently among the 2017
market segment leaders were Amazon/
AWS, Microsoft, IBM, Salesforce, Dell
EMC, HPE and Cisco.
Over the period Q4 2016 to Q3 2017,
total spend on hardware and software
to build cloud infrastructure
approached USD 80 billion, split evenly
between public and private clouds,
though spend on public cloud is
growing more rapidly. Infrastructure
investments by cloud service providers
helped them to generate over USD 100
billion in revenues from cloud infra-
Cloud
Infrastructure
Services
Other
Cloud
Services
Infrastructure
Hardware &
Software
Cloud Market Growth & Segment Leaders - 2017
Iaas &
Paas
Hosted
Private
Cloud
Enterprise
Saas
UCaas
Public
Cloud
Private
Cloud
Dell EMC
HPE
Cisco
Dell EMC
RingCentral
Mitel
IBM
Rackspace
Microsoft
Saleforce
Amazon
Microsoft
0% 10% 20% 30% 40% 50%
Annualized Revenue Growth - Q3 2017
Source: Synergy Research Group
structure services (IaaS, PaaS, hosted
private cloud services) and enterprise
SaaS – in addition to which that cloud
provider infrastructure supports
internet services, such as search, social
networking, email, e-commerce and
gaming. Meanwhile, UCaaS, while in
many ways a different type of market,
is also growing strongly and is driving
some radical changes in business communications.
“We tagged 2015 as the year when
cloud became mainstream and 2016 as
the year when cloud started to dominate
many IT market segments. In
2017, cloud was the new normal,” said
John Dinsdale, a Chief Analyst and
Research Director at Synergy Research
Group. “Major barriers to cloud adoption
are now almost a thing of the past,
with previously perceived weaknesses
such as security now often seen as
strengths. Cloud technologies are now
generating massive revenues for cloud
service providers and technology
vendors and we forecast that current
market growth rates will decline only
slowly over the next five years.”
January 2018 | CIO&LEADER
33

SECURITY
Web Application
Security In
A Digitally
Connected World
According to a survey, 68% of organizations admit low
confidence in information security posture
By Nikhil Taneja
34 CIO&LEADER | January 2018

Security
GGlobal organizations stand on a cybersecurity
precipice. Emerging technologies,
such as Blockchain, Artificial
Intelligence (AI) and Internet of Things
(IoT), along with the explosive volume
of mobile, Web and cloud apps creates
uncharted, highly lucrative pathways
to revenue generation, optimized productivity
and enhanced brand value.
At the same time, the speed and sophistication
inherent in these technological
advances exposes application vulnerabilities,
security risks and skills deficiencies.
These compromise sensitive
company and customer data, devalue
the brand, and severely impact financial
performance.
The conundrum for any organization
is how to take the leap towards
these new technologies that help
breakdown barriers to consumer
engagement and deliver substantial
economic reward while successfully
protecting corporate assets, Intellectual
Property (IP), and personal customer
information.
It is important to uncover other
aspects such as the challenges these
new technologies and rapid-fire application
deployments present, ascertain
how organizations in different
industries identified application-layer
and API vulnerabilities, measure the
impact that bots have on organizations,
how companies combat applicationlayer
attacks (like those listed in the
OWASP Top 10) and construct a security
roadmap for today and tomorrow.
Also, vital to understand how the
exponential number of security breaches
against the application layer (such as
the recent Equifax attack) would alter
the financial and operational actions
these companies would take.
Based on a survey conducted with
over 600 Chief Information Security
Officers (CISOs) and other security
leaders across six continents, the following
key findings came forth:
68% of organizations admit low
confidence in information security
posture
Organizations often leave sensitive
data under-protected. 45% report
they suffered a data breach while
52% do not inspect traffic being
transferred to and from APIs. 56%
do not have the ability to track data
once it leaves the company.
Bot traffic represents more than half
(52%) the amount of Internet traffic,
exceeding 75% of the total traffic
among some organizations. 49% of
all bot traffic is bad bots, yet 33% of
organizations cannot distinguish
between good and bad bots.
API security is often overlooked.
While 60% both share and consume
data via APIs, including personally
identifiable information, usernames/
passwords, payment details, medical
records, ., 52% don’t inspect the data
that is being transferred via APIs
and 51% don’t perform any security
audits or analyze API vulnerabilities
prior to integration.
Application-layer DDoS is a greater
fear than network-level DDoS
assaults. Only 33% feel confident
they can mitigate application-layer
attacks compared to 50% that feel
confident they can protect agains
tnetwork-layer DDoS attacks.
Seven out of ten businesses (72%)
are not fully aware of the frequent
change made to in-house applications
and APIs within their organizations’
software development environment
40% of respondents claim their
organization updates applications at
least once per week, posing a great
challenge for organizations
Everyone wants the speed and agility
that continuous delivery provides
but few feel they can achieve
it securely. Half (49%) currently use
the continuous delivery of application
services and another 21% plan
to adopt it within the next 12-24
months. However, 62% reckon it
increases the attack surface and
approximately half say that they
don’t integrate security into their
continuous delivery process.
Less than a year prior to the due date
(May 2018) for General Data Protection
Regulations (GDPR) compliance,
68% of organizations are not
confident they will be ready to meet
these requirements in time
#1 Conundrum: The
Confidence Crisis:
Protecting Applications
Against Data Theft and
Bot Attacks
As the rate and number of new technologies
materialize at an accelerated
pace, many security professionals
face the unprecedented challenge of
mitigating a wide swath of threats and
attacks that often are by-products of
the evolving IT landscape. Existing
security strategies, plans and measures
may not measure up to quickly
developed malware, floods and other
threats. The result is a “crisis ofconfidence”
that can overwhelm skills,
deplete budget and resources, chip
away at brand equity and fracture customer/partner
relationships.
Take the recent Equifax breach,
which exposed over 145 million individuals
and their personal information
because of a Web application
vulnerability. While there may have
been governance and accountability
plans in place, there may have been
other actions, such as a Web Application
Firewall (WAF), which could
have mitigated such a massive attack
had it been updated properly against
known vulnerabilities. A simple question
may have been: did the company
have the confidence they could protect
against a probability of attack or was
false confidence in the “impossibility”
of such an attack their strategic
approach.
January 2018 | CIO&LEADER
35

Security
The growing prevalence of attacks is
a known fact; thus, the more alarming
finding is the uncertainty within these
companies that they could even detect,
prevent or contain these attacks,
especially when it comes to emerging
threats such as Layer 7 DDoS
attacks. Research shows that 64% of
financial services institutions, 62% of
healthcare organizations and 58% of
retailers acknowledge the difficulty in
mitigating Layer 7 DDoS attacks.
Bot Attacks
Automated attack programs, such as
‘bad’ bots, are the main force behind
the majority of the attack landscape
today. In fact, bots conduct more than
half of all Internet traffic flow. For some
organizations, bots represent more
than 75% of their total traffic. This is
a significant finding considering only
one in three (33%) organizations cannot
distinguish between good bots and bad
ones. Good bots serve critical functions,
such as price aggregators to customer
service chatbots and search engine
spiders. However, for every good bot
in the world, there is a bad bot wreaking
havoc. Bots make traditional attack
vectors more effective, faster and larger
than anything humans can accomplish
on their own.
1 in 3 organizations cannot
distinguish between good bots and
bad ones
#2 Conundrum:
Continuous Delivery
Security Challenge
Organizations are looking for ways to
optimize the deployment of application
services. Many try to fully automate
the cycle of application development,
QA, testing, modifying and deploying
in staging, and the production environment
in what is known as continuous
delivery. A successful continuous
delivery implementation can yield a
competitive edge and save operational
expenses. For some of the more dynamic
application services, the fast pace is
critical as they are required to deploy
multiple versions into production per
day. The challenge, on the other hand,
is to ensure accurate application security
throughout the process, as almost
two-thirds (62%) believe it increases
the attack surface. Continuous delivery
is high priority for many organizations
with half of respondents currently
using this approach and another
20% planning to do so within the
next two years.
Research indicated that security executives
and other experts understand
the impact continuous delivery is having
on their organizations. While 62%
believe continuous delivery increases
the attack surface, risks and vulnerabilities,
only 25% are confident that
security is integrated with continuous
delivery of in-house, Web or cloud.
#3 Conundrum: GDPR
Preparedness Effect
Organizations around the world that
do business in or with the European
Union (EU) will soon need to meet
stricter data privacy laws with the
GDPR taking effect in May, 2018.
Any organization that offers goods
or services to EU residents, monitors
personal behavior or processes or
handles personal data of EU residents
will be impacted by this law. Those
who do abide by the regulation will be
subject to hefty fines. This is a particular
challenge for large multi-national
corporations that do business in the
EU as well as companies that may be
headquartered there.
It is advised that whatever WAF
solution an organization is evaluating,
it covers critical security solution fundamentals
- complete OWASP Top 10
vulnerabilities, effective API security,
HTTP DDoS mitigation. By evaluating
existing security processes, systems
and security tools, and implementing
application security solutions and
practices that augment and enhance
these capabilities, organizations will
build the foundation for an application-secure
infrastructure
—The author is Managing Director -
India, SAARC & Middle East, Radware
36 CIO&LEADER | January 2018

BANKING
Farm All The Way To
The Bank
Adequate and timely access to agricultural credit plays a crucial
role in improving farm production and productivity and thereby
livelihood of the farmers
By MS Rama Rao
38 CIO&LEADER | January 2018

Banking
AAdequate and timely access to agricultural
credit plays a crucial role in
improving farm production and productivity
and thereby the livelihood of
farmers. Nearly 80% of our agriculturists
are small and marginal farmers,
heavily dependent on credit for carrying
on their seasonal agricultural
operations. The over hundred year old
Cooperative Credit System (CCS) in the
country has been a major provider of
agricultural credit, mainly short-term
loans for raising crops, serving an
estimated 50% of all farmers served by
institutional credit agencies, with over
75% of the its credit disbursal being for
small and marginal farmers.
The rural cooperative banking system
in our country is well over a century
old, having taken birth in around
the first decade of the 20th century
during the British period. Although
the system was intended to be shaped
along the lines of the Raiffiesen Cooperatives
in Germany, as autonomous
self-reliant institutions, over time it
took shape as a government supported
mechanism for providing credit to
the farmers in the rural areas.
Over the decades and right into
the early 90’s, the cooperative credit
and banking system shored up as the
mainstay for providing credit to the
agriculturists, with the Reserve Bank
of India right from its own inception
detailing a policy of productionoriented
systems of lending for agriculture
and providing concessional
refinance to the cooperative banks,
towards supplementing their resources
in meeting the credit requirement of
agriculturists in the rural areas.
The rural cooperative credit mechanism
in India essentially comprises
two parallel structures viz. the three
tier short-term credit structure for
dispensation of short- and mediumterm
credit for crop production and
agriculture allied activities; and the
long-term credit structure for providing
long-term credit for investments
in agriculture e.g., land development,
farm mechanization, horticulture, etc.
These institutions have been supported
both by way of policy and refinance
supported for a considerable time
by the RBI and later by the ARDC
and NABARD.
The short-term credit and banking
structure in most states comprises State
Cooperative Banks (St.CB), District
Central Cooperative Banks (DCCB/
CCB) at the District level, and Primary
Agricultural Credit Societies (PACS) at
the village level. Some smaller states /
UTs have only State Cooperative Banks
and PACS. The State and District level
institutions which are part of the shortterm
credit structure are recognized as
banks by the RBI and carry out various
banking activities in addition to
providing agricultural credit through
the PACS at the grassroots level. However,
the PACS which are actually the
last mile connect to the farmer, are not
recognized as banking institutions.
They are,however, exempted from the
provisions of the Banking Regulations
Nearly 80% of our
agriculturists are
small and marginal
farmers, heavily
dependent on credit
for carrying out their
seasonal agricultural
operations
Act, giving leeway for them to undertake
banking activities. Many PACS
undertake basic banking services for
members along with credit and various
other functions, such as input distribution,
running consumer stores, warehousing,
procurement & marketing,
Public Distribution System (PDS), etc.
The foray of commercial banks into
agricultural credit post nationalization,
setting up of RRBs, adoption
of the multi-agency approach and
directed credit programmes, saw
in their wake the fall in the share of
amount disbursed by rural cooperative
banks for agricultural credit. In
the euphoria of expanding credit supply
by commercial banks, the need
to shore up these institutions that up
until then had played a major role and
are geographically positioned for a
better outreach, had been lost sight
of. Central regulatory and financing
agencies are observed to have maintained
an arm’s length in this regard.
Notwithstanding this, the short-term
cooperative credit and banking system
continues as a potent instrument in
meeting the credit and related needs of
the farmers. Around 5.5 crore farmers,
mostly small and marginal farmers,
continue to be dependent on the PACS
supported by DCCBs, numbering 380
with around 14000 branches and 32
state coop banks for their agricultural
loans. There are around one lakh
PACS spread across the rural areas
of the country, with over two-third of
them being operationally viable.
However, the grassroots level operations
of this century old structure
continue to be driven by outdated
manual systems and processes, standing
in the way of timely and adequate
provision of credit to the farmers. As
the PACS are not considered a part of
the banking and payments system,
the benefits of technology and digital
payments environment is as yet to be
positioned for ensuring timely and
hassle free credit to their members.
Given the vast geographic outreach
of the Cooperative Credit Structure,
January 2018 | CIO&LEADER
39

Banking
The ideal tech solution must facilitate
Rupay card based ops through ATMs
there is urgency in mainstreaming
the PACS into the emerging technobanking
digital environment in a big
way towards providing agricultural
credit, other loans, agricultural inputs,
basic banking facilities, procurement,
warehousing and marketing and a
host of other services. In the context of
renewed signals of distress from farmers
across various parts of the country,
it is imperative to rejuvenate PACS
through technology and provide them
the interface to the mainstream banking
environment and enable digital
banking and payments related services
at their end, so that their outreach
can be fully harnessed in meeting the
various needs of the farmers.
The ideal technology solution must
facilitate Rupay Card based operations
through ATMs and micro-ATMs
on KCC Accounts by farmer members
on their accounts with the PACS, in
tune with RBI/NABARD guidelines.
The technology solution needs to be
a cost-effective centralized solution
with extensive parameterization to
support the local usage and custom;
be easy to use by grassroots level
staff, preferably being picture/icon
driven and having online help facility
as well as being available in local
languages. It should be expected to
cover the entire functionality of all
types of agricultural credit, covering
short, medium- and long-term loans
in a wide spectrum of parameterized
options of loan products, origination
and sanction systems-covering
processes that span across different
tiers of the credit system; cover different
reporting system requirements to
district level, state level, NABARD and
GOI levels; handle various national
and state level schemes, such as crop
insurance ,interest subsidy and subvention,
etc. The coverage of solution
should include basic banking like
savings bank, term deposits, recurring
deposits, pigmy deposits, different
types of non-agri. loans, personal
loans, consumer loans, gold loans,
etc. which PACS do. It should handle
under the automated environment,
various other functions handled by
PACS, such as seed, fertilizer and
other inputs supply, consumer stores,
PDS, outlets for other items of business,
as also warehousing, procurement
and marketing, etc. On positioning
such solution, online access to
ground level information is expected
to enhance inputs for policy formulation
and facilitate timely monitoring
of the progress of various schemes.
The state of Odisha, in which the
cooperative banks have a share of
around 65% in agricultural credit,
has been the early mover and taken
the lead in adoption of technology in
all the three tiers of the cooperative
credit structure from the state level to
village levels on the above lines. The
implementation, currently in the final
stages, provides Rupay Kisan cardbased
operations to the farmers across
the state. The adoption of technology
in the cooperative credit system has
also facilitated direct benefit transfer
of money into farmers’ accounts of
proceeds of paddy procurement made
by state agencies running into several
thousands of crores.
Such technology led transformation
of this important segment of our
rural eco-system across the country
is expected to go a long way to help in
mitigating the problems of our farmers.
It is in recognition of this imperative
that the GOI in the Union Budget
for 2017-18 has made its policy and
financial commitment towards computerisation
of all viable PACS in the
country over a span of three years. It
expected that technology adoption on
the lines adopted by Odisha state will
find favor for replication across the
country for the benefit of a huge segment
of farmers in our country comprising
mostly small and marginal
holders who are wedded to the cooperative
banks for their credit and other
needs. This would further the cause of
financial inclusion of the excluded and
marginalized segments of the rural
population in a big way
—The author is Chief Product Officer,
VSoft Technologies
40 CIO&LEADER | January 2018