In an exclusive interview with Datatechvibe, Sanjay Macwan, Chief Information Security Officer at Vonage, talks about how Artificial Intelligence (AI) enables flexible, contextually rich communication and the emerging trends shaping information security.
How is Artificial Intelligence transforming the way we communicate?
Technology and the way we communicate is evolving. We are in the midst of a communications revolution, and AI is integral to digital transformation. Customers today expect brands and service providers to communicate with them in the channel — voice, video, messaging — that is most convenient and contextually relevant to them. AI technologies, whether speech-to-text or text-to-speech or deriving context via natural language understanding (NLU), enable flexible, contextually rich communication.
For example, businesses, specifically call centres, are relying on agile, dynamic AI now more than ever — from ensuring business continuity during high call volumes to reducing wait times for frequently asked questions. AI, specifically Vonage’s AI Virtual Assistant, empowers intelligent conversational experiences to make stronger connections with customers at every touchpoint.
In automating responses to address simple tasks, AI technologies transform how businesses engage with their customers across all industries. The time for businesses to accelerate AI-enabled digital transformation is now.
How conniving are the current security attacks? What measures should companies take to safeguard their digital resources?
In today’s hyper-connected world, security threats and attacks have become even more intense and common. For this reason, companies must be committed to putting a variety of safeguards in place and keeping compliance for the protection of their company and customer data. Here are three core principles that are critical to ensuring proper safeguards to any company’s digital resources:
- Security, Privacy, Trust, and Compliance by Design. These fundamentals must permeate everything you do — from products and services for customers to tools and technologies that enable employee productivity — from the get-go. It includes Secure Software Development Lifecycle (SSDLC), where security and privacy are designed into products and engineers are trained on modern secure software development and deployment techniques and user experience account for intuitive security and privacy features. Another critical aspect of this principle is Zero Trust architecture and infrastructure design to protect modern digital environments by leveraging network segmentation and granular role-based access controls to ensure a user-friendly, robust security posture.
- Security Testing, Monitoring, and Response Preparedness. Preparedness has taken on a new meaning this past year and a half, marking the difference between businesses that have survived the pandemic and those that have struggled or even failed. Today, when it comes to security and privacy, preparedness means continuously testing security postures — both through internal and external testing by engaging third party security and compliance assessments as well as engaging leading global security researchers/testers.
- A Security-First Culture. Security is a complex, ever-changing area and requires participation and buy-in from all employees at every level. With this priority in mind, making security accessible — informational resources, runbooks, targeted training for attack vectors such as phishing, secure coding practices — will help any business develop a strong security culture.
What are the top three emerging trends shaping information security?
Security has rapidly evolved from a defensive play to a strategic imperative for all businesses. Adding the events of the last 18 months into the mix has only served to heighten today’s business decision-makers to ensure the security and privacy of their company and customer data.
That being said, the following are the three most important, emerging trends that all security-minded businesses navigating should keep in mind:
- Security and privacy are strategic imperatives and business enablers for all industries and companies and must be invested accordingly. Customers, employees, shareholders, and the governing board all fully expect the highest levels of attention to security and privacy matters.
- Verification of users of services is another critical trend that is accelerating. Meaning, companies also need to ensure users of their services are legitimate and authorised to prevent fraud and abuse of their services and resources. Vonage’s Verify API is one easy way many brands enable user verification and ensure increased trust for their legitimate users and prevent fraud and protect their revenues.
- Advances in technologies such as biometrics, cryptography, and AI-enabled threat detection will help tremendously. It e must be done on strong security basics such as secure design, secure configurations, security monitoring, and response preparedness.
What is your biggest challenge as a CISO? And how are you preparing to counter that with technology and strategy?
One of the biggest challenges that CISOs face is the constant evolution and transformation of how we conduct business.
The way we all work has fundamentally changed. With so many businesses moving to a remote workforce overnight and, now, transitioning to a new hybrid work environment, once centrally located teams are now spread across locations — even across the globe. At the same time, the way customers engage with the brands and the way they want to be served is also fundamentally changing. Customers want to engage with the brands through their chosen communication modes — voice, video, messaging — and expect a seamless transition between these modes.
This new, modern workplace and evolving customer engagement modalities have tremendous advantages for businesses across industries. For example, healthcare providers can provide remote and telehealthcare to those who might not otherwise have access to life-saving services, students can continue their studies and maintain a sense of normalcy under the most challenging of conditions and, for businesses, the talent pool is now limitless with the boundaries of location eliminated when searching for the perfect candidate to fill open positions. Technology has enabled us all to quickly and, primarily, easily transition to this new way of living and working, the results of which have been nothing short of remarkable.
But with these advantages come unique challenges, specifically as it relates to cybersecurity.
However, a security-first approach allows for businesses to be prepared. A security-first system must be embedded in everything the enterprise, including strong end-point security, data leakage protection, a robust multi-factor authentication model, secure web gateway solutions, micro-segmentation and zero-trust network access architecture to guard against threats. It is also critical to further strengthen the security and privacy training of all employees.
As businesses constantly evolve and transition how they remain connected with their stakeholders through various hybrid environments, it is essential that CXOs, CISOs and business decision-makers place an extra emphasis on an overall security-first approach.
What’s your smartest work-related shortcut or productivity hack?
One of the useful productivity hacks I use is to poll team members and colleagues on their intuition check — without overthinking too much — on a scale of 1 to 10 on various matters such as project progress or merits of a given project approach. The team’s collective intuition checks help efficiently adjust the work or seek help early on to deliver the best results.
Which book are you reading?
I just reread one of my all-time favourite books, Seven Brief Lessons on Physics by Carlo Rovelli. This relatively short book (~80 pages) covers lessons such as Einstein’s theory of relativity, cosmos, black holes, quantum mechanics and always brings me to appreciate the marvel of the universe. It is truly a delight to read and reread.