<img height="1" width="1" style="display:none" alt="" src="https://www.facebook.com/tr?id=367542720414923&amp;ev=PageView&amp;noscript=1">


CISO Logo (16)

Exclusive interview with Thavaselvi Munusamy, Information Technology Audit Manager, Hong Leong Group

0628 CISO ASEAN Speakers (1)

1. Tell us a bit about your background and how you ended up in your current role.

I started as a developer in the year 1999. I held various roles and responsibilities in different organizations from small, medium to large corporations over the 20 years. I started from technical and slowly moved towards management roles. I transitioned to IT Security when I was involved in IT Governance, Risk, and Compliance. It started with Risk Management, and eventually, I was given an IT Security manager role in charge of the implementation of ISO27001. I started exploring Cybersecurity and that is how I ended up doing what I do now which is IT Security Audits, Cybersecurity Assessments and developing frameworks and policies.

2. What is the biggest challenge you face within your role today and how are you looking to tackle it?

One of the biggest challenges is the rapidly evolving technologies which have their complexity. We hear new vulnerabilities and new ways of exploitation it keeps changing. Hence, being in the Cybersecurity role requires one to stay vigilant and keep up with the changes as fast as it evolves. One way that I could tackle it is to make sure my knowledge and skill gap is addressed. I make sure I keep myself updated by attending training, reading, and practising.


3. Describe a way that you help your organisation understand the value of cybersecurity?

My role requires me to be able to not only look back (the auditing) but also look ahead (proactive risk approach). Identifying what may go wrong with current practices, where the business could do better and provide an early signal of risk exposures along with ways to mitigate before it causes any damage to the business and bridge the gap between the technicalities and management by translating them into ways that the business could understand better. The organization can see the value when there is clarity which provides a better understanding of the rising threats and cyber risks, along with the detrimental impact it has on them.


4. What do you wish you knew about the success of a cybersecurity journey that you know today?

That Cybersecurity is not siloed or a standalone field. It requires everyone’s participation from all levels; for example; small negligence could lead to large impact incidents and it may start even start from a reason such as lack of awareness.”


5. What strategies do you employ to keep current in a technological environment which is rapidly changing and developing?

By employing a constructive learning strategy. It involves not only upskilling by attending the training programs, webinars, participating in online community and forums but also incorporate what I learn with my own working experiences and applying it in my day to day job.


6. How do you determine what technology to invest in and how can you stay current with all the changes?

Of course, most of it is decided based on organization direction but prioritize based on the need, which is determined by must have or good to have. Because investing in technology also includes having the resources and capabilities to manage it and adapt to the changes that come with it.



Terms & Conditions
The following Terms and Conditions (“Terms”) apply to you or your proxy in relation to your registration for this Corinium Global Intelligence (“Corinium”) offer. The definition of “registration” for purposes of these Terms will include all anyone who completes the above form. By entering your contact details, you agree to these Terms.

Disclosure of your information
You agree that we have the right to share such portions of your personal information as may be appropriate with selected third parties including:
- Business partners
- Suppliers
- Sub-contractors for the performance of any contract we enter into with either them or you.
- Professional organizations involved in the provision of services for the event contracted for, such as, for example Webinar.net.
- Sponsors - we may share your information with event sponsors who may contact you in relation to special offers, products and services related to your role within your company. You may also opt-out at any time by emailing info@coriniumintel.com

Data protection
The personal information shown and/or provided by you will be held in a database. It may be used to keep you up to date with developments in your industry. Sometimes your details may be obtained or made available to third parties for marketing purposes. If you do not with your details to be used for this purpose, please email us at info@coriniumintel.com