Experts speak at the session titled ‘Beyond Compliance: Leveraging ISO 27001 for Integrated Data Security Management’, at The Hindu Tech Summit 2026, in Chennai
| Photo Credit: M. Srinath
Security awareness has to be a continuous activity and is everyone’s responsibility, Maharajan Suriyanarayan, Chief Information Security Officer and Vice-President-IT, Navitas Life Sciences, said in Chennai on Friday (February 13, 2026) at The Hindu Tech Summit 2026. The event is hosted by The Hindu, presented by VIT, and co-presented Sify Technologies.
While speaking at the session titled ‘Beyond Compliance: Leveraging ISO 27001 for Integrated Data Security Management’, he said awareness about security has been created over a period of time by implementing ISO 27001.
Speaking about ways to ensure that security evolves and the steps to be taken to have a security-aware culture within an organisation, he said: “Security awareness has to be created from top to bottom, and there is a need to be aware of customer data and ways to secure them. Different kinds of programs are essential. New threats are coming, and knowledge about such threats needs to be given, from end users to the top management,” he added.
Culture is not a practice but more of a disciplined approach, Ram P., Executive Vice-President and Chief Information Officer, Virtusa Corporation, said. “We have also enabled AI to monitor employee behaviour to see if there are any aberrations,” he added.
Balakumar M.N., Head, IT, Ucal Limited, said there is need to have a continuous assessment of security-related aspects as well. “We should assess, reassess, and document the process in such a way that we know the root causes and learn from it … due to volatile changes, be it business changes, introduction of new policies, or changes within the organisation. It has to be a cycle. Learn, unlearn, and relearn,” he added.
Addressing a question on what differentiates a certified organisation in becoming a secure one, when there is a rapidly evolving threat landscape such as AI, Sivaramakrishnan N., Senior Vice-President, Information Security and Chief Information Security Officer, M2P, said AI has been bringing about rapid changes. “Now, everyone wants to try the Anthropic plugin. Whatever access you give, control the blast radius,” he said. While one can be allowed to dabble with a new plugin, there should be control on how many get access to it, whether it is approved by their head; the nature and sensitivity of the data has to be monitored and it should be a timed activity as well, he added.
Mr. Ram said security is always a balancing act. “We have deployed AI to track major incidents. We simulate them. We don’t wait for an incident to happen. That way, we are protected. It has been a humongous challenge to keep up with [the developments of AI], to understand the AI narrative of the organisation, to upskill ourselves,” he added.
Suresh Vijayaraghavan, CTO, The Hindu, moderated the session.
Published – February 13, 2026 05:45 pm IST
