Unifying Security Tools for Complying With the DPDP Act
Kotak Mahindra Bank's Abhijit Chakravarty on Consolidating Security With ComplianceAs Indian banks prepare to comply with the upcoming DPDP Act, robust security management has become imperative. Abhijit Chakravarty, executive vice president of networks and cyber security at Kotak Mahindra Bank, said that while banks have traditionally adhered to PCI DSS standards, the DPDP Act now demands a unified, proactive approach to security and data management.
"Traditionally, banks have been strong on data encryption and masking, but the DPDP Act requires a more holistic approach that integrates these functions into an interconnected, real-time security architecture," Chakravarty said. With the act enforcing stricter data protection guidelines, Indian banks are re-evaluating their security strategies to ensure compliance without compromising operational efficiency.
Most leading Indian banks use 30 to 42 distinct security tools to address diverse technology needs. Yet, Chakravarty believes the challenge lies in integrating these tools to derive actionable insights - a framework he calls TRIC: Threat, Risk, Impact and Criticality. Implementing this framework requires an interconnected system where alerts and events are actively monitored, triaged and converted into intelligence.
To comply with the DPDP Act, banks must enhance visibility and risk assessment for strategic threat response. "When a common vulnerability and exposures [incident] is identified, rushing to fix it may not always be effective. The impact on our specific environment must be evaluated to prioritize response actions accurately," he said.
In this video interview with Information Security Media Group, Chakravarty also discussed:
- Mapping evolving compliance and regulatory requirements in banks;
- The critical role of API security in bank partnerships with external platforms;
- The importance of data security posture management, data loss prevention and digital rights management under the DPDP Act.
Chakravarty has more than 25 years of experience across the networking, security, telecommunications and banking sectors. At Kotak Mahindra Bank, he leads secure connectivity initiatives, ensuring safe connections for the bank's branches, offices, cloud services and internet operations.