Cross-Functional Collaboration for Enhanced Cybersecurity: Dilip Panjwani Of LTIMindtree On The Best Practices For Effective Cross-Functional Collaboration

An Interview With David Leichner

Recognize and reward collaboration: There should be a culture of reward for collaborative efforts and setting the right example for others to follow. Celebrate milestones and achievements resulting from cross-functional collaboration to encourage continued efforts. Highlight and applaud innovative idea contributions from across teams, which helps solve a problem or reach a milestone ahead of the target date.

Cybersecurity is a collective endeavor, and implementing effective security measures often requires the cooperation of cross-functional teams. In the face of threats posed by malicious AI, how do product security managers foster this collaborative environment? How do they work together with various teams to build and maintain a secure digital infrastructure for their organization’s products?

In this series, we aim to learn the strategies, practices, and approaches employed by product security managers to foster cross-functional collaboration toward improved security. We’re interested in exploring the dynamics of these collaborations and how they contribute to the overall security posture of an organization. As a part of this series, we had the pleasure of interviewing Dilip Panjwani.

Dilip Panjwani is the Global Head of Cybersecurity Practice and CoE for LTIMindtree, a $4.1B company with 82,000+ associates. Bringing over 20 years of IT experience to his role, Dilip has garnered varied experience in both the IT & IS domain. Prior to the merger, he held the position of Principal Director, Chief Information Security Officer & IT Controller at Larsen & Toubro Infotech. Additionally, Dilip has worked with organizations such as FIS, DBS Bank and Kotak Mahindra Bank. Over his vast experience in the cybersecurity space, he has developed and implemented Information Technology Systems and Information Security controls to improve organizations’ data security and efficiency as a seasoned, hands-on manager. Dilip has a Bachelor’s of Engineering in Electronics and Telecommunications from the University of Mumbai, a Master’s of Science in Electrical Engineering with a major in Communications and Networks from The George Washington University, and a Diploma from the University of Michigan’s Stephen M. Ross School of Business through Larsen & Toubro’s Global Leadership Development Program.

Thank you so much for joining us in this interview series! Before we dig in, our readers would like to get to know you. Can you tell us a bit about how you grew up?

I grew up in the financial hub of India, Mumbai, with a grandfather who loved tinkering and fixing electrical equipment at home. This inspired my keen interest in electronics and led me to complete a Bachelor of Engineering degree in Electronics & Telecommunications. I began my career in the year 2000 as a systems engineer trainee with a small company called Total Solutions. I then went on to pursue an MS program in Electrical Engineering with a major in Communications & Networks from The George Washington University in Washington DC.

Is there a particular story that inspired you to pursue a career in cybersecurity?

I had taken up a master’s degree in Electronics & Telecommunication to gain an advanced education as well as a practical learning experience in the subject. During the two-year program, I had an opportunity to take three elective courses of my choosing as part of my 10-course requirement. That is when I picked up electives in Network Security and Internet Security. In addition to conceptual learning on network and internet security spanning across the OSI layers, technology risks and controls, I got to learn about a hacker’s perspective and why IT security (cybersecurity wasn’t a commonly used term back then) is crucial. We had intense practical training exercises and assignments using wireless card modules connected to a laptop, with extended range antennas made of a Pringles can. We were taught to communicate using encryption across campus. This made me very excited about how technology was being used for benefits and misuse, and why security was important to the network. Over time we were taught ethical hacking techniques for data interception and analysis.

After my masters, I worked on campus for a year as part of the university’s Classroom Technology Services unit, where I worked on the university’s IT and networking support. This experience helped me learn the design and architecture specifics for large networks. I returned to India in May 2004 and got an opportunity to work with Paladion Networks (now acquired by Atos) as an Associate Security Consultant. Being a smaller company back then, we had a long and intense induction program allowing us to be trained on all information security services and offerings, including vulnerability assessments, penetration testing, application security, configuration review, audit assurance and compliance, security architecture, etc. This laid my foundation in cybersecurity as a career.

Can you share the most interesting story that happened to you since you began this career?

While I was in the U.S. pursuing my master’s program, I used to visit and use certain websites that allowed to send gifts to my parents and relatives in India during various occasions. At the time, I was not aware of ethical hacking concepts and how risky or safe the websites were.

When I returned to India and began learning ethical hacking skills as part of my job, I felt the urge to assess the previously used sites for such transactions and to my shock, I was able to execute very basic SQL injections to extract the entire database of client transactions, which included login credentials, name, address, transaction details and card details all in plain text. I saw my personal details, transaction and card details in this data dump. Fortunately for me, that card did not have any unauthorized transactions while I was in the U.S. and now that I was back in India with that card deactivated and that site account closed, I was not worried about card misuse anymore. But this was an eye-opener for me on how little companies knew about the importance of security hygiene and controls. This is when my resolve to pursue cybersecurity (then information security) as a career became strong.

Which three-character traits do you think were most instrumental to your success? Can you please share a story or example for each?

Perseverance with discipline: During the COVID-19 pandemic, we observed a spike in cyber-attacks globally. As a CISO, I had a dual challenge of keeping my systems secured while also managing a sudden shift of thousands of employees working remotely. This had to happen in record time with no compromise on security posture while keeping in mind that the user and business productivity needed to remain unhampered. I gathered all resources that I could at that point in time, ensured that our networks and assets were secured and ready to combat any attack, in view of the increased susceptibility due to remote working.

The process of frequency-based vulnerability scanning was moved to real time vulnerability assessment by deploying scanning agents in security baseline of endpoints. Subsequent patching cadence was increased and access to the assets and network was reviewed for alignment with zero trust principles against end user and asset posture compliance. This was also checked against which least privilege conditional access policies were implemented on the IDAM tools, along with heightened monitoring rules using AI & ML capabilities and with contextual threat intelligence feeds from TIP and VM scans to keep the organization secured from cyber-attacks. These, along with many other initiatives which could have otherwise taken months to complete, were all being done in days and weeks with extended support from our Data Privacy, IT Infrastructure, and IT Applications teams to support business continuity while keeping our organization secure along with maintaining the trust of hundreds of customers that we work with.

Thinking out of the box: This is an everyday routine. In the cybersecurity space, you always must outsmart the hackers. Hence, you outmanoeuvre your strategies and defense in ways so that your company is not just secure, but eventually reach a state of sustained cyber resiliency. Thinking creatively for custom & novel solutions to address emerging threats while considering the organization’s business and operations is very important to the effectiveness of the controls. It is very important to understand how the organization operates, which is where understanding user behaviors and motivations helps find user friendly security solutions that employees are more likely to adopt and support.

Creating a solution in present with a futuristic view: Technology and digitalization is accelerating at a rapid pace and the kind of transformation that we used to see in decades now take only two or three years. To ensure they are relevant, every solution that my team and I create for the customer is expandable, scalable and ambitious to cater to future demands. In my current role, I take every customer project — big or small — through a consulting approach to map where it stands today, and share a step-by-step evolution journey for the customer to reach a state of Cyber Defense Resiliency; which we also call as the Digital Defense Framework Strategy.

Are you working on any exciting new projects now? How do you think that will help people?

Predictive, Proactive and Integrated Threat Defense via Cyber Defense Resiliency Centre (CDRC): We are working on building predictive, proactive and integrated threat defense. It is based on the following key pillars: risk analytics driven threat prevention, cyber analytics driven threat detection, hunting, deception and intelligence, cyber risk management, and response for faster vulnerability and regulatory compliance powered by security automation and orchestration.

CDRC is an aggregation of threat intelligence composed of threat insights from multiple sources that help in managed threat prevention and detection services, threat investigation and hunting services, threat decoying or deception services (through advanced malware sandboxing) and semi-automated threat remediation services with AI/ML and deep learning driven cyber bots. The services we offer from our CDRC are differentiated from traditional MSSP offerings by way of the advanced threat hunting, orchestration and automated response capabilities using LTIMindtree’s CDRC security platform.

We also have a library of 22,000 ready-to-deploy use-cases mapped to MITRE ATT&CK and rules and queries to uncover adversarial behaviour, making it harder for threat actor to pivot without being noticed. We leverage our playbook library for managing cyberthreats at all stages — preparation, identification, containment, remediation, recovery, and aftermath.

Exploration on using Gen-AI and LLM for cybersecurity use cases: We expect generative AI-enabled cyber threats to multiply in the coming years. Malicious actors use AI prompts and other invasive codes to circumvent security systems and exploit vulnerabilities in AI models, resulting in unauthorised access to sensitive data, intellectual property theft and even misuse of autonomous systems. As barriers to entry are reduced by generative AI, it will become easier to produce and disseminate malware, and even amateur threat actors will use generative AI tools to construct and transmit complex malware. We see generative AI as a source of revenue for MSSPs organisations like ours. It enables us to communicate with new and existing clients to assess their security postures and provide more powerful security solutions and services, including generative AI solutions. We anticipate that this will be one of the most important components of our security offerings, as well as programs. Currently we are working on a few pilot projects on generative AI use in predictive security, threat detection and response, threat hunting, UEBA, data security, threat and vulnerability management and incident response. We intend to employ generative AI-enabled technologies in our security engagements to allow faster threat surface discovery, security posture assessments, incident identification, investigation, resolution, remediation and detection of unknown zero-day threats.

How do emerging technologies like AI and machine learning influence the risk to the cybersecurity landscape?

As much as we use AI and ML to improve the effectiveness of cybersecurity solutions, hackers have been using AI technologies to create new cyber threats and techniques for deception against enterprise controls to execute targeted attacks. For example, Notpetya, an AI-powered malware, shook the world with companies losing billions of dollars. AI is being rapidly used in cyber-attacks with deep fake technologies, the use of chatbots to write malicious codes, phishing emails and large-scale DDoS attacks, all while it is learning and evolving in real-time.

However, with AI-based attacks growing in prominence, we need to ensure that organizations have advanced and contextual control mechanisms, required technologies and adherence to industry best practices and frameworks for minimizing these risks.

How are emerging technologies like AI and machine learning enhancing our capabilities to protect against these risks?

AI has been strengthening the intelligence of cybersecurity for organizations and has seen accelerated adoption with use cases across threat detection, prevention, and monitoring services. AI has been especially contextualizing threat intelligence data towards augmenting risk-prediction capabilities for assisting in proactive threat defence. The speed of detection and response has also become much faster owing to AI, as it supports taking autonomous and preventive actions, sensing risks and unusual behavior patterns, and reporting on threats and anomalies on an absolute real-time basis.

A well-trained, contextual, and intel-led AI can effectively substantiate cybersecurity to be predictive and enable cyber resiliency. Especially this year, we see generative AI take center stage. We anticipate that generative AI will be one of the most important components of our security consulting and implementation offerings, as well as programs that will make inroads into cybersecurity streams such as predictive security, threat detection and response, threat hunting, UEBA, data security, threat, vulnerability management, incident response, and above all, adaptive and real-time user awareness. We intend to employ generative AI-enabled technologies in our security engagements to allow faster threat surface discovery, security posture assessments, incident identification, investigation, resolution, remediation, and detection of unknown zero-day threats.

Could you highlight the types of cyber-attacks that you find most concerning today, and why?

Here are a few of the major trends that will drive cybersecurity needs in enterprises globally,

• Digital Supply Chain Attacks: Digital supply chain attacks are growing in frequency and impact while targeting developers and suppliers. The primary objective of hackers is to exploit source codes and build processes by infecting legitimate apps with malware. Once they discover an opportunity, they take access to critical digital resources and it’s very difficult to detect and mitigate such attacks, as they rely on software that has already been trusted and can be widely distributed.
• Critical Infrastructure Attacks: Critical infrastructure is one of the hot areas where a surge in cyber-attacks was observed recently, as they are interconnected with digital technologies, making them more vulnerable to cyber-attacks. Power grids, communication systems, water supply, transformation systems and financial institutions are at huge risk today. The consequences of a critical infrastructure attack can lead to economic damage, loss of life, national security threat and social unrest.
• Increased sophistication in social engineering attacks — using gen-AI for targeted and realistic communications (eg. wormgpt, fraudgpt, evilgpt): Generative AI is making significant progress while opening a whole new world of possibilities and vulnerabilities. With generative AI’s capability of mimicking human behaviour, language and pattern, it has become an open ground for cybercriminals to use its tools for rampant social engineering attacks such as phishing deep fakes. As these attacks imitate humans, they get more personalized and can imitate images, voice, language, videos, etc. The ability to detect a scam has become tougher. This new generation of attack has lowered some of the traditional barriers to carry out attacks, and machines can be trained to master deception and harp on all possible human and digital vulnerabilities to carry out these attacks.

What exactly is Cross-Functional Collaboration?

Cross-functional collaboration refers to the process of individuals or teams from different departments or areas of expertise within an organization working together towards a common goal. It involves breaking down silos and promoting communication, knowledge sharing and cooperation among various functions such as IT, cybersecurity, finance, marketing, and operation. The objective is to leverage diverse skill sets, perspectives, and insights to achieve better outcomes and solve complex problems effectively. It helps ensure a more holistic and effective approach to cybersecurity, as different teams collaborate to identify vulnerabilities, implement security measures, and respond to threats. For instance, when a cybersecurity incident occurs, cross-functional collaboration involves cybersecurity, IT, legal, communications and management teams working together to quickly assess the situation, contain the threat and communicate with stakeholders, thus executing a coordinated response plan.

Can you share a few reasons why Cross-Functional Collaboration is so critical in today’s cybersecurity threat environment?

Cross-functional collaboration becomes even more critical for cybersecurity due to the complex and evolving nature of cyber threats. Cybersecurity cross-functional collaboration involves bringing together of experts from different areas, be it network security, data security, cloud security, CyberSecOps, application security, identity and access management, governance, and risk management, etc. to develop comprehensive cybersecurity strategies and solutions that address potential risks and protect sensitive data across the entire organization. Similarly, compliance regulations such as CCPA and GDPR require input from legal, compliance and IT teams to ensure that cybersecurity practices align with legal obligations while controls are implemented, keeping business productivity and continuity in mind.

One of the main reasons for cross-functional collaboration in cybersecurity is to maintain a great partnership among team members to share valuable insights, knowledge, and expertise for protecting critical digital assets from cyber threats. By collaborating with different teams, we can identify vulnerabilities, implement robust security measures, and respond quickly. Moreover, it enhances productivity and efficiency driving continuous business growth.

How does a leader effectively create a culture of Cross-Functional Collaboration?

Security is not just a problem of the CISO function alone and can never be successful if managed in silos. Our approach is always to have a great collaboration between the CISO, IT and business functions to strengthen the overall security posture of the organization. We focus our efforts to ensure every business function is sensitized about the cybersecurity concerns, roadmap and any issues that can be jointly addressed. We encourage having cybersecurity sponsors at every functional level, security benchmarking, sharing risk reports and creating a governance structure that includes business leaders along with security leaders.

With a cross-functional collaboration structure, we believe that we can have a direct line of sight across the organization while bringing an integrated vision and future roadmap to cater to the niche domain needs of customers across industries. For instance, when dealing with the problem of vulnerability remediations, it is important to ensure the IT Infrastructure team members who support the mitigation of vulnerabilities via configuration and patch management processes understand the criticality of the vulnerability, prioritize the deployment patches basis asset exposure, and finally ensure the learnings are brought into their configuration and build processes to avoid similar vulnerabilities reflecting in new assets being rolled out.

While training cybersecurity teams, we strongly recommend to our clients to have their cybersecurity experts trained not just on cyber-related technology skills and certifications, but to be well informed about business and domain skills. As these consultants deal with a lot of data, we also ensure that they are provided with a basic overview of analytics skills which helps their outputs be in line with the overall business needs.

Could you share any challenges you’ve encountered in promoting Cross-Functional Collaboration and how you’ve managed to overcome them?

We run a multicultural team spread across the globe in more than 30 countries. Cross-functional collaboration is a way of life, but we do encounter issues such as alignment on a common goal, differences in proprieties, lack of ownership or trust in a few cases, different cultures, resistance to change and new ways of working and communication silos. To overcome these challenges, we adopted an approach with open communications, established shared goals for joint ownership, encouraged knowledge sharing through regular meetings and highlighted the benefits of collaboration for overall security and business success during leadership townhalls. This was possible with early involvement of leadership, providing necessary trainings where needed to ensure required understanding and comfort for non-cybersecurity functions/teams, and recognize and reward collaborative efforts to motivate teams.

Having employees follow the larger purpose and vision of their team and the organization, keeping open communication channels and breaking down of silos are some of the ways that have worked in my experience. However, there are other challenges that teams face on a regular basis, including:

1. Lack of leadership support: Without visible support from the organization’s leadership, collaboration efforts may struggle. One can overcome this by getting a buy-in from the senior management through showcasing the potential ROI and highlighting the positive impact on the organization.
2. Lack of awareness: Not all teams understand the importance of cybersecurity. This can be overcome by conducting awareness sessions, sharing real-world examples and illustrating the potential impact of security breaches along with how and why the program is critical for the organization.
3. Resistance to change: Teams might be resistant to changes in their processes. One can overcome this by involving key stakeholders at an early stage, explaining the rationale behind changes and showing how collaboration improves efficiency.
4. Differing priorities and goals: Various departments may have conflicting priorities. By aligning security objectives with each department’s goals and demonstrating how a collaboration benefits everyone, departments will be more aligned.
5. Competing agendas: Different departments might have conflicting agendas, however, this can be avoided by facilitating open discussions, identifying common objectives and finding ways to integrate agendas for mutual benefit.
6. Communication barriers: Miscommunication or lack of effective communication can hinder collaboration. Instead, teams should use clear and concise language, promote active listening and leverage collaboration tools.
7. Cultural differences: Teams from different departments might have distinct work cultures. Collaboration could prosper if teams foster a culture of respect and understanding, emphasize shared goals and find common ground.
8. Resource constraints: Teams might lack the resources needed to collaborate effectively. Allocating resources strategically, leveraging existing tools and identifying areas where a collaboration can have the greatest impact.
9. Measurement and reporting: Measuring the success of cross-functional collaboration can be challenging. This can be overcome by defining clear metrics, regularly assessing progress, and sharing success stories to demonstrate the value.
10. Lack of accountability: Without clear accountability, collaboration efforts can falter. By assigning roles and responsibilities, setting expectations for participation and recognizing contributions, accountability is more easily understood.
11. Silos: Departments operating in isolation can hinder collaboration. One can overcome this by creating cross-functional teams, encouraging rotation of team members and facilitating regular cross-departmental meetings.

Overall, successful cross-functional collaboration requires patience, persistence and a strategic approach that considers the unique dynamics of your organization.

What are your “5 Best Practices for Effective Cross-Functional Collaboration”?

1. Clearly define goals and objectives: A leader must define the strategy and vision for the company or the business unit by outlining a direction and agreement for each member of the group. This vision should reflect in each team member’s goal, hence providing them with a sense of purpose and ownership to contribute and collaborate. Ensure the goals and objectives are revisited on a periodic basis if any updates are needed considering changes in threat landscape, business strategy, etc.
2. Foster open communication: It is very important to allow participation from all teams and listen to their views, concerns and proposed alternatives. This allows them all to jointly own the success of the program. Choose the right communication channels and tools to ensure that the set objectives are clearly communicated to all the teams involved and their respective members. Periodic progress updates being communicated to various stakeholders and team members are key here, so that everyone understands how we are progressing and what support is needed to move toward the end objective within the suggested timelines.
3. Promote diverse inclusion: Diversity in all forms should be inculcated in the organization’s culture. A diverse team respects each other better, brings more ideas and they approach a problem in various innovative ways. It hugely promotes learning amongst teams. In the cybersecurity space, every region has their own mandate around privacy and security. The same is applicable for HR, legal and the compliance teams for each region in terms of labor laws, data security and privacy regulations, compliance to local laws and client contractual commitments. Our teams learn from each other and help our customers comply to those requirements very effectively.
4. Breaking down the silos: There shouldn’t be silos in communication or collaboration in a cross-functional set up and it is a key responsibility of the leader to identify and fill up these gaps. This could be in the form of communicating shared objectives that align with the goals of various departments involved or cross training to break the understanding gap by encouraging teams to learn about other departments’ functions and challenges, fostering empathy and understanding when putting together the plan for execution. Breaking down silos requires commitment, patience and the active involvement of leaders and employees across departments.
5. Recognize and reward collaboration: There should be a culture of reward for collaborative efforts and setting the right example for others to follow. Celebrate milestones and achievements resulting from cross-functional collaboration to encourage continued efforts. Highlight and applaud innovative idea contributions from across teams, which helps solve a problem or reach a milestone ahead of the target date.

If you could inspire a movement that would bring the most amount of good to the most amount of people, what would that be?

It is very important in today’s times we understand that the human (user) is the weakest link in the cybersecurity chain. For end organizations, it is the consumer of the digital services who are these weakest links; for instance, being a minor using social media and getting trapped in cyberbullying or a senior citizen on the other side of the spectrum getting conned in transaction fraud. Hence, it is significant that we articulate preventive measures for the masses in the least complex language. Just how we learn to lock our homes before leaving, the users need to learn a few cybersecurity hygiene habits to keep information from being misused.

How can our readers further follow your work online?

I am active on LinkedIn; you can follow me on https://www.linkedin.com/in/diliptp/

This was very inspiring and informative. Thank you so much for the time you spent on this interview!

About The Interviewer: David Leichner is a veteran of the Israeli high-tech industry with significant experience in the areas of cyber and security, enterprise software and communications. At Cybellum, a leading provider of Product Security Lifecycle Management, David is responsible for creating and executing the marketing strategy and managing the global marketing team that forms the foundation for Cybellum’s product and market penetration. Prior to Cybellum, David was CMO at SQream and VP Sales and Marketing at endpoint protection vendor, Cynet. David is a member of the Board of Trustees of the Jerusalem Technology College. He holds a BA in Information Systems Management and an MBA in International Business from the City University of New York.