How to Implement Large-Scale Security Programs EconomicallyFlipkart's Raakesh Thayyil on Maintaining Program Consistency Across Subsidiaries
Amid Flipkart's acquisition spree in 2021 and 2022, the online retailer needed to align cybersecurity across the newly acquired companies. Raakesh Thayyil, group head of data security and security investigations and a winner of ISMG's DynamicCISO Excellence Awards 2023, discussed this successful project to establish and revamp the information security function across two group subsidiaries without incurring excessive costs.
Thayyil's approach involved a meticulous program comprising multiple projects, where strategic selection and prioritization played a crucial role. "I focused on projects that offered maximum value while minimizing changes to the existing technology landscape, allowing lean security teams to leverage automation and machine learning," he said.
Flipkart implemented all projects on time, met the desired success criteria and cut costs by 15%.
In this video interview with Information Security Media Group after ISMG's DynamicCISO Excellence Awards and Conference, Thayyil discussed:
- Components of the security maturity program implemented across Flipkart subsidiaries;
- How the team managed costs;
- How the new ecosystem secures customers, suppliers and vendors.
Thayyil is a military veteran and information security professional with nearly 23 years of diverse experience in information security, program management, operations and telecommunications. He has been instrumental in building Flipkart Group's data security and security investigations functions. In addition to leading Flipkart's security, legal and regulatory compliance programs, he is responsible for information security for four of the company's subsidiaries.