Identified Expertise

  1. Threat & Vulnerability Management1
  2. People & Leadership1
  3. Process Management1
  4. Security & GRC1
  5. Disruptive & Emerging Technologies1

Content Sriram is Following

Do you trust the data & reports from the big analysts?

Strategy & Architecture

Yes

No

Sometimes

View Results
111.8k viewscircle iconLightbulb on123 Upvotescircle icon58 Comments

How much time do you spend evaluating vendors each week? E.g. Reading up, having phone calls and demos etc. 

Strategy & ArchitectureFinancial Management

<1hr

1-3hrs

3-5hrs

>5hrs

View Results
7.8k viewscircle iconLightbulb on1 Upvotecircle icon3 Comments

What are some of the on-the-ground suggestions you have for implementing DMARC/DKIM-SPF in hard fail mode? Have any of you implemented hard fail for subdomains like "SomePurpose (dot)MyDomain(dot)Com" where such subdomains are allowed for specific external service to send emails on behalf of the primary domain? Suggestions?

Process Management
Sriram Lakshmanan
Sriram LakshmananDeputy CISO at Genpacta year ago
Any new domain should start as hard fail. This will force application owners through whatever your internal process is to send as x domain.  If you have existing domains that you switch over you want to review for compliance ...read more
1.7k viewscircle iconLightbulb on1 Upvotecircle icon1 Comment

What are some of the DNS security practices that you have employed? Given the noise of DNS traffic, what are some of the methods you've used to handle it better for threat detection.

Security & GRCInfrastructure
Sriram Lakshmanan
Sriram LakshmananDeputy CISO at Genpacta year ago

Block 8.8.8.8 and 9.9.9.9 as an example

5.6k viewscircle iconLightbulb on1 Upvotecircle icon1 Comment

What advice can you offer security leaders currently trying to win executive support to create a secure behavior and culture program? How should they frame the business case for an SBCP?

Awareness & TrainingSecurity Strategy & Roadmap
Sriram Lakshmanan
Sriram LakshmananDeputy CISO at Genpacta year ago
Security awareness in most org is seen as a check in the box compliance requirement and a bit as nice to have. For me, security is part of value system, much like integrity is or focus on workforce engagement might be. And ...read more
Read More Comments
371 viewscircle icon5 Comments

What do you think about Brand protection services? Did you find any workable method to avoid scams via social media personalizing your seniro management or your company? I am really interested in your stories on this topic.

Sriram Lakshmanan
Sriram LakshmananDeputy CISO at Genpact9 months ago
Brand protection has a purpose, to discover and contain any risk (like unused domains with active DNS). The resukts may help in governance on your exposure management.
For senior exec reputation protection on social media ...read more
1.8k viewscircle icon1 Comment