Cloud Data Security & Resilience , Cloud Security , Governance & Risk Management
Manual Approaches Don't Work for GRC; Why Automation Is Key
Eliminate, Simplify, Standardize and Automate Processes, Says Wipro's John HermansTo run successful governance, risk and compliance programs, automation will always trump manual processes, said John Hermans, head of Europe cybersecurity and risk services at Wipro.
The benefits of automation include reducing errors, delivering rapid and repeatable results and creating a better user experience - not least by eliminating excess labour, he said. But in their quest for highly automated, continuous compliance programs, many organizations struggle to find the right approach and the best place to begin.
The first step? "Eliminate, simplify, standardize and automate" existing business processes to deliver automated approaches that are more efficient and digitized, Hermans said. Consider starting with a cloud environment to easily access a standardized framework and get the required, high-quality data, which makes for a rapidly accessible approach to automation on which organizations can iteratively build.
In this video interview with Information Security Media Group, Hermans also discussed:
- Why manual processes remain ill-suited to building sustainable GRC programs;
- Gains - including demonstrable business value - that organizations can achieve by pursuing more automated approaches to GRC;
- The best place to begin for building a sustainable, continuous compliance program.
Hermans is a cybersecurity and compliance expert who serves as a member of Wipro's European leadership team and a part of Wipro's global cybersecurity leadership team. He has 30 years of GRC and cybersecurity experience working with organizations in numerous industries, including financial services, energy, telecommunications, retail and government. He previously served as a partner at KPMG, heading its EMEA cybersecurity services.