11-12 June 2025
Hall 4, Bombay Exhibition Centre, Mumbai
Dinesh Kumar Shrimali, Chief Information Security Officer (CISO) and Data Protection Officer (DPO) of Tata Steel Ltd., tells Gargi Chakravorty that cyber threats now pose direct business risks—impacting safety, operations, and supply chains. He explains how ransomware, AI-driven attacks, identity breaches, and third-party vulnerabilities are reshaping enterprise cybersecurity priorities today.
What according to you are the top cyber threats enterprises should be most worried about right now—and why?
From a CISO’s perspective, the most serious cyber threats today are no longer isolated IT issues. They are business risks that directly affect plant availability, worker safety, intellectual property, and supply continuity.
Ransomware Threats: Ransomware attack has evolved far beyond encrypting office IT systems. Attackers now deliberately target manufacturing execution systems, plant networks, and operational data—combining disruption with data theft.
Even with backups in place, stolen IP, engineering designs, production data, and employee information are weaponized to create regulatory exposure, customer disruption, and reputational damage. In manufacturing environments, ransomware incidents can translate into plant shutdowns, missed deliveries, and safety risks, rapidly escalating into board‑level crises.
Supply Chain and Third‑Party Compromise: Manufacturing enterprises are increasingly compromised indirectly—through suppliers, system integrators, OEMs, SaaS platforms, and managed service providers with legitimate access to enterprise or plant systems.
These attacks bypass traditional perimeter defences and exploit implicit trust in third‑party relationships. The real risk is scale. A single compromised vendor or software update can impact multiple plants, suppliers, or even an entire production ecosystem at the same time.
Identity‑Centric Attacks Across IT and OT: Identity has become the new perimeter across both IT and OT environments. Attackers aggressively pursue credential theft, MFA fatigue attacks, session hijacking, token abuse, and service account compromise.
Once identity is breached, attackers often move laterally from IT into OT with limited resistance. Weak identity governance, excessive privileges, and shared plant accounts make identity failures one of the most consequential risks in modern manufacturing.
Q. How have AI, deepfakes, and automation changed the enterprise threat landscape in the last 12 months?
Over the last 12 months, the manufacturing threat landscape has undergone a step‑change in attacker capability, speed, and scale, driven by AI, automation, and evolving trust exploitation.
Generative AI has significantly lowered the barrier for executing sophisticated phishing, spear‑phishing, and business email compromise attacks. These campaigns are now context‑aware, leveraging supplier, plant, or project‑specific details; grammatically flawless; and highly personalized for engineers, procurement teams, and plant leadership. As a result, traditional awareness training alone is no longer sufficient, shifting the focus toward stronger identity protection, technical prevention, and behavioural analytics.
Deepfake audio and video have become credible enough to impersonate plant heads and senior executives, bypass voice‑based approvals, and pressure finance, procurement, or operations teams into urgent actions. In manufacturing environments—where operational urgency is the norm—these techniques introduce significant non‑technical risk to financial integrity, supplier payments, and operational decision‑making.
Attackers are increasingly using automation to continuously scan IT and OT environments, weaponize vulnerabilities within hours of disclosure, and execute multi‑stage attacks with minimal human interaction. The window between vulnerability disclosure and exploitation has collapsed, forcing manufacturing CISOs to rethink patching strategies, compensating controls, network segmentation, and detection speed—especially in environments where legacy OT systems cannot be patched easily.
Q. What are the non-negotiable best practices CISOs must adopt today to protect enterprise and customer data?
In today’s threat environment, data protection fundamentals are no longer optional—they are essential to operating safely, compliantly, and with customer trust.
Enterprises must clearly understand what data they hold, where it resides, who can access it, and how it moves across systems and borders. Data classification, labelling, and encryption—at rest, in transit, and where feasible, in use—along with tokenization, must be embedded directly into business processes, not added as an afterthought.
Zero Trust must move beyond policy statements to consistent execution through strong identity verification, least‑privilege access, device health validation, and continuous session monitoring. Trust should never be implicit—especially for privileged users and sensitive data.
Privacy and Security by Design: Security controls must align with regulatory requirements and ethical data use expectations from day one. This means enforcing purpose limitation, data minimization, automated retention and deletion, and strong auditability. Increasingly, regulators and customers assess organizations by how responsibly they handle data, not just whether they suffer breaches.
If a third party processes your data, you own the risk. Effective governance requires continuous third‑party risk monitoring, contractual security and privacy obligations, clear audit rights, and defined breach notification timelines. Vendor trust must be continuously validated—not assumed.
Enterprises must invest in rapid detection and response, immutable backups, crisis communication readiness, and legal and regulatory response playbooks. In modern enterprises, resilience—not prevention alone—defines data protection maturity.