NEW DELHI, INDIA: Carlos Solari is former Chief Information Officer of the Executive Office of US President and has implemented the strategy and enterprise architecture for major systems renovation covering all aspects of the enterprise computing serving the White House and its supporting offices.

Earlier, he managed several large-scope, full life-cycle IT programmes for the Federal Bureau of Investigation. Solari recently took over as vice president - Cyber Technology and Services at CSC, a provider of technology-enabled solutions and services. During his visit to India, Solari interacted with Prasoon Srivastava of CIOL and discussed the upcoming challenges in Cyber security and CSCs plan for this space. Excerpts:

Q: Cyber security domain is very big. Which are the key focus areas for CSC in this domain?

Solari: Yes, it’s so big that we just want to keep things that we have to be careful of. We have typical things that are part of our mission – to deliver data center functions, IT, outsourcing types of functions. But we’re going beyond these into saying that companies do need security in the monitoring type of securities, the MSSPs/NSSPs (Narrow Security Services Portfolio/Provider). That is our primary area of focus.

Also read: 'Cyber security is a diplomatic issue today'

But we have our expertise in testing, penetration testing. We have our expertise in compliance because it’s a big field and important for different verticals and different countries. Some of that spills into security for privacy or compliance. We have our expertise in the integration of security.

Q: Since all networks are moving on Internet Protocol (IP), do you see that the domain of cyber security is increasing?

Solari:In IP, you effectively give away physical isolation for the benefits of flexibility of IP. In an IP-based network, if a robber is inside your premise, there’s a sort of natural increase of risk there. There’s a high level of risk there as well. One of the most important reasons is we have used IP based systems to do things that we have never thought of doing in the past, like running large-scale infrastructures.

Also read: Are you ready for new security challenges of 2011

At the same time, we’re seeing an acceleration almost in incidence that is costing a lot of loss in many ways due to hacking. The loss can be from money to the impact on the brand and privacy information. With companies moving on to IP network, expenses on cyber security will definitely increase.

Q: Most of the companies are now talking about creating India as their innovation hub. How is CSC seeing India market with respect to research and development?

Solari:One aspect to it is strictly the software development, which is very well known for innovation. One area that I particularly like is India’s very quick adaptation of the quality principles. The principles of how you develop quality can easily be transformed into principles of how you develop security, which has got a lot of room to grow.
There is a lot of brainpower here in India. India is a place where innovation gets developed. Then, security is an opportunity that I don’t think we have explored very well. We have been thinking what we can do so that India plays a key role on the global stage.

Also read: The Zeo-day vulnerabilities

Q: Which are the segments or verticals where you would like to build your capability in the next 2-3 years?

Solari: Finance and aerospace are the two verticals because of their nature. When we talk about cyber security to the customers, we don’t have to introduce them to understanding of this space. The nature of the conversation is more about what can we do to help them against these very sophisticated kinds of attacks. That is where the conversation begins.

Q: Tell me about any new vertical where the focus of the companies is very less, and where you want to build your expertise and where you want to capture those verticals.

Solari: Health Industry. There is great benefit to be gained from moving things electronics. From putting camera inside the patients to lab test to making the medical records electronic, there is immense scope. Privacy and security in health industry is one of the areas that need a lot of attention.

Q: Is there anything you’re looking on at the telecom sector because of the transformation of the networks?

Solari: We are really experienced in working with the large enterprises. It is getting harder to separate out the enterprise from the telecom. Most recently, one provider here in India issued a request for information about companies getting certified in the networks because of the growing demands of the government to be certified to do that. We are actually looking at potentially answering that response. We are moving to IP based. And that means that we are aware of the kind of hacking out there. As soon as that happens, we will start responding to the opportunities.