Fortifying the Core: Building a Cyber Resilient and Geopolitically Agile GBS Model

In today’s hyper-connected digital economy, cybersecurity has transcended its traditional role as a mere technical safeguard to become a fundamental strategic imperative. During a recent high-profile panel discussion featuring industry leaders such as Venkatesh PS, Global Director of Business Resilience and Corporate Security at Cognizant; Deepak Singh, President & CEO of Gorisco Group; Santosh Tripathi, Director of Information Security and Compliance at Virsec Systems; Dr. Lopa Mudra Basu, a distinguished Cybersecurity Thought Leader and MD at InfoSec Gurukul; Sandeep Bansal, Group CIO at A One Steel; and Ramaprasad Kumar, Secretary of the ISACA Bangalore Chapter., the evolving dynamics of cyber resilience within the Global Business Services (GBS) ecosystem were dissected with remarkable clarity and depth. The conversation illuminated the pressing need for GBS organizations—especially those operating in geopolitically sensitive environments like India—to adopt a holistic, board-level approach to cybersecurity that balances resilience, recovery, and agility.

The Shift in Cybersecurity Paradigm: From IT Control to Board Mandate
One of the key takeaways from the discussion was the recognition that cyber resilience is no longer just an operational or IT issue. Rather, it has emerged as a critical boardroom priority that shapes business strategy and market leadership. The pandemic underscored this shift, revealing how unprepared many organizations were to handle widespread disruption. Boards are now asking the crucial question: “Are we resilient enough to face cyberattacks, AI-driven threats, and geopolitical uncertainties?” This question has become a million-dollar concern, emphasizing that resilience must be both preventative and responsive.

Leaders emphasized that cyber resilience is not about achieving 100% security—an impossible feat—but rather about developing a "shock-absorbing" capacity that enables organizations to continue operations and recover swiftly even when breaches occur. This mindset requires integrating cyber risk management with broader business continuity, crisis governance, and regulatory compliance frameworks.

India’s Growing Role in the Global Cyber Resilience Landscape
India, with its vast digital footprint, scale, and talent pool, stands at a strategic inflection point. The country is poised to evolve beyond a traditional global delivery hub into a global center for cyber resilience and recovery. However, panelists like Deepak Singh cautioned that India is not yet “the default” destination for cyber-resilient GBS operations. While India offers cost-effective solutions and a wide talent base, challenges remain in cultivating depth in cutting-edge technologies and nurturing startups focused on deep tech cybersecurity innovations.

Government initiatives such as the Cyber Security Innovation Champions program and improved global trust ratings signal progress, but industry-wide maturity and compliance readiness—especially for Indian enterprises themselves—still lag behind global standards. The need for a cultural shift toward respecting domestic regulations and reinforcing compliance “by design and by default” was underscored as critical for sustainable growth.

The Evolving Role of the CIO and Leadership in Cyber Resilience

The CIO role is undergoing a profound transformation. No longer confined to managing IT infrastructure, CIOs are increasingly strategic leaders who must understand geopolitical risks, business continuity, and cybersecurity threats holistically. They must collaborate across functions—business, technology, HR—to build resilient, adaptable operating models. This integrated leadership is particularly vital in GBS organizations where multiple delivery centers across geographies must operate seamlessly despite disruptions.

Complex Threat Landscape: Nation-State Attacks, Supply Chain Breaches, and Ransomware
The cybersecurity threat landscape has become exceedingly complex. The panel highlighted several contemporary attack vectors, including nation-state cyber warfare targeting privileged identities and shared cloud resources, massive supply chain breaches exemplified by the SolarWinds attack affecting thousands of organizations, and persistent ransomware assaults that disrupt business operations and erode stakeholder trust.

These challenges demand an expanded security architecture that encompasses not only internal systems but also third-party vendors, managed security service providers (MSSPs), and cloud platforms. Governance and oversight play critical roles in ensuring that all components of the security ecosystem are robust and aligned.

Governance Failures and Their Impact on Cyber Resilience
Governance emerged as a crucial pillar influencing cyber resilience outcomes. Panelists cited high-profile program failures, such as the Australian Stock Exchange clearinghouse and Volkswagen’s electric vehicle launch delays, attributing root causes to governance lapses.