To address this, Birlasoft Ltd, part of the $2.4 billion diversified CK Birla Group, has partnered with a startup named Regulativ.ai to co-develop a new AI/ML-based cyber-regulatory reporting platform. The two companies said the co-developed platform will help regulated enterprises gain a deeper understanding of their cyber regulatory compliance risks and provide them with actionable reports to mitigate risks and ensure compliance.
Speaking to CISO MAG, Shilpa Bhandari, SVP and Global Head – BFSI, Birlasoft said, “CISOs are looking for a view of their posture or the organization’s posture to cyber regulatory compliance requirements in various jurisdictions. The process today is highly manual and highly inefficient so rarely are they able to get a live view of where the organization is compliant and where there are gaps from a cyber regulatory perspective.
“It is an online platform with the ability to look at all the data sources, internal and external, that are being used to provide this reporting to a Chief Compliance Officer or Head of Audit,” she added.
This cyber-regulatory reporting platform, with its degree of automation and integration with various data sources, leverages machine learning and digital technologies to give CISOs that view on a more current basis. This is going to help CISOs do action planning around gaps that they want to prioritize to address, to work with the CEOs and even the Board, to prioritize and seek more budgets.”
Bhandari informed that there is also an element of auditability in the solution.
Solving a Major Pain Point
Jinal Shah, CEO, Regulativ.ai told CISO MAG that the cyber-regulatory reporting platform is solving many pain points for organizations.
"The fundamental pain point is inefficiency in organizations that are required to comply with the various statutory cyber regulatory & cyber audit and certification requirements. The inefficiencies are due to lack of collaboration between teams, lack of information, lack of data, or poor-quality data.
Each CISO organization collects data from all manner of sources to put together a report for the regulator. It takes time to collect the data, sanitize it, verify it, and clean it. This could take anything between 500 – 600 manhours per assessment, per year," said Shah.