Prioritizing the Impossible: How Genpact's SOC Tackles Cyber Threats

Genpact, a global leader in digital transformation, is committed to safeguarding its digital assets and those of its clients. To gain insights into the company’s robust cybersecurity approach, we interviewed Faizul Mufti, Vice President of Information Security and Cyber Defense Leader at Genpact. In this exclusive conversation, Mufti discusses the organization’s strategies for incident response, threat intelligence, and cultivating a security-conscious culture.

how do you prioritize alerts and incidents in your SOC?

This is one of the most important aspects and outcomes of a mature SOC to maintain a strong security posture. Prioritizing the incidents is one of the most critical decision points in the incident handling process. We follow a process of prioritizing the security alerts and incidents based on evaluating the risk rating through various factors broadly categorized under -

• Loss of Confidentiality, Integrity, and Availability.

• Determining the contextual information of the associated assets or entity like risk score, affected identity as privileged or not,

• Financial and Brand Reputation Damage,

• Regulatory Impact, and

• Threat intelligence inputs linked to each individual security alert.

This process helps us focus on critical security incidents, build effective resource management and respond promptly to the most significant threats detected in the organization.