I'm Pranith Shetty. For more than 15 years, I have honed my skills in information security, becoming a highly qualified professional in the field. My expertise spans information security, IT risk management, cybersecurity, and data privacy.

My Master's degree in Information Systems with a specialization in Information Security provided a strong foundation, and throughout my career, I have had the privilege of contributing to the success of renowned companies such as Morgan Stanley, Cisco, PwC, and International Paper.

Designing and implementing frameworks, processes, and assessments to strengthen an organization's overall risk posture is a core strength of mine. At PwC and Morgan Stanley, I have successfully implemented these measures across departments. Currently, at Cisco, I leverage my experience and innovative thinking to lead the Risk Management program for cloud network security offerings.

My expertise extends beyond information security to include IT risk management, cybersecurity, data privacy, compliance, and IT audit. My passion for the field is further reflected in my academic and professional achievements. I co-authored a paper on big data and cyber risk intelligence that won a Deloitte-sponsored challenge, assisted a PhD candidate with data review and analysis as a research assistant, and even wrote my risk management frameworks and procedures.

My commitment doesn't stop there. I hold industry-recognized certifications such as CISSP, CRISC, and CDPSE, along with additional OneTrust certifications focused on GRC and data privacy. My dedication has also been recognized through corporate and international recognition, including awards from PwC, Cisco, and the Indian Achievers Forum (IAF).

Looking ahead, I'm driven to deliver innovative solutions and contribute to ground-breaking research in information security, IT risk management, cybersecurity, and data privacy. Staying at the forefront of advancements and sharing my knowledge with others to advance the industry is a core value for me. My proven ability to solve complex problems makes me a valuable asset in these critical areas.

I am an Information Security and Risk Manager with close to 15 years of experience, I have been involved in strategy, cybersecurity, and risk throughout my career. I have worked with Big 4 consulting and Fortune 500 companies such as International Paper, PwC, and Morgan Stanley.

Currently, Cisco leads its Risk Management program in the Security business (Products like Duo, Umbrella, SSE, and others).

Cisco is a multinational conglomerate and has many products across different domains such as networking (routers, switches, etc.), Firewalls, and Cloud products, then there is a whole lineup of security products like Duo, Umbrella, Cloud lock, and SSE, this is the business unit that I am part of.

It's a great feeling to win this award, hard to describe in words. I feel humbled and honored to have been nominated by the judging panel. It lets me know that the work I've done over the years adds value from a third-party perspective ( I know it adds value, companies do too, my corporate awards are a testament to that). However, this motivates me even further.

Winning this award helps both me and my organization in terms of recognition and impact. This could help drive market access and sales among readers, judges, and participants in the esteemed award organization. This motivates us to excel further in our fields and to scale new heights.

The first and foremost challenge is to ensure that the work has had an impact not only within the company but across the entire field. It has to be holistic and not targeted at a specific niche. It is important to ensure that entries do not sound generic but can be differentiated when placed in a category.

Ideas work best when solutions are focused on problem statements. At the same time, not trying to reinvent the wheel, and being aware of the resources and budget allocated is key.

An organization is successful when information is communicated from the top (leadership) to the bottom (staff) and vice versa. This ensures transparency, alignment of business objectives throughout the organization, and communication of granular issues affecting the organization back to leadership.

Experience in this area of information security and risk has helped me understand the issues and challenges within the unit. I tried to come up with simple measures to address these challenges and was successful in implementing them across the unit.

I'm currently based in the U.S., and being closer to safety regulations and strategies has certainly helped me grow in my career. I have had the opportunity to interact with some of the best minds in the business and gain valuable insights.

The shift in business strategy was certainly the first for all businesses. There was nothing like the pandemic that the world had seen before, especially from a technological standpoint. Businesses need to pivot their strategies and be more flexible. That's exactly what I did. I had to change the operating model and the operating book of my operations and adapt to the new reality and way of doing business.

Advances in Artificial Intelligence (AI) have certainly been exciting in 2023 and beyond, it will be interesting to see where we end up in Security for AI and the various avenues on how we adopt AI for security.

In the field of information security, be an active participant in organizations such as the IEEE, ISC2, and ISACA that have excellent membership. The transfer of ideas and knowledge has been very critical to my growth and I am sure it will be helpful for individuals and businesses trying to make their mark in this field.

Significant investments have been made in information security and risk technology and resources. This trend is only going to increase as the security landscape continues to evolve, so businesses need to keep up with and stay abreast of technological advancements. The evolution of AI will also play a key role in the future of the security portfolio and projects that businesses undertake.

I have mainly been driven by ambition and self-growth, and have charted my path in this field. There were not many role models growing up in this area of information security. I was inspired in part by Steve Jobs' biography, where he used to focus more on user experience and design than the rest of the pieces. It was very similar to my perspective too. When I was thinking about security, the shift left approach is a move in that direction, which is pursued within the industry as well.

Information security and risk is a very broad field, best to look for statements of problems in the field, and try to solve them, not reinvent the wheel, researching existing frameworks and solutions, adopting them, and trying to work within budget and resources are key.