Dr Durga Dube (DD): Over the past three plus decades, I have worked largely with the Reserve Bank of India (RBI) and RIL.

The foundation of excellence was laid early in my career, at RBI. I learnt that to stay ahead, one must ensure that their professional capabilities are always aligned with evolving market demands. Maintaining business propriety is important: understanding how things work and what makes them work. At Reliance, I quickly learned that size, scale, and speed are key drivers of success. Thinking big is essential, but it's the execution of those ideas that really matters—leaders must maintain a hands-on approach.

At Reliance, I’ve also seen the importance of motivating young talent — by pushing them to become perpetual thinkers. This is especially relevant in the cybersecurity function, where talent is scarce and opportunities for innovation are abundant.

Success to me is the pursuit of excellence, a commitment to continuous improvement, a hands-on leadership approach, and fostering an environment that motivates and retains top talent.

How does IRM use technology and innovation to keep Reliance’s systems safe?

DD: Cybersecurity is more than just a defensive measure at Reliance. It plays a pivotal role in enabling our business goals while maintaining trust with all our stakeholders.

Our cybersecurity strategy is closely aligned with our business objectives. We continuously adapt our strategy in line with Reliance’s unique technology environment and evolving cyber threat landscape.

We use a defence-in-depth approach that ensures multiple layers of security—from data, endpoint, server, and application to the perimeter—enhancing our resilience against the constantly shifting threat landscape.

Currently, we deploy 43 cutting-edge technology solutions that help safeguard our business. These solutions provide an optimal balance of best-in-breed incident prevention, detection, and response, while ensuring seamless integration with our broader technology stack.

Our dedicated Security Architecture and Engineering team comprises industry veterans and subject matter experts across a range of security technologies.

We are proud to be one of the few security functions with a dedicated innovation wing. Many of our solutions are developed in-house by our IRM Security Automation, Innovation, and R&D teams. We have built a GenAI Powered Cybersecurity Assistant that can answer questions on anything related to cybersecurity at Reliance.

Can you expand upon some of the 10 Tenets and their significance in relation to cybersecurity at Reliance?

At Reliance, we have followed a Continuous Improvement Programme (CIP) for the past decade. The programme is based on a maturity model approach—that is, aiming for an optimal solution through customisations—to continuously assess and enhance cybersecurity. It takes a comprehensive view of the cybersecurity posture of each Reliance entity to proactively identify and mitigate vulnerabilities before they escalate into incidents.

We benchmark our practices against global standards such as NIST and ISO, ensuring our security frameworks are on par with the best in the industry. Our O2C and Retail businesses hold the ISO 27001 certification. Additionally, Retail and RBML are certified under PCI DSS. Reliance Retail is the only organised, multi-brand retail business in India to maintain PCI DSS certification for over a decade.

Additionally, we ensure robust third-party auditing and validation of cybersecurity practices and Reliance’s public posture regularly.

We provide regular updates on the state of our cybersecurity to the Board Risk Management Committee, whose guidance helps us further strengthen our defences.

We recognise that people are at the heart of a successful cybersecurity strategy. To support this, we’ve heavily invested in People Capital, ensuring our team is equipped with the right skills to tackle emerging threats.

Our competency framework identifies key technical, leadership, and workplace competencies for each role, with tailored learning plans developed in collaboration with the Enterprise Learning and Development team.

This approach ensures seamless rollout, continuous assessment, and regular progress tracking, enhancing capabilities and making our people leaders in the field.

We also prioritise building a strong “Human Firewall”—every Reliance employee, consultant, and stakeholder plays a critical role in defending against cyber threats. Over the years, with a drastic rise in sophisticated social engineering attacks like phishing, we’ve continuously strived to launch targeted initiatives to address these risks.

By strengthening both technical expertise and human awareness, we ensure Reliance remains a leader in cybersecurity innovation, effectively combating evolving threats and maintaining a high level of trust with stakeholders.