Panel Discussion
About the Panel
Risk ownership continues to spark debate in governance, risk, and compliance circles. Should accountability rest with business leaders who take on risk to achieve objectives, or with security and compliance teams who provide the expertise and guardrails to manage it? This discussion will explore both perspectives, consider the influence of regulatory demands and emerging threats, and examine whether a shared responsibility model offers the best path forward. The session aims to provide practical insights and provoke thoughtful conversation among practitioners.
Moderator
Mahesh Balakrishnan, Head of Enterprise Risk Management, Atlassian
Mahesh Balakrishnan is a senior professional with 25+ years of experience encompassing large scale transformation programs and projects in Integrated Risk Management, Cybersecurity, Cyber Forensics, Information Systems Auditing, Cyber Law and Data Privacy in various geographies.
He is actively engaged in the industry to maintain peer group dialog, develop partnerships, share subject matter expertise. Associated with ISACA as Board of Director, Director- Programs Chennai Chapter
CGEIT/CRISC/CISM/CISA & COBIT 5 FIA from ISACA
CIPM/CIPP-E from IAPP
Panelist
SLince Lawrence, EY, Global Cyber Leader
Lince Lawrence, is a cyber Defense strategist and resilience evangelist with over two decades of global experience. He has successfully assisted organizations in designing and operationalizing proactive Defense strategies across complex IT and OT environments, while also leading resilience programs at global banks and insurance firms. Recognized as a transformational leader and change agent, he actively contributes to industry standards and frequently speaks on next-generation cyber Defense. Deeply committed to mentoring and inspiring future talent, Lince, is passionate about shaping the next generation of cybersecurity professionals and strengthening the community through thought leadership.
Panelist
Dr. Mahesh Kalyanaraman, PhD, CISSP, CISA, CISM, Associate Vice President – Risk and Compliance, HCL Technologies Ltd
Having 30+ years of experience in cyber / information security and Risk Management domains. Co author of ISO 27008. Worked in organizations like Tata Communications, Cognizant Technologies etc and currently working in HCL Technologies. Delivered lectures around the said domain in multiple educational institutions and forums like ISACA / ISC2 / DSCI etc. Represented country for ISO standards committee as well as to Interpol UE conference.
About the Panel
This panel on Evolving GRC for Strategic Impact will explore how Governance, Risk, and Compliance is shifting from being a regulatory obligation to a true business enabler. Our panel will discuss how GRC can drive informed decision-making, remain relevant in a disruptive world shaped by AI and complex regulations, and why building strong governance naturally fosters compliance. We’ll close with key takeaways on how organizations can harness GRC for sustainable impact.
Moderator
Sripathy Raagav K, Associate Vice President , Cloud Assurance, Standard Chartered GBS
Accomplished GRC and Cloud Assurance Leader with 17+ years of cross-industry expertise in Technology Risk, Cybersecurity, Internal Audit, and Regulatory Compliance. Extensive experience across all three Lines of Defense (LoD), with a proven track record of leading strategic audits, implementing robust governance frameworks, and partnering effectively with global regulators. Skilled at driving innovative audit methodologies and enhancing business resilience across BFSI, Telecom, and IT sectors.
Panelist
Hareesh Ramasubramanian, Chartered Security Architect
Hareesh is an Award-winning Cyber Security Practitioner. With over 19 years of experience focusing Security Strategy Development & Delivery, Advisory & Assessment, and Security Architecture & Design. Hareesh has a wide range of experience in multiple domains, including Govt., BFSI, Healthcare, Retail, Education, Not-for-Profit, Fashion & Apparel, Leisure Travel and FMCG. Hareesh is a Chartered Security Architect and hold several credentials in good standing including CISSP, CSSP, CISA, CISM, CGEIT and CRISC.
Panelist
Harikrishnan S, Assistant General Manager – ISG (Dy. CISO), Karur Vysya Bank Ltd
Mr. Harikrishnan S is currently working as Assistant General Manger – Information Security Group (acting as Deputy CISO) at Karur Vysya Bank. He is the second line executive of the department managing GRC, SOC operations and Security Assessments. Mr. Harikrishnan is having an experience of eighteen plus years in KVB wherein he has handled various roles in IT management , Data Center operations and regulatory compliance . Prior to joining Information Security Group , he was leading IT strategy team of KVB. He has also handled Data Centre operations, Disaster Recovery, IT infrastructure management , audits, Application support and CBS operations.
Panelist
Shermugadurai C, VP & CISO, Tamilnadu Mercantile Bank
Shermugadurai is the Vice President & Chief Information Security Officer at Tamilnad Mercantile Bank Ltd. He also leads the Information Security Department and Security Operations Center of the Bank. He holds Master of Computer Applications (MCA), Certified Associate of Indian Institute of Bankers (CAIIB) and Certified Information Systems Auditor (CISA). He has an overall experience of more than 30 years in the field of Banking in India, of which 17 years in Information Technology and 5 years in Information Security.
About the Panel
As organizations expand across geographies and ecosystems, governance over third-party relationships has become a top priority for boards. Vendors, partners, and service providers now operate as extensions of the enterprise, and failures in oversight can quickly escalate into reputational damage, regulatory penalties, or systemic disruption.
This panel will explore how governance frameworks can strengthen trust and accountability in a borderless business environment. Panellists will discuss practical approaches to vendor governance — from due diligence and contractual safeguards to continuous assurance, reporting, and board oversight. The conversation will emphasize how effective governance transforms third-party risk management from a reactive control into a proactive enabler of resilience and responsible growth.
Moderator
Sangeetha N Sathish, Senior Manager, Internal Audit, Cholamandalam MS General Insurance Company
Sangeetha N Sathish is a Chartered Accountant and an Information Systems Auditor with an overall experience of nearly 2 decades. She has explored consulting and employment with equal interest, to leverage on the learning experiences from both. Her career spans across The World Bank and consulting at Audit firms, Cert-In empanelled entities on both Financial and Infosec realms. She is a passionate auditor with expertise in statutory, internal, ITGC and vendor regulatory audits. In her current role she specialises in IT audits within the Internal Audit portfolio. She is also the Director Special Interest Group at ISACA Chennai Chapter, where she enjoys driving the learning and networking initiatives for members
Panelist
Natarajan Swaminathan, Deputy General Manager, HCL Technologies
Natarajan is a seasoned IT Security and Risk Management professional with over 30+ years of experience initially starting as a government servant in the Indian Audit & Accounts Department then moving on to corporate environment since 2007, including 16+ years in Vendor Risk Management, Information Security Compliance, and IT Audits. He holds CISA, CISSP and ISO 27001 Lead Auditor certifications.
Panelist
Padma Priya V, VP @ Indium Software
Padma Priya is a visionary leader with over 19 years of extensive experience in driving excellence in Quality, Information Security, and Compliance. She brings invaluable insights and strategic direction to organizational initiatives, driving alignment with industry best practices and regulatory frameworks.
Having begun her career with Polaris and Cognizant, and now serving at Indium Tech, Padma Priya has been a key force in the organization’s pursuit of critical certifications and compliance standards. She is a certified Lead Auditor in ISO 27001:2022, ISO 9001:2015, ISO 27701 (PIMS), ISO 42001 (AIMS), and Six Sigma (GB). She is a designated Data Privacy – Grievance Officer at Indium, committed to promptly addressing complaints related to breach of confidential data and personal data.
Recently, as Indium’s ESG Champion, she has been leading initiatives with a spirit of learning and implementation, embracing sustainable practices to create long-term value for the organization and its stakeholders.”. Beyond her professional accomplishments, she is a devoted mother of two and a supportive wife, embodying the essence of modern leadership — balancing family, career, and personal aspirations with grace.
Panelist
Randeep A R, Senior Manager, ReBIT
Randeep is a seasoned information security professional with 16 years of experience in technology sector including a decade dedicated to cyber security.
His career includes significant tenure in the Cyber risk practice at a Big 4 and made substantial contributions to the strategic initiatives of the CISO team within a scheduled commercial bank. His background reflects a strong track record of safeguarding digital assets, strengthening cyber defenses and maintaining strict regulatory compliance within critical financial environments.
About the Panel
“AI: Boon or Bane?”. This thought-provoking session explores whether Artificial Intelligence should be embraced as a catalyst for innovation and efficiency or feared for its ethical, security, and societal risks. Join us for balanced perspectives, real-world insights, and a critical discussion on AI’s role in shaping our future.
Moderator
Sriram Srinivasan, ISACA Chennai Chapter BoD – Director Training, Senior Manager – EY GDS
Sriram Srinivasan is a seasoned Cybersecurity and Architecture professional with 25 years of experience and currently serving in EY GDS with over 25 years of IT/Cybersecurity industry experience. Holding global certifications such as SABSA, TOGAF, CISA, CISM, CGEIT, CRISC, PMP, CDPSE, AMBCI, ITIL, and COBIT, he has led the design and implementation of security solutions across Cybersecurity, GRC, AI, Cloud Security, and Risk Management. An Accredited Trainer, Sriram has conducted 100+ sessions for ISACA certifications and serves as Honorary Director – Training at ISACA Chennai Chapter. He has also contributed to Bodies of Knowledge and manuals for both PMI and ISACA at global levels. Sriram will moderate this strategic debate on AI: Boon or Bane.
Panelist
Atul Srivastava, TÜV SÜD South Asia
Atul carries over 17 years of experience in IT & BFSI sector. His professional qualifications includes PCI QSA, CISA, CDPSE, ISO27001 Lead Auditor, ISO27001 Lead Implementer, COBIT, CCNA, MCSA, CEH and also having hands-on experience on various security solutions including SIEM, DLP, Firewall, WAF & XDR. He has a proficiency in multiple globally recognized standards & regulations including AIMS, ISMS, PCI DSS, GDPR, DPDPA, EU Regulations like NIS2 & DORA.
He has delivered multiple IT audit, consulting and training projects. His prime clientele includes Fintech organizations, Insurance companies, BPO and Oil & Gas companies in India, China and Middle East region
Panelist
Rajesh Tripathy, CEO, TectonaS
With over 30 years of Cyber Security Audit, Compliance and Standard Compliance product development. /Addressing the IT/Cyber Security Compliance needs across industries including Defence, Banking, Energy and Semiconductors, banking, healthcare, and operational technology (OT)
Panelist
Suresh Krishnan, Co-Founder, CTO, SQ1 Security Technology Private Limited
Suresh Krishnan is the Co-Founder and Chief Technology Officer of SQ1 Security Technology Private Limited. He brings over three decades of experience in Information Technology, with deep expertise in cybersecurity, governance, risk, and compliance. As a technology leader, Suresh has been instrumental in shaping SQ1 Security’s vision, driving innovation, and delivering robust security solutions for global enterprises. He has led Security Program implementations, enterprise risk assessments, and digital transformation initiatives, helping organizations strengthen resilience, achieve compliance, aligned with business growth.
About the Panel
AI is changing the way Governance, Risk, and Compliance (GRC) functions operate. What began as automation to reduce manual effort is now pushing GRC toward a larger role: providing real assurance that AI-enabled processes are reliable, accountable, and aligned with regulatory and ethical expectations.
This panel will discuss how GRC professionals can move beyond efficiency gains to embed trust, oversight, and resilience into AI-driven workflows. Panellists will explore the risks of over-reliance on automation, the challenges of bias and hallucinations, and how GRC can serve as the critical bridge between innovation and accountability.
Moderator
Balachandar Natarajan, Platform Engineering Manager, Ford Motor Company
Bala is a seasoned technology leader working in Ford Motors and has 23+ years of experience in cloud computing, cybersecurity, platform engineering, and digital hyper-scaler transformation. Deep expertise in Cloud infrastructure, DevSecOps, Cyber Security, AI/ML, and automation. Proven success in leading strategic initiatives, scaling products, platforms, and driving innovation across engineering functions. Adept at building high-performance teams and delivering business value through strategic foresight and continuous improvement.
Panelist
Mani N, Co-founder | Head Strategy, GTM – Global markets, GRCxperts
Mani comes with about 20 yrs of professional cybersecurity career including Big4, M&M etc with a Double Post-Graduation & Industry certifications (past/current) viz., CISA, CEH, ABCP, ITIL, COBIT, ISO 27001 LA, CDPSE, ISO 42001 (AIMS)
An avid speaker, writer and hands-on consultant with experience in hands-on implementing large-scale GRC, Information & cybersecurity Security projects globally in BFSI, Healthcare & Manufacturing.
Set up cybersecurity practice lines viz., GRC, Application Security, Cloud Security, OT Security
An acknowledged thought Leader, his Philosophy of “Live Local, Think Global” led him to liaise with leading research entities such as Gartner’s; contributing to many success stories at client engagements.
He has presented at several national & international conferences on sessions related to GRC, Information & Cyber Security & Risk Management. These include: CIO Summit, Gartner, GRC Summit, CII Connect, ISACA Annual Conference
Current focus is on “Derisking AI”, with focus on ‘AI for GRC’ and ‘GRC in AI’ programs
Panelist
Ramya Purushothaman, Compliance Manager at WhizzC
Ramya is a CISA-certified professional and ISO 27001 Lead Auditor with expertise in Information Security, Data Privacy. At Whizz Cybersecurity, She leads compliance initiatives across ISO 27001, SOC 2, ISO 27701, GDPR, HIPAA, and AI regulatory frameworks, ensuring strong governance and risk management. She has played a key role in helping organizations achieve critical certifications and bring hands-on experience in risk assessments, internal audits, and third-party compliance. Ramya is passionate about enabling organizations to balance innovation with compliance and actively contribute to advancing best practices in cybersecurity and governance.
Panelist
Syed Zaidi ,ICT Operations Head – Business Assurance, DNV India
With nearly 30 years of experience in IT and auditing, Syed Zaidi is a highly accomplished professional, specializing in audits of management systems such as information security, business continuity, and privacy. For the past 18 years, he has been a key figure at DNV, where he has served as a Lead Auditor and conducted 4500 plus mandays of audits worldwide. Currently heading ICT operations at DNV, Zaidi combines strategic vision with technical expertise. His knowledge and insights have made him a valued speaker at industry forums and summits, including ISACA, HYDSPIN, and numerous professional conclaves.
