Commercial Bank’s Manatunge at EC-Council’s Global CISO Forum

Chief Risk Officer of Commercial Bank – Sanath Manatunge represented the country at the Global CISO Forum held recently in Florida, USA organised by the International Council of Electronic Commerce Consultants (EC-Council).

The goal of this exclusive closed door Forum was to create an open platform for Chief Information Security Officers (CISOs) to discuss their successes, failures, obstacles, and challenges. The open conversation would lead to the creation of actionable items that can be discussed and applied to the organisation.

Sharing his expertise at a panel discussion at the forum on ‘How IT security should support business in risk management’, Manatunge said that today, businesses and IT are not separate functions anymore. For example, a bank runs its entire business functions including operations, ATMs, cards, loans on IT platforms. IT has therefore become part of the business.

“Hence, the word ‘risk management’ could be misleading. As risk managers what we should do is to facilitate ‘risk optimisation’ by the business managers,” Manatunge said at the panel discussion.

“More than the learning, it is the exposure to professionals from high tech corporate environments that was invaluable. Dissemination was much effective. We also received insights from senior IT risk professionals working for US government agencies and even some different perspective from ethical hackers,” Manatunge said, commenting on the forum. “The forum was well represented globally,” he said.

“In Sri Lanka, CISO is not yet a visible profession. There is a need to recognize a CISO’s role in a company, especially if your organisation depends on IT as a strategic tool in achieving its business success. In the US and Europe, they consider CISO as an important corporate role,” he said.