Manas Giri
CISO
WestJet
Manas heads the cybersecurity team within IT at Westjet and oversees security engineering, governance, risk and compliance, security operations and threat intel, and IAM functions. Prior to Westjet, Manas was at Bank of Montreal, where he spent ten years in various areas of cybersecurity, including Director of IS Supplier Assessments and, more recently, Director of Identity Access Management (IAM) and Payment Security.
Prior to BMO, Manas spent seven years with TATA Consultancy Services and brings 17 years of global experience in information security and risk management. Manas holds a Master of Business Administration in Information Technology, a Post Graduate Diploma in Software Engineering, and a Bachelor of Engineering in Electronics and Communication.
Learn more about leaders in the Toronto CISO community here.
Give us a brief overview of the path that led to your current role.
I started my career by providing information security and risk consulting in Data Security, Application Security, Network/Infrastructure Security, and Third Party Security for various clients in the Banking, Insurance, Telecom, Manufacturing, Transportation, Business Process Outsourcing, Media and Information Services domains.
Joining BMO in 2011, I progressed through various roles from IS Officer to Director of IS Supplier Assessments to Director of CIAM and Payments Security - spearheading programs such as supplier assessments, cloud security assessments, offshore control assessments. I created authentication standards/guidelines and controls for the bank's customer-facing applications and established security controls for wholesale payment systems such as SWIFT.
What is one of your guiding leadership principles?
Transparency. The more you share, the more you gain respect and trust. Ultimately, you are contributing to strengthening the ecosystem, and so there should be no fear of loss of your USP or competitive advantage.
With disruption being a key theme of the past year, where do you see your role as a CISO leader going in the next 1-2 years?
The role of cybersecurity has evolved to be a business enabler as well as a competitive advantage. A key theme in the next 1-2 years would be how to enable seamless and frictionless interactions while increasing the security of transactions in a 'perimeterless-world.'
What advice would you give to someone just starting out in the role?
Rather than jumping on to correct deficiencies and control gaps, spend sufficient time understanding the business and building the right talent structure as cybersecurity is way more than just the protection/detection technologies. For you to succeed, all stakeholders need to live a security culture on a day-to-day basis, and hence communication skills are way more important than building the right cybersecurity program.
Tell us 3 fun facts about yourself.
I have 4-year-old twins (boy and girl), who decide what we would watch on TV every day; I met my wife at the business school we both attended, but haven't been able to agree on who proposed first; I love playing cricket, but the twins decide what we should play and so haven't really played in the last four years, just watch it on TV.
What is the value of participating in a professional community through Evanta?
No one is perfect, nor can everyone keep up to speed with the number of technologies coming to the market on a daily basis. A professional community like Evanta helps share everyone's personal perspectives on issues and how they might have solved them. Learning from each other and sharing are the biggest values of participating in the professional community through Evanta.
Evanta Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.
by CISOs, for CISOs
Join the conversation with peers in your local CISO community.