Topics In Demand
Notification
New

No notification found.

Cyber-powered Global Capability Centres (GCC) - moving from ‘now’ to ‘next’
Cyber-powered Global Capability Centres (GCC) - moving from ‘now’ to ‘next’

1472

0

 

GCC 3.0 and the rising value proposition to both the parent organisation and India

According to a recent NASSCOM-Deloitte report, GCCs in India garnered a revenue of USD 33.8 Bn in 2019-2020 - about 1% of India’s GDP, and witnessed a CAGR of 11% from FY 2015 to FY 2020. This is really to set the context of the value that GCCs in India are creating from the view of revenue generation.

However, the true value that GCCs bring to their parent organisation is far beyond revenues.

The report delves deeper into such aspects, highlighting the evolution of GCCs in India from being Service Providers (delivering activities as per the direction of the parent firm) to Advisors (problem solving, ideating, conducting Proof-of-Concept, and pitching to parent companies for implementation).

We are being ushered into this era of GCC 3.0, where the erstwhile captives are evolving to become innovation centres, transformation centres and Centres of Excellence (CoEs), by tapping into a diversified talent pool in India, and working on frontier technologies. GCCs also offer a unique value proposition to India, right from developing talent and an ecosystem of innovation, to creating social impact and focusing on sustainability.

Evolution of cybersecurity in GCCs

The pandemic accelerated the focus on cybersecurity, which coincided with the GCCs’ transformative journey.  Managing and driving cybersecurity function of the parent organisations from the GCCs became a huge attraction owing primarily to cost arbitrage and the availability and efficiency of competent cybersecurity talent. However, the scope of activities continues to increase largely because of the evolving global threat landscape and the accelerated adoption of digitisation in the parent organisation.

As the threat landscape evolves, it becomes important to bring in new ideas, technologies, products, and best practices to help in holistic management of cybersecurity in an organisation; and the cybersecurity teams of GCCs in India are gearing up to tap into that. Increasingly, conversations are moving upwards from catering to security management and controls to providing newer solutions, value propositions, best practices and strategic directions.

India has a noteworthy focus on cybersecurity – it has recently risen from the 47th to the 10th position in the United Nation’s ITU Global Cybersecurity Agenda (GCA), which is reflective of the various measures being undertaken from a legal and regulatory perspective, as well as from the perspectives of capacity building and organisational measure. From education and awareness to capacity building and ecosystem development, cybersecurity is an important area of focus for the government, key associations such as NASSCOM and DSCI, and the industry at large, making India an important cybersecurity hub. It is, therefore, imperative for GCCs to get the maximum out of cybersecurity innovation and delivery from India.

Outlook on enhanced role and value proposition

From a cybersecurity standpoint, GCCs will continue to add enhanced value, and I see their roles expanding into several areas such as:

·       Supporting the digital transformation journey of their parent organisation, right from creating strategies to guiding them on how cybersecurity can be embedded in large scale projects

·       Broad basing on capabilities in cybersecurity to address risks/attacks associated with advanced technologies such as IoT, cloud computing, application modernisation, Edge computing, and sophisticated environment in a manufacturing setup with Industrial Control Systems (ICS), SCADA and the overall OT environment enabling the digital factories

·       With regards to the regular activities such as cyber security reviews, assessment, and compliance initiatives, moving from managing to leading from the GCCs through intelligent automation and standardisation

·       Enhancing threat detection and response capabilities to better ‘detect’ and ‘respond’, leveraging platforms, automation, and cognitive solutions; and at the same time making efforts in leading in areas such as Identity and Access management, Zero Trust Architecture, among others

·       Developing cutting-edge cybersecurity solutions either through in-house innovation or ecosystem collaboration to thwart ever-evolving modern day cyber threats

·       Becoming a powerhouse for the development of cyber-skilled workforce, which supports both the GCCs’ vision and the country’s talent pool

·       Making an impact on societal change by promoting cybersecurity awareness among people at large and encouraging businesses to embrace cyber as their social responsibility

 

In this overall evolution of GCC 3.0, driving cybersecurity initiatives more strategically from the GCCs will become inevitable, especially as some of the big greenfield digital projects and work around emerging technology start getting addressed from India. Going forward, GCCs are poised to take a lead in devising strategic direction, improved governance, and consistently embedding the ‘security and safety by design’ and ‘privacy by design’ approach across the organisation, thereby providing a greater comfort to leadership on management of cyber risks.

I am certain that the GCCs will play a critical role in enabling organisations to move from their ‘Now’ to their ‘Next’ and empowering every individual along the way in the journey for a cyber-powered future.

 

 

 

Author:

 Gaurav_Shukla

Gaurav Shukla,

Partner, Deloitte India

 


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


© Copyright nasscom. All Rights Reserved.