Compliance issues, cyber crimes driving firms to manage risks

May 19, 2012 03:29 IST

Having started with a seven-member team to protect the designs of Scorpio ? the sports utility vehicle from Mahindra & Mahindra ? the Mahindra Special Services Group has expanded to offer data protection, fraud management and physical security services to over 200 clients. Today, the company has 160 employees, around 40% from the armed forces, with offices in Delhi, Bhatinda, Bangalore and Hyderabad. A spurt in scams, cyber crimes, information loss and regulatory compliance are driving more companies to manage their risks better, says the unlisted company?s chief executive Dinesh Pillai in an interview with Debabrata Das and MG Arun. Excerpts:

What was the thinking behind the setting up of the Mahindra Special Services Group?

The company was actually set up because, at that time, M&M was working on the design of Scorpio. We had a lot of competition; so, we were set up to protect its design from the competition. Scorpio?s launch was a big success and, once that project was over, there was a thinking in the group as to why not become a commercial set-up and offer services to other clients. When we started, it was just to protect the intellectual property rights of M&M, but even that was a revolutionary idea at that time.

What drove you to diversifying into newer business segments?

In 2002, we had a small team of seven people and we decided to go out and approach clients. Initially, it was very difficult to sell our services. Since then, though, we have worked with over 200 clients. We have diversified from managing information risk to business risk. To protect information, the key is to figure out what one needs to protect. We came out with a model wherein we started looking at the business process to find out the faults in that process. We set up a framework where if anyone creates information, one can figure out whether it needs to be protected and till what level. It took some time for people to realise that the process to protect yourself against risk is more important than the technology needed to do so.

How difficult was it to attract clients in the early days, considering that the concept was new?

We have grown purely by referencing. In a risk-protection environment, there are three things, which are very difficult for the client to understand. One is ?Do I really need this??; second, ?What is going to be the return on investment??; and finally, ?Is it going to change our organisation??. Now, most of the clients we approached had already done this. They had put in a lot of money already. So, we asked them if it is really working and whether they knew it was working. Their answer was based on audit reports. But audit reports check whether the systems are in place, not whether they are functioning efficiently. So, we had to convince our clients about the gaps in these audit reports and show them the flaws in their risk protection processes.

What has been the trigger for organisations to go in for risk protection?

I think, generally, the awareness of people in the industry has improved. The trigger for that is the numerous scams, cyber crimes and reported information loss of various companies. To a great extent, it has also been triggered by the 26/11 terror attacks from a physical point of view. The compliance is also becoming stricter. Some companies are doing it for compliance purposes, others to stay ahead of the flock.

Which are the key industries keen on adopting such methods?

From my clientele, manufacturing and R&D is the top, pharmaceutical companies come second. IT companies come in the bottom five, but it is mostly because they believe that information for a software they are developing is very hard to be leaked. But having said that, we still work with a lot of top IT companies. We are also looking to move our business in three verticals ? information protection, fraud management system and physical security.

What suits you better? Making your own equipment or sourcing from third parties?

We keep ourselves technology neutral. But if it comes to a point where we have to do a build-operate-transfer model, we might get into JVs with some technology vendors. We are bidding for a couple of projects for steel cities and ports. We will provide the design for the equipment that is needed to the original equipment manufacturers (OEMs). We are talking to a lot of multinational OEMs. In the next five years, it is going to be how to manage the clients’ requirements in a cost-effective manner. It is not going to be only consulting.

What are the challenges in this business and your plans for the future?

The challenge is how to stay ahead of competition. We are doing the groundwork for new services related to R&D and pharmaceuticals, which should be ready in the next six months. We are spreading into different geographies overseas too. We are looking at four new areas this year, which will drive our business for the next 3-4 years.

Get Live Share Market updates, Stock Market Quotes, and the latest India News and business news on Financial Express. Download the Financial Express App for the latest finance news. .

This article was first uploaded on May nineteen, twenty twelve, at twenty-nine minutes past three in the night.