EY helps clients create long-term value for all stakeholders. Enabled by data and technology, our services and solutions provide trust through assurance and help clients transform, grow and operate.
At EY, our purpose is building a better working world. The insights and services we provide help to create long-term value for clients, people and society, and to build trust in the capital markets.
Rama Vedashree
Former CEO of Data Security Council of India (DSCI), Board Member for Jio Finance Ltd and Jio Payment Services Ltd.
Key takeaways
Women professionals should specialize, evangelize and empower customers about new technologies to grow in the industry.
Implementing principles to ensure the trustworthiness of AI is critical for developers, deployers, and end-users to navigate the AI landscape effectively.
The industry should adopt AI responsibly. It needs comprehensive governance frameworks to guide development, deployment, and user engagement s
In the tech industry, one needs to build continuous excitement for new technologies; it fuels our ability to evangelize and drive meaningful change.
Rama Vedashree
Former CEO of Data Security Council of India (DSCI), Board Member for Jio Finance Ltd and Jio Payment Services Ltd.
For your convenience, a full text transcript of this podcast is available on the link below:
Rama: Thank you, Sonu, and thank you to the EY team for having me on this podcast. Always a pleasure to talk to another industry friend and colleague.
Sonu: Thank you Rama for making the time for this podcast series. You ventured into the technology industry much before many others did and went on to do remarkable things during your stint. Tell us a bit about it - the key highlights of when you started out compared to today.
Rama: When we started out in the early 1990s, it was all about evangelizing the very early stages of computerization. Whether it was with CMDs or with the departmental heads of various enterprises and also with the state governments that have engaged. You had to actually demonstrate and evangelize the power of technology. We continue to do the same thing in the industry, except that the technology solutions and the transformation power of the technology keep changing.
Initially, it was all about using computers for office productivity; later it was for enterprise applications, manufacturing, resource planning. Then it (technology) came into citizen services. At least in India, many state governments led the way to adopt technology for citizen services. I have had the opportunity to work with many of them, initially in the south, a little in the west, and later in the north.
At that point in time, when the industry was very small, the role was about having early conversations with customers in India on how to leverage the technology. Later, it was all about leveraging networking. Few decades later, it became about adopting cloud.
Now, we are looking at how do we adopt the new technologies in AI or in Generative AI (GenAI). So, having conversations with customers on business benefits of technology and getting them excited at an early phase of a new technology wave, which is what our industry does, and I have had an incredible opportunity from a very early stage of computerization efforts in India, both in large enterprises and state governments.
Sonu: From the perspective of women’s representation in the technology industry, do you think where we have reached is satisfactory or more needs to be done about it? And if so, what are some of the steps that we could take at enterprise level, at government level, that you would recommend increasing the number of women in tech?
Rama: It is a great goal to have 50% women’s representation, particularly in the technology industry, which is always the sunshine sector.
We (technology industry) are way ahead of many other sectors in adopting best practices, driving inclusion, driving gender parity. We have led the way in India and globally also. There is a lot more to do, but I will not really get too bogged down by it. Over the last 10-20 years or more, women representation has increased at the entry level, at the mid-level, and at the senior level.
We do see a lot of (women) CXOs in India in the technology sector, and we are also seeing that in the user organizations or enterprises, when we look at women leaders who are C-suites - CTOs and CIOs. The representation is increasingly growing. Where we need to do more is now have a more nuanced approach about what are the roles where representation of women is less and focus on working towards that at a country level, both in terms of partnering with industry, with academia, and with government in getting more women into roles in which maybe representation is lesser. We need to dive a little deeper, rather than having a generalization about 50% women-representation. In some roles, we are already very close to 30-40%.
When I was in DSCI, we realized that in cybersecurity, the representation of women's workforce was lagging versus the overall technology industry, which is why we started the ‘Women in Security’ program. We had programs like Cyber Shiksha, and academic institutions also played a role. We need a more nuanced and deliberate approach so that in functions and disciplines, in some of the cutting-edge innovation areas, startup entrepreneurship where representation of women is less, we need to put a little more focus.
Sonu: How would a layperson understand what data security means? Please explain.
Rama: From a layman’s perspective, one is data security, and the other one is being aware about data privacy. It is about making sure that whenever you are engaging digitally on an online platform or in a mobile application, do a little more due diligence on the controls in that application, making sure that your configuration is set properly so that you can check what kind of data is being accessed, what kind of controls are there. Leverage the configuration features available in the apps or websites to stay safe.
We need to put in a little more effort in educating our end users so that they can configure their security features, privacy features effectively. The knowledge is available on social media platforms as well, but we often start using technology and applications. Even the very educated end users do so without investing a few minutes to check the configuration features. Collectively, as an industry, we need to do all we can. There is adequate security awareness thanks to all the frauds and the momentum of online payments, but we need to do a little more about privacy awareness at the end user/citizen level.
Sonu: The next time one gets that question, should one accept the cookies, or accept only limited cookies or any functional cookies? People who are encountering technology on a daily basis still do not want to understand the question that is being asked and why is it critical from a data security perspective to answer this.
Rama: This is because when somebody is throwing that question at you, we are in a tearing hurry to read what we want to read or watch what we want to watch. Usually, we accept all as that is the quicker way rather than checking what all the features are and accepting the minimum functional cookies and decline all others. We do not invest those two-three seconds, which are required to be able to do that.
Sonu: That is a very useful tip and many of our listeners will change their behavior after listening to this. You recently authored a research paper called ‘Towards Trustworthy AI.’ Also, the EU Parliament recently green-lighted the AI regulations. I wanted to understand how this development should be seen in the context of our country.
Rama: I collaborated with the policy think tank called The Dialogue. The focus of this paper is to look at trustworthy AI and do a landscape study of what is happening across countries. This includes legislative measures such as the EU Act, frameworks such as Network Information System framework, and strategy documents like the NITI Aayog AI strategy that came up two-three years back.
My team and I wanted to take a shot at studying all that is emanating from various countries, including multilateral organizations like the UN and its entities, and collate all the principles coming out of these frameworks, policies, strategy, documents, and Acts; look at the evolving typology of principles for trustworthy AI.
We came up with nine principles, but then we took a pause to understand how we can make this research relevant and useful for our users – CTOs, privacy heads, startups, or the providers. We decided to provide some guidance on how to operationalize these principles. When we say operationalize this, there is an undue focus on the provider. The provider could be a startup, big tech, or any solution provider leveraging AI. But if you look at the entire lifecycle of developing, deploying, and continuing to use AI system, there are actually three stakeholders - the developer (which is the entire provider entity), the deployer (which is hospital, bank, or state government), and the user.
The user varies. For example, for a FinTech solution, the user may not be the consumer; the user could be the workforce of a bank or a wealth management company or a lending company. In a hospital also, the end user may- be the medical professional. So, we categorized how do you operationalize it for developers, deployers, and end users.
I must confess that this is the first attempt. We are not saying we have all the answers; we need to test this operationalization in some organizations and then enhance it, tweak it, and fine tune it. We have also looked at what were the technical measures and non-technical measures, and we focused on two sectors - financial and healthcare, because that is where AI was mainstreamed for quite some time, and there is a lot of regulatory attention.
Sonu: Tell us something about a book that you have recommended The Coming Wave by Mustefa Suleiman.
Rama: If you are in the technology industry, Mr. Suleiman's book is a great read. He brings a lot of balancing perspectives rather than succumb to a lot of scaremongerings. He does bring out the perspectives of what are the safeguards that are needed and what needs to be done. And he is looking at AI as an independent, siloed technology. He is talking about a bunch of related frontier technologies together, along with AI. It does need some attention to read and absorb it. I, myself, had to reread one or two chapters to absorb learnings from this book.
Sonu Iyer: Given your illustrious career, I am sure you have had multiple highlights. Tell us about that one big high point in your career, given the industry you are in.
Rama: One of my career highlights which I still cherish was a statewide government citizen e-governance project in my home state, Andhra Pradesh. Those were the days when one was not sure whether the wide area network (WAN) link would work while giving a live public demo. We did this massive e-governance showcase with the then Chairman of Microsoft, Bill Gates, and the state’s then Chief Minister, Chandrababu Naidu. We demonstrated an e-governance solution in the presence of thousands. It was a huge risk because in those days, WAN and internet connectivity were not very predictable. Now, it is a cakewalk.
There is another example. Again, during the early days of my career at NIIT, Genting Highlands is a theme park in Kuala Lumpur, where a lot of families from all over Asia, including India, go. The park authorities were trying to use object-oriented analysis designed to create a food card, the kind we have in our malls today, where you go to buy a food card, you get a card and then you keep swiping it to buy food. They were experimenting with this in the mid-1990s. It was a very innovative solution.
Some other highlights are contributing to the cybersecurity growth journey, with DCSI partnering with the government and the industry; growth of the startup and the services ecosystem, which is now serving the world.
Sonu: Any advice that you want to give to young women who are aspiring to get into the technology industry?
Rama: Be excited about any new technology. We sometimes get very comfortable with what we are very good at and the skills that we have developed. We should continuously try to stay abreast of new technology; this is not only for women, but even others.
If you are in the tech industry, you need to continuously be excited about new technology; you need not pick up everything, but specialize in something, because we all have the responsibility to evangelize and excite our customers to deploy new technologies. For that, first we need to be excited. Once you have that, there is a lot more that even women and young women professionals can do.
Other women professionals who are in the risk (management) space or Chartered Accountancy (CA) space or legal space can also contribute to (building) trustworthy AI. There is a lot of focus on the technical part of AI, but there is a lot about the governance part of AI - Responsible AI; how do you implement those frameworks? So, be excited about technology and evangelize new technology with customers.
Sonu: Thank you, Rama. That is very inspiring. Thank you so much for this time and for this insightful talk. It was a pleasure hosting you today. That is a wrap on another episode of EY India Insights Podcast special series. Stay tuned for more inspirational conversations like the one we had today. Thank you.
If you would like to listen to our podcasts on the go: