In an exclusive conversation with CIO&Leader, Prashant Chaudhary, Area Vice President, India, Splunk, shares how his deep experience across the APAC region positions him to offer valuable insights into how Splunk’s latest innovations are tailored to meet the evolving challenges and opportunities in India’s dynamic tech landscape.
CIO&Leader: What are the biggest compliance challenges Indian enterprises are facing today, and how is Splunk helping address them?
Prashant Chaudhary: Indian enterprises, like their counterparts across the world, are navigating an increasingly complex and vigorous compliance landscape, especially with the ongoing rollout of transformative legislations like the Digital Personal Data Protection (DPDP) Act and its evolving implementation rules. We are witnessing organisations across sectors – from emerging startups to established institutions – working to operationalise compliance at scale. Combined with sector-specific regulatory frameworks such as the Reserve Bank of India’s data localisation mandates and SEBI’s Cybersecurity Resilience Framework, there’s a decisive shift towards proactive, risk-based governance that prioritises prevention over reaction. This reflects a broader global trend where governments are making digital trust and citizen data protection paramount.
The most pressing compliance challenges that we observed fall into three critical areas: fragmented data architectures, inadequate access controls, and escalating costs tied to exponential data growth.
Splunk’s recent New Rules of Data Management report highlights these gaps starkly: only 13% of organisations have unified visibility across their data ecosystem, and 57% lack robust role-based access enforcement. These deficiencies undermine the ability to detect threats, generate accurate audit trails, and meet regulatory response thresholds, particularly in highly regulated sectors like BFSI, telecom, and critical infrastructure.
At Splunk, we help organisations federate data across silos, automate compliance workflows, and boost audit readiness through a unified, AI-driven platform. Our capabilities in real-time observability, granular access management, and data lifecycle optimisation enable enterprises to reduce compliance risk while improving operational efficiency.
Put simply, we help enterprises transform compliance from a reactive obligation into a strategic, operational advantage that enables trust, transparency, and resilience at scale.
CIO&Leader: The report shows data volume and compliance as top cost drivers. How can enterprises reduce these costs without compromising on governance?
Prashant Chaudhary: Enterprises today are under data siege and cost is the first casualty. Indeed, the report reveals that 73% of enterprises cite increasing data volumes and 71% identify shifting compliance regulations as major cost drivers. These challenges are not just financial, they can stall innovation, increase operational risk, and erode resilience. However, leading organisations are demonstrating that cost control and robust governance can go hand-in-hand through more holistic data management strategies.
This path comprises first of data lifecycle management (DLM), which is arguably one of the most effective levers. By automating the classification, retention, and deletion of data, companies avoid the costs of storing redundant or outdated information, all ensuring regulatory compliance. It’s telling that 75% of surveyed enterprises have embraced DLM as a core strategy.
Second, tiered data storage, though still underutilised, can deliver significant cost savings. Enterprises that implement data tiering, where less-accessed data is stored on more economical infrastructure, report up to 50% reduction in storage costs. What’s more, the State of Observability 2024 report shows that observability leaders are 2x more likely than others to call tiering “critical” to cost control. Yet, only 36% are leveraging this approach, highlighting a significant opportunity for broader adoption.
Rather than duplicating or migrating data across systems – which increases both cost and compliance risk – data federation enables secure access to distributed datasets in place. This approach allows organisations to analyse data across locations without costly or risky movement, supporting real-time insights while enhancing compliance and governance. However, while 92% of organisations are experimenting with federation, only 20% have fully implemented it, revealing significant untapped opportunity.
At the same time, automation and AI are emerging as force multipliers. Security leaders are reporting increased efficiency through AI-driven automation of repetitive governance, classification, and detection tasks.
Therefore, it is essential that enterprises shift from reactive, fragmented data strategies to a holistic, federated, and lifecycle-aware approach. By leveraging the above-mentioned tools and embedding governance into architecture rather than layering it as an afterthought, organisations can reduce costs and streamline compliance.
CIO&Leader: What role does real-time data processing play in helping businesses stay compliant?
Prashant Chaudhary: Real-time data processing is non-negotiable in today’s compliance ecosystem. As regulatory frameworks become more dynamic and digital ecosystems more complex, the ability to monitor, analyse, and act on data as it flows has become essential for meeting compliance obligations.
To be specific, organisations with real-time data capabilities are 2.8 times faster at identifying system issues compared to their peers. This level of responsiveness is invaluable, as compliance breaches can escalate within minutes and regulatory frameworks increasingly demand prompt incident reporting and response. Real-time processing enables more accurate alerting, with 80% of alerts being meaningful for organisations that have adopted advanced observability practices. This reduces false positives, allowing security and compliance teams to focus on genuine risks.
And let’s not forget the operational dimension – Security Operations Centre (SOC) teams are often inundated by high alert volumes and hampered by data gaps, leading to delayed responses. Real-time systems allow for smarter triage and better prioritisation, which is essential when responding to compliance-sensitive incidents under regulatory timeframes. Ultimately, it is about ensuring that compliance is a built-in part of the way businesses operate.
CIO&Leader: How is Splunk enabling organisations to analyse data across environments without duplicating it?
Prashant Chaudhary: Splunk empowers organisations to gain insights from data wherever it resides – on premises, in the cloud, or at the edge – without the need to move, replicate, or duplicate it. This is critical in today’s hybrid, multi-cloud environments. Our approach centres on data federation, OpenTelemetry, and real-time telemetry pipeline management, all enabling unified visibility, strong governance, and performance at scale.
According to the same data management report, while 92% of organisations have started implementing data federation, only 20% are fully operational. Yet those that do see clear benefits – unified visibility, simplified compliance, and reduced data movement costs. Federation ensures Splunk users query data across environments as if it were centralised, while keeping it in place to maintain compliance and avoid the risks and expense associated with duplication.
Moreover, observability-led architecture drives operational efficiency. We know that downtime costs organisations millions annually with much of it linked to the inability to detect and resolve issues across fragmented systems. By enabling federated observability and real-time analytics without duplication, Splunk helps organisations mitigate these risks and cut storage and compute costs.
CIO&Leader: How should Indian enterprises rethink their data architecture to be future-ready and compliance-friendly?
Prashant Chaudhary: To be future-ready and compliance-friendly, Indian enterprises must have a data strategy in place and their data on a unified platform that connects observability, security, and governance without requiring constant data movement. These are necessary as Indian enterprises are at an inflection point with rising cyber threats that are becoming more unprecedented and sophisticated with time. RBI reports that the average cost of a data breach in India is now $2.18 million. Therefore, the question now is not whether to modernise data architecture but how quickly and strategically it can be done. We know that geopolitical fragmentation will lead to fractured data residency and usage laws. A future-ready data architecture must support dynamic policy enforcement where data can be labelled, monitored, and governed in real time, allowing flexibility without affecting business performance.
CIO&Leader: What’s the balance between automation and human oversight in AI-powered security tools?
Prashant Chaudhary: Striking the right balance between automation and human oversight is essential for effective governance. As AI becomes more embedded in security operations, the focus shifts from how to use AI to using it responsibly and effectively. Tasks like alert triage, log analysis, and anomaly detection are increasingly being automated to allow analysts to focus on higher-value work such as threat hunting and investigation.
In fact, leading organisations are embedding AI into structured workflows. 64% of top-performing organisations use AIOps extensively, and 73% report improved incident response times when security and observability are unified. Crucially, AI is being applied to surface context-rich alerts, rather than inundating teams with automation noise.
However, trust in AI remains measured – only 11% of security professionals fully trust AI for mission-critical tasks without human review, while 61% express partial trust. This emphasises the importance of a “human-in-the-loop” approach where AI augments rather than replaces decision-making.
Ultimately, the optimal balance lets AI deliver scale and speed, while human experts provide judgement, context, and ethical oversight. AI should accelerate decisions, not replace discernment.
CIO&Leader: With India’s data protection laws evolving, what should CIOs and CISOs prioritize to stay ahead?
Prashant Chaudhary: CIOs and CISOs must prioritise three strategic pillars: real-time visibility, resilient infrastructure, and a federated data strategy.
First and foremost, visibility is essential. Most organisations still struggle to correlate all or most of their data across their digital environments, making regulatory compliance harder, especially when laws require quick breach notification and tight audit trails. Leading enterprises are investing in observability frameworks that span hybrid and multi-cloud setups, enabling them to detect anomalies and compliance violations within minutes.
Security teams must also address critical gaps in compliance management, detection engineering, and DevSecOps to future-proof their defences. With stricter mandates around breach reporting, CIOs and CISOs should invest in automation and AI to close these gaps and proactively monitor for threats and regulatory infractions. India’s technology leaders must move beyond static compliance checklists. The priority is to embed observability, automate governance, and build resilience into the DNA of their tech infrastructure – making sure that an organisation achieves digital resilience without compromising on the pace of innovation.
CIO&Leader: What is Splunk’s long-term vision for India in terms of data, AI, and security?
Prashant Chaudhary: Splunk’s vision for India is to help enterprises and public sector organisations achieve digital resilience by helping them prevent major issues, resolve and bounce back quickly from threats and downtime and adapt and innovate quickly. As India’s digital economy rapidly expands – from financial platforms to smart infrastructure projects – Splunk aims to be a strategic partner, enabling organisations to harness and govern their machine data securely and intelligently, and strengthen their security posture, with the power of AI.
We envision a shift from centralised data models to federated, real-time architectures. By supporting data lifecycle management, federation, and tiering, Splunk empowers Indian organisations to manage data where it lives, reduce costs, and meet regulatory expectations around data localisation and privacy.
Globally, organisations are already realising tangible value. Lenovo uses Splunk Observability Cloud to analyse infrastructure and deliver 100% uptime during traffic spikes, while halving mean-time-to-resolution. Hyphen Group, a Southeast Asian fintech company, has accelerated its DevOps pipeline via Splunk, cutting issue resolution from hours to minutes. These are successful use cases Indian organisations can reference to help them scale and achieve their digital ambitions.
CIO&Leader: What’s your message to technology leaders navigating the dual pressures of compliance and innovation?
Prashant Chaudhary: The best leaders don’t choose between compliance and innovation, they fuse them. A great example is Singapore Airlines (SIA), which uses Splunk to gain full-stack visibility across its digital operations, enhancing both security and customer experience. With Splunk, the award-winning carrier was able to detect issues 75% faster, with 90% fewer backend issues and receive real-time insights from across disparate data sources.
What this proves is that with the right tools, compliance and innovation can go hand-in-hand. Ultimately, technology leaders need to assess whether their technology portfolio aligns with long-term goals and drive business value while maintaining overall digital resilience and compliance.