As organizations race to digitize, the convergence of technology leadership and cybersecurity has become more than strategic- it’s essential. In this exclusive conversation with CIO&Leader, Ashish Gupta, CIO and CISO of NEC Corporation India, shares how unifying these roles has helped NEC embed security into the DNA of its digital innovation.
NEC Corporation India
From AI-enabled service management to proactive threat detection and secure DevSecOps pipelines, Ashish discusses how aligning cybersecurity with business agility enables resilience, speed, and trust. His insights reflect a leadership model built on transparency, risk-based investment, and a culture where innovation and compliance go hand-in-hand.
CIO&Leader: How has the dual role of CIO and CISO aligned cybersecurity with digital innovation at NEC India?
Ashish Gupta: The CIO and CISO roles are increasingly intertwined, especially in an era where digital transformation is accelerated by AI, cloud, and connected systems. At NEC India, combining these roles has enabled a unified strategy where security is built into the foundation of digital innovation, not added later. By aligning IT architecture with proactive security frameworks, we ensure that our digital initiatives—whether in smart city deployments or enterprise applications—are resilient, scalable, and compliant from day one. This dual lens allows us to drive agility while embedding a culture of secure-by-design innovation across the enterprise.
CIO&Leader: Could you share specific examples where this synergy accelerated business outcomes?
Ashish Gupta: A prime example is our Microsoft tenant migration for over 2,500 users from Japan to the Asia Pacific region. We successfully transitioned critical infrastructure without disrupting business operations or compromising data security. Another instance is the deployment of AI-driven IT service management tools that automate ticket resolution, enhancing user experience while maintaining strict compliance protocols. These initiatives not only optimized performance but also strengthened enterprise-wide trust in our IT and security teams, accelerating NEC India’s digital readiness.
CIO&Leader: Can you walk us through a real-world use case at NEC India where AI significantly improved operational efficiency or predictive capabilities in your IT landscape?
Ashish Gupta: AI has redefined operational efficiency at NEC India. Our deployment of AI-enabled anomaly detection systems in data centers allowed real-time identification and remediation of issues without human intervention. Machine learning models predict potential hardware failures, enabling proactive maintenance and reducing downtime by over 30%. Additionally, chatbots integrated with IT service desks have transformed employee support—resolving routine queries autonomously and improving resolution times, while freeing IT teams to focus on strategic initiatives.
CIO&Leader: What lessons have you learned from deploying AI solutions across critical IT operations, and how have those shaped your technology strategy moving forward?
Ashish Gupta: One key lesson is that AI solutions must be scalable and explainable. Success isn’t just about automation—it’s about transparency and adaptability. We learned to prioritize gradual AI integration with strong governance frameworks to avoid technology fatigue. Investing in user education and change management was crucial. Moving forward, our strategy focuses on human-in-the-loop AI models, ensuring technology augments human decision-making rather than replacing it. This balance fosters innovation while maintaining accountability and trust.
CIO&Leader: Digital transformation often demands rapid execution. How do you balance speed with the need to maintain a strong and compliant security posture across the enterprise?
Ashish Gupta: Balancing speed and security is about embedding security into the DNA of transformation projects. At NEC India, we follow a DevSecOps approach where security checkpoints are integrated into every phase of development and deployment. Agile doesn’t mean ungoverned—we maintain strong compliance oversight, perform real-time vulnerability assessments, and ensure every innovation is backed by risk intelligence. By doing this, we enable rapid execution without compromising on cybersecurity.
CIO&Leader: How do you prioritize security investments during rapid digital scale-ups without slowing down innovation cycles?
Ashish Gupta: Security investments are treated as business enablers rather than cost centers. We use a risk-based prioritization model, ensuring that resources are allocated where the potential business impact is greatest. Whether it’s investing in advanced threat detection or enhancing endpoint security for a growing remote workforce, every investment is evaluated against its contribution to safeguarding innovation velocity. Strong collaboration between IT, security, and business units ensures alignment with overall growth objectives.
CIO&Leader: In your combined role, how do you cultivate a culture that encourages innovation while maintaining discipline around cybersecurity and data governance?
Ashish Gupta: Culture is pivotal. At NEC India, we promote a mindset where security is everyone’s responsibility, not just the IT department’s. We encourage innovation by creating safe spaces for experimentation, allowing teams to try new approaches without fear of punitive failure, but under a framework that mandates cybersecurity and data governance best practices. Regular awareness programs, gamified training, and leadership endorsement help ensure that innovation and compliance go hand-in-hand, fostering a resilient digital-first culture.
CIO&Leader: What leadership principles guide you when navigating conflicting demands between agility, compliance, and resilience in today’s tech environment?
Ashish Gupta: Three principles guide me: collaboration, accountability, and adaptability. Collaboration ensures all stakeholders have a seat at the table when balancing security with speed. Accountability ensures that each team owns the outcome, fostering a proactive risk management approach. Adaptability allows us to pivot in response to emerging threats or opportunities without losing strategic focus. Ultimately, the goal is to create an environment where agility enhances resilience, not compromises it.
CIO&Leader: How do you envision the future of the CIO-CISO role evolving, especially with the growing complexity of AI, data privacy regulations, and threat landscapes?
Ashish Gupta: The CIO-CISO role is evolving into a strategic orchestrator of trust and innovation. As AI-driven decision systems grow more complex and regulations like the Digital Personal Data Protection Act (DPDPA) tighten, future leaders will need to blend deep technical expertise with policy acumen. The CIO-CISO of tomorrow will not just safeguard infrastructure but will also champion ethical AI deployment, drive privacy-by-design initiatives, and foster resilient ecosystems that can anticipate and absorb shocks. Leadership will increasingly be defined by the ability to navigate complexity with clarity and purpose.