Student Profile‹ Back to Student Spotlight Page
Senior Director , PayPal
Class of 2019
“For technology risk and cybersecurity, as with any technology solution, you need to understand the business and the challenges – both sides of the coin.”
When Radhika Bajpai (MS CRS ’19) applied to the NYU Law MS CRS program, she laid out a case study of her then-firm’s technology risk from her financial sector perspective, as she puts it, suggesting new controls for the firm’s investment management division and processes for external audits. “Now that I know what I know, courtesy of the MS CRS program,” she says, “I would write the case study differently: by starting with the regulations side rather than the controls side, then build programs to meet those requirements and leverage what’s already out there.”
Moving into Technology Risk Governance
A native of India with a master’s degree in computer science from the International Institute of Professional Studies at University of Indore, Radhika moved to New York in 2002 to lead the global roll out of Deutsche Bank’s compliance surveillance program. In 2006, she joined Goldman Sachs & Co.’s alternative investments application development team. She soon moved over to the technology risk space, where she served as the executive director of technology risk governance.
In that capacity, Radhika oversaw management of the firm’s SOX and SOC1 external audits and internal continuous risk assessment programs for the technology division. One key insight she’s gained, she explains, is that understanding the reasons behind internal controls and external audits is, if not critical to their implementation, absolutely germane to making those processes better and more efficient. The MS CRS program provides that deeper level of understanding, she points out, adding that even in the midst of the course it is already enabled her to add measurable value to her then-organization.
Understanding Business Risks and Challenges for Cybersecurity Risk Management
“The MS CRS program has helped me understand what’s driving the audits,” Radhika says. “The technical part of the curriculum is a good refresher for me, but it’s the ‘why’ part that enables me to see gaps where we need to add controls, and how adding even a few controls in the right places can consolidate overlaps and produce a greater return on investment. For technology risk and cybersecurity, as with any technology solution, you need to understand the business and the challenges – both sides of the coin.”
Because the MS CRS cohort comprises professionals from many different fields, students who have spent their careers in silos are exposed to issues and challenges they’d never contemplated, as well as those they may share. “How other domains are dealing with security issues is interesting and new to me,” Radhika says. “The way the course is structured,where you spend a lot of sessions with your team dedicated to the capstone project, really drives home the value of different perspectives.”