Intelligent CISO Issue 02 | Page 82

GO PHISH source of the attack . We see ransomware and phishing as two significant attack vectors and we have seen an increase in attacks on Android platforms as a new way of entering corporate networks .
The hard truth is any organisation , in any part of the world is equally vulnerable if it does not get its security basics right .

GO PHISH source of the attack . We see ransomware and phishing as two significant attack vectors and we have seen an increase in attacks on Android platforms as a new way of entering corporate networks .

Today , deep learning is one of the many techniques needed to have complete nextgen protection .
How do you deal with stress and unwind outside the office ?
On the contrary , my work is my stress buster . I am very passionate about what I do . However , my interests beyond work are mountaineering , river rafting , following AI-based technologies and products and biocentrism .
What do you currently identify as the major areas of investment in the cybersecurity industry ?
Machine-learning technology , cloud , simulation training tools and synchronised security . If a cybersecurity vendor is not investing in these areas , they will be out of the game against continuously changing cyberthreats .
Are there any differences in the way cybersecurity challenges need to be tackled in the different regions ? ( Middle East , Africa , Europe , Americas )?
The hard truth is any organisation , in any part of the world is equally vulnerable if it does not get its security basics right . And this is the reason there are data security breaches every single day globally . Some security breaches make the front pages but many others do not . Malware and other threats that spread across networks rarely respect international boundaries . We often advise companies to follow certain best practices to reduce risks :
• Companies need to re-think the traditional approach of ‘ layered security ’ and think more about ‘ synchronised security ’
• User education is key : reduce clicks but increase reports to security team
• Recognise when your employees or customers are targeted and take protective actions
• First , encrypt the data . Enterprises should be encrypting their most critical data far more often than they do
• Ensure that any contractors , outsourcers or third-party partners take cybersecurity as seriously as you do
• Simplify . Complexity is the enemy of security . Too often complicated tools

The hard truth is any organisation , in any part of the world is equally vulnerable if it does not get its security basics right .

aren ’ t configured correctly , aren ’ t communicating with other tools or aren ’ t even deployed at all because despite all their power they are simply too complicated for mere mortals to use effectively
What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months ?
Every year there are only two major changes to my role . One is the goal that I would achieve for my company in that particular year and second is the plan , strategical and tactical , to achieve that goal .
What advice would you offer somebody aspiring to obtain c-level position in the security industry ?
The industry is constantly changing . One has to be updated and keep learning on a regular basis . There are no shortcuts . And the most important thing is to have fun along the way . u
82 Issue 02 | www . intelligentciso . com