GO PHISH
WE ‘GO PHISHING’ WITH EDWARD FRYE, CISO,
ARYAKA NETWORKS, WHO TELLS US ABOUT LIFE
INSIDE AND OUTSIDE THE OFFICE.
What would you describe as your
most memorable achievement in
the cybersecurity industry?
My most memorable achievement in
the cybersecurity industry is building
a world-class information security
management system (ISMS) from
scratch and achieving ISO 27001
certification in an unprecedented
two months. I was able to achieve
this because the organisation had
considerable momentum attained from
customer requirements and commitments.
What first made you think of a
career in cybersecurity?
As with so many in cyber, I seemed to
just fall into it. I had an initial interest in
cybersecurity during secondary school
I had an initial
interest in
cybersecurity during
secondary school
and joined the US
Air Force directly
after to become a
network engineer.
and
joined the US Air Force
directly after to become a network
engineer. From there, I officially entered
the world of cybersecurity when I
was working as a consultant and the
company at the time sent me to firewall
training, after which they changed
my title to Security Engineer. This
developed into giving me more and more
security tasks. From here, I seemed to
be getting into various different areas
of cybersecurity and at some point, I
started seeking out those different areas
in an attempt to broaden the depth and
scope of knowledge and understanding.
What style of management
philosophy do you employ with
your current position?
I try to hire really naturally smart
people and encourage independent
work from my team. I am about building
relationships and fostering open
communication to ensure the team has
the resources to perform in their roles.
I have also fully set out professional
development goals for all team
members, including myself, as part of
our
annual goals. There is
also a budget set aside which focuses
on training employees and expanding
their knowledge. This prioritises
enabling them to attend conferences
and broaden their understanding of
cyber and all that this entails.
What do you think is the current
hot cybersecurity talking point?
The problem with ‘hot cybersecurity
talking points’ is that they’re generally
buzzwords and marketing budgets. What
should be hot topics in cybersecurity
should be ‘doing all the basics, all the
time’. This means prioritising things like
knowing where all your assets are, what
data you have and who is accessing it.
Once you have these basics down and
are doing them all the time, things like
Machine Learning and threat hunting
become ideas to pursue. A lot of the
recent data breaches are caused by
someone not doing the basics, such as
misconfigured cloud storage databases,
or not patching servers in a timely
manner, etc.
www.intelligentciso.com | Issue 24
71