GO PHISH
lens to technology hubs in the cloud , anywhere , anytime .
We ’ ve arrived at a juncture in cybersecurity , where the risks of compromise are at their highest ever . The element of secure coding goes hand-in-hand with the proliferation of IoT and the industry has a core responsibility to adopt frameworks and practices that focus on ‘ security first ’, as opposed to the ‘ consumption economics ’ commerce-focused world we ’ re largely operating in .
Breaches have largely been enabled at a technical level by poor coding practices and therefore , the industry focus on continuous testing needs to maintain its momentum . Vendors in this space need to accelerate their rate of innovation to help businesses better navigate the great cybersecurity minefield .
How do you deal with stress and unwind outside the office ?
I have far too restless a mind to unwind in the traditional sense of the word . When I do get some spare time , I moonlight on the NHS frontlines as part of South East Coast Ambulance NHS Trust , providing emergency care to those in their hour of need . Beyond that , I also coach martial arts , which has been a passion of mine for 25 years now . I have also recently taken up rugby coaching in the community to ensure I ’ m giving back . All that said , however , if I could only do one thing as a de-stress / unwind mechanism at all , it would be playing my trusty baby grand piano .
We ’ ve arrived at a juncture in cybersecurity , where the risks of compromise are at their highest ever .
If you could go back and change one career decision what would it be ?
Interestingly , I ’ ve always thought very long and hard about any career decision I ’ ve ever made . For the most part I ’ ve always been at peace with what I ’ ve chosen , regardless of the outcomes .
We ’ re here to learn , grow and enjoy ( as much as we can or allow ourselves to ), therefore there ’ s not a great deal I would change at all . That said , however , if I were to choose I think it would have been to learn more programming languages ( BASIC , PASCAL , ROSCOE and PYTHON is simply not cutting it in the modern industry !) and become a dab hand at things such as C , C +, HTML , JAVA and more recently , ML programming .
What do you currently identify as the major areas of investment in the cybersecurity industry ?
A greener , more sustainable world and the era of the Circular Economy is one that all manufacturers must look to invest in much more diligently in the race to maintain our planet and way of life for generations to come . That said , and taking a more ‘ current ’ topical optic , is cytotechnology in the area of data security .
The investment in automation technologies and platforms is now a huge focus . Naturally , Machine Learning ( ML ) is very exciting and we ’ re seeing some very promising investments in new algorithms that will help re-shape our world of cybersecurity operations for the better , with far wider reaching benefits across all industries .
Are there any differences in the way cybersecurity challenges need to be tackled in the different regions ?
As a global economy , we have become hyperconverged in technology availability and national infrastructure capabilities , therefore , we all face very similar challenges in operational needs and thus , our cybersecurity challenges .
Nation State activity is at an all-time high , with APT groups becoming less advanced and more persistent through automation as a result of ‘ as-a-Service ’ offerings in malware and attack campaign capabilities . The biggest challenge we face as an industry across all regions is lack of collaboration in tackling the adversary and innovating for the benefit of all corporate security endeavours .
What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months ?
The CISO role has now become an almost ‘ poisoned chalice ’ in that many are seen as only a single breach away from a career change . The cybersecurity industry hasn ’ t helped this notion at all , with many vendors coining the phrase ‘ it ’ s not a case of if but when ’ in terms of a breach scenario .
Undoubtedly , CISOs cannot ( hand on heart ) reputably state that their respective policies and initiatives will see their business avoid a breach , nor have they ever been able to . CISOs are having to deal with a rate of data acquisition never before seen in technology history .
That said , however , with such a rate of change , C-level teams are learning to adapt and automate in an impressive manner . C-level teams are innovating in cybersecurity practice , providing their respective industries with the accountability and capability , driving the best possible protection outcomes to severely limit the damage that a breach may cause .
What advice would you offer somebody aspiring to obtain a C-level position in the security industry ?
Never fail alone , learn to delegate early on . Apply a critical thinking mindset to every area of your business operations and take the time to learn your organisation ’ s ( people , process and technological ) strengths and weaknesses . u
72 Issue 31 www . intelligentciso . com
|