GO phish
the next 12 months . With Digital Transformation , hybrid cloud platforms and application development teams driving this explosion it is imperative that organisations across the region gain a view and build a plan for how they will manage these unsecured processes that are by nature privileged and have access to critical data . My team is helping a number of banks , telcos and government departments prepare for this .
How do you deal with stress and unwind outside the office ?
Working in cyber is like surfing a wave and I use the same analogy for stress . Its fun to be on the edge but you must stay on the board , focus and surf the wave to the beach without letting the wave go over you . Rather than letting it feel negative I channel it to positive energy to drive through and overcome challenges . There is no better way to do this than spending time with my family and friends : they are my lighthouse that steers me into shore .
If you could go back and change one career decision , what would it be ?
I really would not , I am a big believer in no regrets and no wrong turns . Even in the most challenging times in my life and career when I question this philosophy it has always proven true – those experiences help shape us , build resilience and are a platform for advancing to the next level of performance . Of course , it goes without saying that I wish I ’ d been in a rock band and stuck at learning the drums when I was a teenager !
What do you currently identify as the major areas of investment in the cybersecurity industry ?
I am a big fan of Ponemon ’ s Cost of a Data Breach study which comes out annually with keen insights globally but also for the Middle East region . This year the average cost of a data breach for the Middle East rose to second spot behind the US to US $ 8.75m per breach but also showed that US $ 2.22m is the average cost saved if you invested in AI and automation to help defend and reduce the time to detect . This reflects the conversations I have with our clients who are looking to see how they can use AI to empower their teams , relieve some of their workload away from manual and intensive tasks and focus instead on proactive defence . It ’ s no surprise to me that investments in identity are in the fourth highest investment priority with 42 % of CISOs focusing upon this area – if you can secure any type of identity , at any place and any time you give yourself the best chance of preventing privileged access from being escalated and causing a major breach .
Are there any differences in the way cybersecurity challenges need to be tackled in the different regions ?
Ultimately no . This is a battle and the main goal is to ensure that your teams are trained to proactively defend against the evolving threats whilst you continue the journey to raising your overall security posture through governance , skills and technology . Local market policies and regulations can then determine how you build this strong foundation and can then decide upon the delivery model . Across industries however the threat type can change drastically – operational technology gaps in critical national infrastructure , personal data within governments , machine secrets within cloud-based start-ups and transaction and fraud across banking all need specific approaches and prioritisation .
What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months ?
The last year has been a real ride , it started by building out our channel model across META and finished with leadership across our Middle East business . I think the major change has been transitioning from the focus on CyberArk pioneering the privileged access management market and , in recent years , building out our capabilities and driving the identity security market and in fact becoming the region ’ s only holistic identity security platform . With this change comes a total expansion of our capability and the value our clients can extract – we can now look at reducing cyber debt , consolidating platforms , providing greater visibility and automating operations across the identity space and it ’ s had a fantastic reaction since the launch of our SaaS platform in April .
What advice would you offer somebody aspiring to obtain a C-level position in the security industry ?
Stay humble , stay focused , stay enthusiastic , stay hungry to learn and stay authentic . Never make enemies and cultivate friends . Always do the first task for someone quickly and with quality . Always meet with someone for the first time face to face . Expect to fail many more times than you succeed . Apply the 80 / 20 rule to your time management and work priorities . Surround yourself with positivity and a solid foundation of family and friends . Oh …. and forget the imposter syndrome tapping you on the shoulder everyday !
72 WWW . INTELLIGENTCISO . COM