What do you currently identify as
the major areas of investment in
Micro services and API will be a major area
of investment due to the capability of highly
improving productivity by faster service
delivery to address the business requirements.
In addition to that adoption of cloud
and compliance management is another
area of major investment due to different
dimensions of risk posed by these new
innovative technologies. As new and targeted
threats are consistently increasing, Artificial
Intelligence and predictive analysis-based
security technologies will be one major area
of investment to counter the threat.
What are the region specific
challenges when implementing new
technologies in the Middle East?
As adoption of new technologies increase,
this multiplies the present security threat
due to lack of expertise on these new
technology areas. As Zero Day vulnerabilities
and targeted attacks are consistently
rising, compliance authorities also increase
the necessary protection benchmark to
protect from these advanced attacks. Data/
cybersecurity controls and adequately
securing these technologies is the main
challenge for adoption of new technologies.
What changes to your job role have
you seen in the last year and how do
you see these developing in the next
As higher management is more technology
demanding, at the same time they are more
aware about the potential cybersecurity
risks and support to reduce the potential
issues raised because of the adoption
of technology. These changes require
extensive soft skills including a better way
to communicate so you can talk to the
business in their language and explain
the risk management more efficiently.
It’s also necessary to build trust between
stakeholders and embedded security into the
overall digital strategy of the organisation.
What advice would you offer
somebody aspiring to obtain a
C-level position in your industry?
Keep the basics right and first reduce the
attack surface. Your previous experience
of the security domain is not sufficient as
each organisation has unique business and
cultural challenges. You can help to secure
the business only with an understanding
of the business and this will help you to
align the security with business in the most
efficient way and boost the trust with
stakeholders. Adopt the framework and
KEEP THE BASICS
RIGHT AND FIRST
consistently measure the maturity, plan for
new initiatives to increase the maturity; keep
this process as businesscentric. It’s a myth
that security risk can be reduced by just
purchasing security products. The key is for
this to enforce the proper process, procedure
and secure configuration baseline.
What style of management
philosophy do you employ with
your current position?
I use a combination of a strategic and
affiliative management style. Even though I
motivate my team to work independently, I
also adopt the example-setting management
style so my team are in-sync and increase the
standard of their output. Regularly providing
the guidance and motivation, being part of
the team and providing adequate training is
crucial to build the trust in team members.
In addition to that, identifying the key
capabilities of the team and helping them to
build further in that area helps the team to
achieving great results with limited resources.
Can you tell us about your
During my career, I have gained technical
expertise in different technical areas.
Even though I have a core technical
understanding, I always believe that without
considering and addressing the people
factor, an acceptable level of security can’t
be achieved. In the early stage of my career,
I got an opportunity to work with higher
management and I failed to persuade them
on one of the important security initiatives.
After that when looking in the mirror, I
realised that the issue was in my method of
communication. I again worked hard and
changed my communication style so non-IT
people could understand. After that, I was
able to explain and convince them on the
same initiative. This was one of my most
memorable achievements which taught me
the importance of soft skills. n