Intelligent CIO Kuwait Issue 5 - Page 30

CIO OPINION What do you currently identify as the major areas of investment in your industry? Micro services and API will be a major area of investment due to the capability of highly improving productivity by faster service delivery to address the business requirements. In addition to that adoption of cloud and compliance management is another area of major investment due to different dimensions of risk posed by these new innovative technologies. As new and targeted threats are consistently increasing, Artificial Intelligence and predictive analysis-based security technologies will be one major area of investment to counter the threat. What are the region specific challenges when implementing new technologies in the Middle East? As adoption of new technologies increase, this multiplies the present security threat due to lack of expertise on these new technology areas. As Zero Day vulnerabilities and targeted attacks are consistently rising, compliance authorities also increase the necessary protection benchmark to protect from these advanced attacks. Data/ cybersecurity controls and adequately securing these technologies is the main challenge for adoption of new technologies. What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months? As higher management is more technology demanding, at the same time they are more aware about the potential cybersecurity risks and support to reduce the potential issues raised because of the adoption of technology. These changes require extensive soft skills including a better way to communicate so you can talk to the business in their language and explain the risk management more efficiently. It’s also necessary to build trust between stakeholders and embedded security into the overall digital strategy of the organisation. What advice would you offer somebody aspiring to obtain a C-level position in your industry? Keep the basics right and first reduce the attack surface. Your previous experience of the security domain is not sufficient as each organisation has unique business and cultural challenges. You can help to secure the business only with an understanding of the business and this will help you to align the security with business in the most efficient way and boost the trust with stakeholders. Adopt the framework and “ CIO opinion KEEP THE BASICS RIGHT AND FIRST REDUCE THE ATTACK SURFACE. consistently measure the maturity, plan for new initiatives to increase the maturity; keep this process as businesscentric. It’s a myth that security risk can be reduced by just purchasing security products. The key is for this to enforce the proper process, procedure and secure configuration baseline. What style of management philosophy do you employ with your current position? I use a combination of a strategic and affiliative management style. Even though I motivate my team to work independently, I also adopt the example-setting management style so my team are in-sync and increase the standard of their output. Regularly providing the guidance and motivation, being part of the team and providing adequate training is crucial to build the trust in team members. In addition to that, identifying the key capabilities of the team and helping them to build further in that area helps the team to achieving great results with limited resources. Can you tell us about your communication style? During my career, I have gained technical expertise in different technical areas. Even though I have a core technical understanding, I always believe that without considering and addressing the people factor, an acceptable level of security can’t be achieved. In the early stage of my career, I got an opportunity to work with higher management and I failed to persuade them on one of the important security initiatives. After that when looking in the mirror, I realised that the issue was in my method of communication. I again worked hard and changed my communication style so non-IT people could understand. After that, I was able to explain and convince them on the same initiative. This was one of my most memorable achievements which taught me the importance of soft skills. n 30 INTELLIGENTCIO