COVER STORY
like COVID-19 happen and your entire
workforce begins working from home
because your framework and strategy
remain the same. I had many people
reach out and ask about our security
coverage for COVID-19 now that our
employees are working from home – if
you build your strategy and base your
core controls on a known framework,
you don’t have to pivot or focus on a
new plan or new defence, you keep
monitoring your controls and ensure
they’re in place.
How would you describe the
current threat landscape and
what steps can be taken to
improve it?
I think it has changed. It’s harder to see
the traffic you’re trying to monitor and
it’s harder to find specific anomalies
that we’ve been able to look for in the
past. The challenge now is how you see
the remote network traffic, how you log
it, build notifications, and have some
comfort that you see and understand
the entire picture. The challenge is now
more difficult in many ways, but if you
base it back to the same core control
I think the market will
be quite interesting
during and after this
pandemic and there
could be a large
talent pool available
that already have the
skills we need.
requirements, then the operations are
still the same overall, but you must
increase your visibility into the traffic.
What would be the impact of
having a poor cybersecurity
posture in your industry and how
would this affect customers?
One of the main risks in this regard
would be associated with automated
threats as ‘Bad Bots’ are on the rise
right now, especially within eCommerce,
and are in use for credential stuffing
attacks that lead to account takeovers,
product sniping that block or limit
inventory, fake account creation leading
to fraud for the customer and the
company, and overall denial of service.
Without controls or products in place
for this, you’re doing a disservice to
your customers and your business.
What is Zalando doing to
help close the cyberskills
gap, if anything? Do you have
plans to invest in this area
moving forward?
Within the security market, I assume it’s
going to be much like it has been and we
will have to continue to build these skills
from within. However, I think the market
will be quite interesting during and after
this pandemic and there could be a
large talent pool available that already
have the skills we need. Regardless,
Zalando offers excellent personal
development training, resources and
budget support for training on specific
cyberskills and certifications. The
Information Security unit also budgets
52 Issue 28 | www.intelligentciso.com