Intelligent CISO Issue 36 | Page 71

I ’ ve still not had one dull week in the industry . attack last year , as well as other attacks such as the Stuxnet attack on Iranian Power Plants in 2010 . Because of the complexity of corporate supply chains , it ’ s not easy to find the weak links in those chains and fix them . Secondly , cloud security is a huge topic . There are various cloud platforms such as AWS or Google Cloud , so you can be an expert in one but not the other – which can create problems and lead to security gaps . Lastly , IoT security – the number of IoT devices inside corporate networks is a very big issue . We are allowing employees to work and connect to enterprise networks from home , but what else is on their home network that could be vulnerable to attack – such as IoT www . intelligentciso . com

GO PHISH

WE ‘ GO PHISHING ’ WITH JONATHAN FISCHBEIN , CHIEF INFORMATION SECURITY OFFICER AT CHECK POINT SOFTWARE , WHO TELLS US ABOUT LIFE INSIDE AND OUTSIDE THE OFFICE .

wWhat would you describe as your most memorable achievement in the cybersecurity industry ?

After 25 years in the cybersecurity industry , I have had many memorable achievements , but I would say that successfully moving the entire Check
Point workforce to remote working securely and effectively during mid-March 2020 stands out as one of the most important ones . The thing I ’ m most proud of is that our customers and partners experienced a completely smooth transition . The very DNA of Check Point is that people need to access very critical and sensitive information , which in the past , would have been held centrally at HQ and not easily accessible . However , to enable everyone to continue to be productive during the pandemic , we were able to tweak our systems overnight and make everything accessible safely and above all , securely .
What first made you think of a career in cybersecurity ?
I first thought about it in 1999 and got my first opportunity in 2000 in the first Security Operation Centre in the Middle East . Due to my military background , I applied for it as it looked interesting and exciting , and I knew back then that there wouldn ’ t be a single predictable , boring week in cybersecurity . Luckily , 20 years later , I am pleased to say I ’ ve still not had one dull week in the industry .
What style of management philosophy do you employ with your current position ?
For me , my philosophy is that communication is key and my style is to be the ‘ good cop ’ when it comes to educating and explaining processes to customers and employees . I ’ m very communicative in my style as a CISO and I spend a lot of time explaining security policies , so people understand why we do things the way we do . About 90 % of my role is internal , and about 5 – 10 % is with customers , but whoever the audience , communication is key . People always want to hear about the ‘ war stories ’ that you ’ ve experienced in your role , which is always a good way of explaining .
What do you think is the current hot cybersecurity talking point ?
Firstly , how organisations can secure supply chains securely is an ongoing hot topic , as we ’ ve seen with the SolarWinds

I ’ ve still not had one dull week in the industry . attack last year , as well as other attacks such as the Stuxnet attack on Iranian Power Plants in 2010 . Because of the complexity of corporate supply chains , it ’ s not easy to find the weak links in those chains and fix them . Secondly , cloud security is a huge topic . There are various cloud platforms such as AWS or Google Cloud , so you can be an expert in one but not the other – which can create problems and lead to security gaps . Lastly , IoT security – the number of IoT devices inside corporate networks is a very big issue . We are allowing employees to work and connect to enterprise networks from home , but what else is on their home network that could be vulnerable to attack – such as IoT www . intelligentciso . com

71