GO PHISH
work , whether it ’ s books , podcasts and so on , so I try to disconnect from the genre regularly . Normally I do that by exercising and spending time with the family , but recently I ’ ve discovered a newfound love of outdoor cooking . I ’ ve set myself the challenge of trying to cook Christmas dinner outside too , including the turkey and all the trimmings .
If you could go back and change one career decision what would it be ?
I would have embraced Linux earlier on in my career if I could go back . I came out of university , which was predominantly a Windows-focused experience , and got a job mainly working with a Windows platform . I just became a Windows guy . The world is now moving away from graphical interfaces and toward Linux .
I ’ d also take the opportunity to do more research , as it ’ s important to understand the bigger picture . Experience has taught me that having only a little bit of knowledge can be dangerous and potentially even have a negative impact on programmes and products , causing delays or being a blocker .
What do you currently identify as the major areas of investment in the cybersecurity industry ?
Motives and methods of execution change regularly , but identity is still what ’ s being compromised in most attacks .
Threat actors continue to use access and entitlements to extort their victims , whether it ’ s by stealing data or money , shutting down services , conducting hacktivism or targeting nation-states .
Are there any differences in the way cybersecurity challenges need to be tackled in the different regions ?
At a high level , some would say a risk is a risk . Tactics , techniques and procedures often don ’ t vary hugely across regions for that reason .
But cybersecurity isn ’ t just about technology , it ’ s about enabling the business . Culture also plays a huge role and CISOs need to change their approaches accordingly .
A coaching-based method of management , where you give your team autonomy to learn new skills while advising them on how to navigate certain situations , is crucial .
I ’ ve discovered a newfound love of outdoor cooking . I ’ ve set myself the challenge of trying to cook Christmas dinner outside too , including the turkey and all the trimmings .
What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months ?
It might seem cliché , but we have to address the elephant in the room : the pandemic . Teams could no longer just knock on the door to solve an issue and user demands have changed as a result . IT and security used to be central , monolithic beasts . Pretty much everything went through them . Now workers can take a work credit card to sign up to a new online platform or service , for example , which stores cyber-related data that immediately becomes vulnerable .
What advice would you offer somebody aspiring to obtain a C-level position in the security industry ?
Boards need to think of the bigger picture above and beyond cyber-risk , including unexpected natural phenomena like COVID-19 . Security may be vital , but it ’ s just one risk factor a board has to monitor . You also need to know how best to approach the business to succeed . Move away from the doomsayer mindset of ‘ if we don ’ t do this , a breach could happen ’ and talk in relatable terms for the business . Communication is hugely important and to move up the chain , you need to talk like a business person . u
72 www . intelligentciso . com