Intelligent CISO Issue 53 - Page 70

GO PHISH
Cybersecurity can be deeply rewarding and high-impact when your peer executives are bought-in to the value of appropriately investing in the domain .

GO PHISH

can keep my mind occupied improving some set of skills . Above all , the best therapy for me involves getting outside in the fresh air in a natural setting . Even if I have to be on a workrelated call , just being outside connected to nature keeps my stress levels down and my focus up .
If you could go back and change one career decision what would it be ?
I started my cybersecurity career in a research context which was much more academic than practical . I wish I ’ d had hands-on practical Information Assurance experience earlier in my career , to inform my academic research focus with real-world context . The more no-kidding experience I ’ ve had deploying and configuring practical IT tools to protect a team , the more empathy for the end-user I gain and that pays big dividends when working on solutions designed to deliver practical , easy-to-use value .
What do you currently identify as the major areas of investment in the cybersecurity industry ?
Interoperable data protection standards for data encryption and policy . Today you can invest in strong identity once and take it anywhere . One of the biggest hurdles to consistent enforcement of policy across an enterprise is a scalable interoperable policy language and corresponding data standard to allow data to persist the relevant protection requirements independent of any particular app or environment .
Are there any differences in the way cybersecurity challenges need to be tackled in the different regions ?
I ’ ve noticed a shift here . Historically , organisations with different enforcement requirements – whether due to geography or to industry regulatory burdens – would implement bespoke protective regimes . However , increasingly – particularly where there are high collaboration needs across these boundaries , whether across large enterprises or governments – efforts to harmonise the mechanisms have been much more successful than trying to build purpose-specific approaches that may impede interoperability .

Cybersecurity can be deeply rewarding and high-impact when your peer executives are bought-in to the value of appropriately investing in the domain .

What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months ?
As CTO of a cybersecurity company in the data protection space , I ’ ve benefitted greatly from the increased awareness and appreciation for the approach that we ’ re taking , so while historically I ’ ve played a much more evangelical role , educating audiences ( partners and customers ) on the realm possible , I can now focus much more on practical engagements and accelerants to adoption in a better understood space .
What advice would you offer somebody aspiring to obtain a C-level position in the security industry ?
Cybersecurity can be deeply rewarding and high-impact when your peer executives are bought-in to the value of appropriately investing in the domain . Knowing how to translate these values into business outcomes can be a rarer set of skills than the hard technicals and a massive differentiator , so practicing that as a skill is deeply strategic . Correspondingly , interview your other C-suite and board to ensure baseline alignment ahead of time . u
70 www . intelligentciso . com