Intelligent CISO Issue 9 - Page 72

GO PHISH How do you deal with stress and unwind outside the office? It has to be all about spending time with family. Days out, holidays, just spending time together at home – it’s definitely very important to me and that balance is a broader part of the SureCloud culture too. Still, I’m not sure I ever really switch off from the office entirely. I’m always thinking about a project that we’re working on, broader e a trends in cybersecurity, how to solv particular problem and so on. If you could go back and change one career decision what would it be? It’s tempting to say not getting into I cybersecurity sooner, but in fact are rs teste tion etra pen t bes think the those that come from more general the technology backgrounds. To find are gs thin how w kno flaws you need to . put together What do you currently identify as the major areas of investment in the cybersecurity industry? are I think remediation programmes e lleng cha a an interesting one. It’s t mos e; mor and e we’re seeing mor a have days e thes s organisation as variety of controls in place, such tion etra vulnerability scanners and pen why and erst und tests taking place, and nt. they ’re importa to But they don’t always know what by cted do with the information colle r clea a have those processes and ting strategy for isolating and remedia s ilitie erab vuln and ses knes the wea that ise real to t rtan impo It’s . find they ess cybersecurity is an ongoing proc of case a just of improvement, not implementing a series of tests and saying ‘job done’. 72 Are there any differences in the way cybersecurity challenges need to be tackled in the different regions? Middle East, Africa, Europe, Americas. Not really. At the end of the day, g ever yone is using similar operatin so and ware hard , ware soft , ems syst liers supp on. The major vendors and are international. Clearly regions vary in terms of the the attention paid to cybersecurity and But it. le tack to lable avai resources g there are plenty of ways of protectin nt; stme inve ont data without a huge upfr s tool ce sour n ope y man there are so and information-sharing forums, that to really the most important thing is on ge wled kno and s have the right skill ity mun com urity rsec cybe The hand. of is fantastically collaborative – and course, international. Now, the most common way for organisations to be targeted is far more personal. What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months? e I would say that I am working mor and closely with clients from a strategy a was I than int dpo best-practice stan used I than time less d spen I . year ago to on frontline testing – though I still . like to keep my hand in when I can ned sitio tran have I that e hop Essentially I er. lead ness busi a g bein into e mor As we continue to grow the team and expand our capabilities we will – be working on more – and bigger it’s that n mea ld projects, which shou ide ever more important for me to prov that top-level strategic advice. What advice would you offer somebody aspiring to obtain a c-level position in the security industry? t Working hard is a given. Know wha , orks netw the you’re trying to protect: you h whic of ions licat systems and app are in charge. is a And focus on continual learning; this t rtan impo it’s so e, spac mic hugely dyna g. for us to be constantly improvin get Collaborative with the community and u in. be to e spac t grea a is involved – this Issue 09 |