Intelligent Data Centres Issue 13 | Page 67

DEEP DIVE my hobbies as well – I fly aeroplanes and ride motorcycles. I have been riding motorcycles for the last two decades and enjoy the scenery that Northern California and the Bay Area have to offer. And for the last few years, I have been working on and earned a private pilot’s license with instrument rating and I continue to seek new aviation ratings. If you could go back and change one career decision what would it be? I like to have a philosophy of no regrets. I may have made some decisions that might have negatively impacted my path or caused me some trouble, pain, or slowed me down in some ways, but I like where I’m at and what I’m doing now. Who’s to say that if I would have changed anything I would end up here. What do you currently identify as the major areas of investment in the cybersecurity industry? I see a lot of investment in automation, AI/ML, cloud security. Also, an understanding of the need for security www.intelligentdatacentres.com across the software development life cycle and applying the proper, tested tools. What I would like to see is more companies focusing on people and processes to build it in, rather than bolt it on. Are there any differences in the way cybersecurity challenges need to be tackled in the different regions? For me, the primary differences based on region are not so much within the cybersecurity realm, because best practices don’t vary depending on where in the world you are. However, there are differences in how you’d approach a given problem with regards to local regulations or how you communicate within a region AS A RISK MANAGEMENT PROFESSIONAL, I ENJOY MANAGING RISK IN MY HOBBIES AS WELL – I FLY AEROPLANES AND RIDE MOTORCYCLES. or across regions. For example, in the case of Aryaka with our global footprint, there are issues around licensing requirements, regulatory issues and import/export rules. What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months? Boards and organisational leadership are becoming more educated in cybersecurity requirements. Also, increasingly the role is moving from an IT problem to a business problem. The CIOs and CISOs I work with are becoming more sophisticated because of this. What advice would you offer somebody aspiring to obtain C-level position in the security industry? Try and get exposure to as many different aspects of cybersecurity as you can: network security, system administration, email security, forensics, incident response, vulnerability management, penetration testing, compliance, risk management and privacy. The field is so broad, you don’t need to know all of it; but the more you know, the easier you can address issues or hire the right people to address your issues. Also, try to think of problems and solutions from a business and risk perspective rather than a technology perspective. Stay current and, crucially, never stop learning! ◊ Issue 13 67