DEEP DIVE
my hobbies as well –
I fly aeroplanes and ride
motorcycles. I have been
riding motorcycles for the
last two decades and enjoy
the scenery that Northern
California and the Bay Area
have to offer. And for the
last few years, I have been
working on and earned a
private pilot’s license with
instrument rating and I
continue to seek new
aviation ratings.
If you could go back
and change one career
decision what would it be?
I like to have a philosophy of
no regrets. I may have made
some decisions that might have
negatively impacted my path or
caused me some trouble, pain, or
slowed me down in some ways,
but I like where I’m at and what
I’m doing now. Who’s to say that
if I would have changed anything I
would end up here.
What do you currently
identify as the major
areas of investment in the
cybersecurity industry?
I see a lot of investment in automation,
AI/ML, cloud security. Also, an
understanding of the need for security
www.intelligentdatacentres.com
across the software development life cycle
and applying the proper, tested tools. What
I would like to see is more companies
focusing on people and processes to build it
in, rather than bolt it on.
Are there any differences in
the way cybersecurity
challenges need to be tackled
in the different regions?
For me, the primary differences based
on region are not so much within the
cybersecurity realm, because best
practices don’t vary depending on where
in the world you are. However, there are
differences in how you’d approach a given
problem with regards to local regulations
or how you communicate within a region
AS A RISK
MANAGEMENT
PROFESSIONAL,
I ENJOY
MANAGING RISK
IN MY HOBBIES
AS WELL – I FLY
AEROPLANES
AND RIDE
MOTORCYCLES.
or across regions. For example, in the case
of Aryaka with our global footprint, there
are issues around licensing requirements,
regulatory issues and import/export rules.
What changes to your job role
have you seen in the last year and
how do you see these developing
in the next 12 months?
Boards and organisational leadership
are becoming more educated in
cybersecurity requirements. Also,
increasingly the role is moving from an
IT problem to a business problem. The
CIOs and CISOs I work with are becoming
more sophisticated because of this.
What advice would you
offer somebody aspiring to
obtain C-level position in the
security industry?
Try and get exposure to as many different
aspects of cybersecurity as you can:
network security, system administration,
email security, forensics, incident
response, vulnerability management,
penetration testing, compliance, risk
management and privacy. The field is so
broad, you don’t need to know all of it; but
the more you know, the easier you can
address issues or hire the right people to
address your issues. Also, try to think of
problems and solutions from a business
and risk perspective rather than a
technology perspective. Stay current and,
crucially, never stop learning! ◊
Issue 13
67