“Innovation in Cyber Security is not just about thinking outside the box, it is also redefining the box.”
Everyday can be a D-Day for me and I love to celebrate success, no matter how small it is!
Everyday can be a D-Day for me and I love to celebrate success, no matter how small it is!
In January Benjamin Netanyahu led discussions at the World Economic Forum at Davos and the subject was cyber security. The Israeli prime minister presented the Israeli model for development of this critical cyber capability.
First thing I do every day is check email and LinkedIn; normally on the train. I like to get this touch base out of the way before I get into the office so I can map out a plan for my day.
It appears that practice makes perfect, in the case of Israel they are a small country of only 8 million but punch above their weight when it comes to cyber security.
The cyber threats that QBE and its customers face aren’t constrained by geographical boundaries, so unfortunately I can’t be too focused on threats from a single geographic area – even if it would make my life simpler.
In the news has been the intelligence that the Russian cyber criminals have a new angle, and that is to target critical infrastructure. The good new is that the US federal government has increased the 2016 cybersecurity budget by 35%.
Cyber security has appeared in our lexicon and used everyday, what was once referred to as IT Security now is a bigger and more feared phenomena.
2016 is already here and we have it all in front of ourselves. What should we be expecting? In my crystal ball I believe that 2016 will be as turbulent and perhaps as controversial as 2015.
As I talk to CISO and Heads of IT Security there is a clear consensus that there is a shortage of cyber security professionals. It is also the case that most of the CISO are resigned to building their own talent, by growing these from internal transfers.
In a recent coffee chat with Jeff Jacobs CISO at IAG he talked about how, their team was making inroads into being ‘Secure by Design’. We reflected on how that advanced thinking re-positioned IT Security into being part of the process and not a milestone to tick.
There are privacy issues related to patients data, governmental restrictions and standards required for holding and processing patients data and sovereignty issues if the organisation is multi-national where each nation has different rules and regulations.
he most difficult part of the job of my team is to stay on top of advanced threats, associated remediation of vulnerabilities and persuade other teams to remediate the vulnerabilities prior someone else (hackers, enemies, or competitors) exploiting these potential vulnerabilities.
There is an implied warranty that if you are buying an Antivirus that you get a level of protection and updates for new threats. Conversely if you have chosen the freemium offering then you take your own chances with regards to new virus and malware risks.
Many of the big name organisations have recently boosted their security divisions by securing top ranking IT security heads.
There is never going to be enough budget funds for all the security risks that exist in any enterprise. This leaves you in a tricky and most likely precarious position that you as leader have to address.