1. Describe a way that you help any organisation understand the value of cybersecurity?
Take a risk-optimisation approach in maximising business benefits while optimising resources and risk. Cybersecurity is essentially a risk game. Hence, the alignment between the optimisation of enterprise risk and the optimisation of IT risk is essential. Cybersecurity is of greatest value when it allows the business to meet its risk appetite while achieving its business goals using the optimal amount of resources.
2. In what ways have you noticed a fundamental shift towards cybersecurity within any organisation? Can you give me an example?
Over the last few months, there had been quite a number of third-party or supply chain breaches. The fundamental shift towards cybersecurity is the growing awareness that protecting our own enterprise is not enough and this protection has to be extended to your third-party or even fourth-party supply chain. In a world affected by the pandemic, increased cloud adoption increases the reliance on cloud service providers down the supply chain.
3. What strategies do you employ to keep current in a technological environment which is rapidly changing and developing?
It is not just about technology, but also processes and people. Join a community of practice such as an ISACA chapter or an ISAC for the collective source of intelligence. In this dynamic environment where the threat landscape can fluctuate on a daily basis, having timely intelligence and knowledge allows threats and incidents to be timely addressed before they snowball into a catastrophe of significant business impact.
4. How do you determine what technology to invest in and how can you stay current with all the changes?
As shared earlier, it all starts off with the adoption of a risk-based approach such as that encompassed in the COBIT risk management framework, and that entails threat modelling as part of risk identification process. Relying on a threat modelling approach that utilises the MITRE ATT&CK framework is one of the good ways to determine which technologies are complements and which are overlaps against specific techniques. It makes sense to optimise technologies to maximise coverage of the tactics, techniques and procedures.
5. When it comes to recruitment what approach to take to track and keep the best? What do you feel they value?
When it comes to the recruitment of cybersecurity professionals, it is best when there is alignment between the employee’s aspirations with the company’s goals. Keeping the best meant keeping the employee continually challenged enough, where the employee is developed in his mindset, skillsets and so long as everyone speaks the same risk language, and the RACI is clear, then the company would be able to track and keep the best because the employee will feel valued.