GET TO KNOW
The very first person to spark my interest in tech was my dad .
Authentication ( MFA ) or least privilege approaches , is a great leap forward to cater for that need . 2022 has seen a great number of companies running projects around Zero Trust-enabled tech across the globe , mainly because the technology has evolved in usability . The trend behind cyber-resilience is both an ideal and an attitude . You can ’ t buy it and it won ’ t be delivered by technology . For businesses , technology exists to support your processes and your ideas of how things can be done in the same way resilience can only be supported by technology , but not achieved by it .
What do you currently identify as the major areas of investment in your industry ?
With companies investing resources , time and effort into digitalising their business processes and models , this larger business trend will split information security investments into several areas :
1 . Solutions that help to reduce the hybrid attack surface , represented by the multitude of ways digital equipment is used and the user and identities on top of that . Better approaches to user awareness will also be seen in this area .
2 . Organisations will make investments to secure their supply chains and the related software bill of material to tackle that risk of a third-party compromise . That might not be an investment in technology , but it can also be a consolidation of suppliers and a streamline of the supply chain .
3 . Investment in compliance will see an uptick . The EU ’ s Cyber Resilience Act forces companies to investigate the details of how their products and services are manufactured or rendered , thus influencing points one and two .
How do you deal with stress and unwind outside of the office ?
‘ Cybersecurity and stress , never heard of ’. For a lot of people in cybersecurity , including myself , that bit of sarcasm is a good vent when dealing with some lowlevel stress . The real ways to unwind for me are either to go out with my two dogs or to be with my family talking about everything else other than digital risks and being far away from any devices . A good book or some minutes with one of my Rubik ’ s cubes also helps .
If you could go back and change one career decision , what would it be ?
There is one career decision I made many years ago which keeps nagging me whenever I recall the moment . The time spent in that position has taught me a lot and in keeping myself to that often-used phrase , I would not be where I am now without this mistake . So , the change is not so much about the career decision itself , but rather about telling my younger self to ask more questions .
What are the region-specific challenges when implementing new technologies in Europe ?
Paradoxically , the fast-evolving threat landscape makes it more difficult for IT leaders to switch from the proven solution to a visionary one , even though it seems to be more effective . They feel more confident addressing the risks in a way they are used to . This is a two-way challenge : while new , technology has to find a way to prove itself and security decision-makers need courage to implement something innovative .
For instance , there is no need to promote a privilege Privileged Access Management ( PAM ) solution as security professionals are aware of how to benefit from it . However , we educate on the visionary novault PAM approach during each Proof-of-Concept ( PoC ) to prove its efficiency in elimination of the attack surface . Organisations tend to go with the settled tech , trying to avoid mistakes . The balance between ‘ oldie but goodie ’ and innovative solutions are the biggest challenges for IT pros in Europe .
What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months ?
The last year has achieved much for cyber-resilience , the topic that has been a focus of my activity for the last five years . I ’ ve spent more much time addressing the aspects of it in discussions than in the years before , which indicates that the perception of it has changed , finally . For the next 12 months , it will continue this way , with me talking more and more about how to embed cyber-resilience into the mesh of business processes , employees and digital operations .
What advice would you offer somebody aspiring to obtain C-level position in your industry ?
Never stop learning , but don ’ t expect yourself to know everything . p
82 INTELLIGENTCIO EUROPE www . intelligentcio . com