4 minute read
Unlocking the Secrets to Cybersecurity Excellence: A Conversation with Erwin Eimers, CISO of Sumitomo Chemicals
- By Augustin Kurian
In a world increasingly interconnected by technology, cybersecurity has become a critical concern for organizations striving to protect their digital assets from everevolving cyber threats.
Erwin Eimers, the distinguished Chief Information Security Officer (CISO) of Sumitomo Chemicals, a global powerhouse in the chemicals manufacturing industry, leads the charge in this relentless battle.
With a wealth of experience in cybersecurity and a relentless commitment to fortifying digital defenses, Eimers offers invaluable insights into the cutting-edge strategies that have propelled Sumitomo Chemicals to the forefront of cyber defense.
In a candid and illuminating interview with Agustin Kurian, Chief of Cyber Express, Erwin Eimers shares the captivating journey of Sumitomo Chemicals’ cybersecurity initiatives. As the CISO responsible for overseeing cybersecurity across North and South America, Eimers offers a unique perspective on striking the delicate balance between centralized control and localized operational efficiency.
The interview reveals how Sumitomo Chemicals has effectively established global cybersecurity standards while empowering individual group companies to manage their day-today cybersecurity operations.
Global Cybersecurity Standards and Implementation:
Sumitomo Chemicals, a leading global chemicals manufacturing company, recognized the significance of cybersecurity in recent years. To address this, Eimers and his team have been focusing on establishing global cybersecurity standards over the last three to five years. These standards are designed to safeguard the company’s digital assets and protect against cyber threats effectively.
Given the diversity of locations and operations of Sumitomo’s group companies, the challenge was to strike a balance between centralized control and localized operational efficiency.
Attempting to manage cybersecurity from the headquarters in Japan for all global entities proved unfeasible due to time zone differences and limited knowledge of individual group company operations. Therefore, Eimers advocated for a regional approach to cybersecurity.
Regional Solution for Enhanced Cybersecurity:
Eimers proposed a regional cybersecurity solution that enables the application of standardized security measures across the group companies within a specific geographical region. The advantage of this approach is that it allows the regional cybersecurity team, consisting of experts with specialized knowledge and certifications, to assist in setting up cybersecurity programs for the group companies.
This regional cybersecurity team ensures the implementation of global cybersecurity standards, offers training, and helps establish operational procedures tailored to each group company’s specific needs. While the regional team provides guidance, the daily operations and management of cybersecurity systems remain the responsibility of the individual group companies.
Next-Gen Solutions and AI-Driven Tools:
To cope with the growing complexity of cyber threats, Sumitomo Chemicals turned to Next-Generation Solutions powered by AI-driven tools. These advanced tools, such as CrowdStrike and Proofpoint, are designed to be relatively easy to manage on a day-to-day basis and offer excellent protection against cyberattacks.
One key factor in selecting cybersecurity tools is their integration capability. The tools need to seamlessly integrate with the company’s Security Information and Event Management (SIEM) system, which has been outsourced to a third-party SOC (Security Operations Center) and SIM (Security Information Management) provider. Integration ensures that all security-related information flows into the central SIEM, allowing for comprehensive monitoring and analysis of potential threats.
The Importance of User Interface and Accessibility:
Eimers emphasizes the significance of user-friendly interfaces for cybersecurity tools. Since not all users are cybersecurity experts, it is essential that the tools be easily understandable and accessible to a broader audience, including IT personnel who may not have specialized cybersecurity knowledge.
A Critical Checklist for Cybersecurity Tool Selection:
When choosing cybersecurity tools, Eimers and his team follow a checklist of essential criteria. The selected tools must be compatible with the existing SIEM infrastructure, allowing smooth integration. Additionally, the tools are rigorously tested to ensure they can effectively detect and prevent the types of cyberattacks that have previously targeted the company.
Preparing the CEO and the Board for Cybersecurity Discussions:
Eimers believes that effective communication is key to engaging CEOs and board members in discussions about cybersecurity. To bridge the knowledge gap, CISOs and cybersecurity professionals must articulate cybersecurity concepts in language that is easily understandable by non-experts.
By focusing on the tangible impact of cybersecurity on business operations and emphasizing risk management, CISOs can drive productive cybersecurity discussions at the board level. Raising awareness about the potential consequences of cyber threats and showcasing the company’s proactive approach to security can further strengthen cybersecurity initiatives.
Overcoming Obstacles in Selling Cybersecurity Solutions:
Eimers emphasizes that one of the most challenging aspects of cybersecurity implementation is convincing CEOs that it is a necessary investment rather than an unnecessary overhead cost. To tackle this issue, he advises using reallife examples of cyber incidents reported in the news and highlighting how the company’s cybersecurity measures have successfully protected against similar threats. By connecting cybersecurity measures to tangible results, CISOs can effectively demonstrate the value of their solutions.
Furthermore, Eimers utilizes metrics to showcase the effectiveness of the cybersecurity tools in place. For instance, using tools like Proofpoint, he can present statistics on the number of filtered emails based on reputation and other factors, demonstrating how many potential threats were successfully intercepted before reaching the inbox. Additionally, Eimers employs purple teaming, where simulated attack scenarios are run, to showcase the potential damage that a single click on a phishing link can cause, reinforcing the importance of cybersecurity training for employees.
Training vs. Privileged Access Management:
When faced with the choice between investing in cybersecurity training for employees or privileged access management, Eimers advocates for prioritizing training. He believes that educating employees about cybersecurity threats and encouraging them to be more aware of potential risks can have a more significant impact in preventing security breaches. While acknowledging the importance of both aspects, he emphasizes that a well-trained workforce can significantly reduce the likelihood of successful cyberattacks.
AI and the Future of Cybersecurity:
The conversation then shifts towards the role of AI in the cybersecurity industry. Eimers acknowledges that while many tools claim to be AI-driven, true AI-powered solutions are those that leverage self-learning and unsupervised learning techniques. For example, AI can be effectively applied in email security solutions, where it can continuously learn from telemetry data to minimize the need for manual tuning and intervention.
However, Eimers sees the real potential of AI lies in natural language processing (NLP). As security operations centers (SOCs) and employees face an overwhelming amount of reports and alerts, NLP can help filter out noise and summarize relevant information. By using NLP to analyze and condense various reports, SOC teams can focus on the critical incidents and respond more efficiently to genuine threats.
