Pallavi Dash Social Media Manager pallavi.dash@thecyberexpress.com
Ravi Gupta SEO Analyst ravi@thecyberexpress.com
Vittal Chowdry Design Lead vittal@thecyberexpress.com
From The Editor’s DESK
Augustin Kurian
Editor-in-Chief
Dear Readers,
The recent cyberattack on Snowflake has highlighted the complexities and vulnerabilities in supply chain relationships. Initially attributed to UNC3944, the breach was ultimately linked to the ShinyHunters group, who compromised EPAM Systems, a trusted Snowflake partner. This incident underscores the critical importance of fortifying digital defenses across all partners and vendors.
The July issue of The Cyber Express, delves into the essentials of securing the supply chain. We explore cyber insurance, compliance with regulations like GDPR and CCPA, and provide a comprehensive guide to strengthening your digital ecosystem against similar threats.
Irene Corpuz, Co-founder & Board Member of Women in Cyber Security Middle East, shares her compelling insights on the power of mentorship programs in cybersecurity.
Kaustubh Medhe, Vice President of Research and Cyber Threat Intelligence at Cyble Inc., discusses the importance of empathy in cybersecurity. His piece highlights the value of building customer trust through a humane approach to leadership.
Eng. Dina Alsalamen, VP and Head of Cyber and Information Security
Department at Bank ABC, provides a practical roadmap with her article on ten essential cybersecurity and data protection practices.
Her straightforward advice equips organizations with tools to enhance their security posture. David B. Cross, Senior Vice President and CISO at Oracle, tackles the complexities of the SaaS shared responsibility model. His insights into best practices for managing security in SaaS environments are invaluable for organizations navigating this landscape.
Chuck Brooks, President of Brooks Consulting International, explores the advancements and challenges in quantum cybersecurity. His narrative offers a thrilling glimpse into the future of this cutting-edge field. Jane Teh, SEA Cybersecurity Director at Deloitte, examines the strategic role of interim CISOs in driving cybersecurity maturity and business objectives, highlighting their importance in today’s dynamic cybersecurity landscape.
Caitlin Sarian’s journey from a cybersecurity mishap to becoming a renowned advocate is chronicled in our feature profile. Known as Cybersecurity Girl, her story is a testament to resilience and the power of turning adversity into advocacy. Prashant Warankar, CTO & CISO at Sterlington, discusses the
role of automation in IT, while Peter Marelas, Chief Architect at New Relic, explores the future of secure coding through preventive cybersecurity.
Anjali Amar, Vice President at Cloudflare, advocates for fostering inclusivity and empowering women in technology. While, Ankur Ahuja, Senior Vice President and CISO at Billtrust, explores the unique challenges and opportunities for CISOs in private equity portfolio companies, providing a nuanced look at cybersecurity in this dynamic environment.
This issue culminates with the World CyberCon 3.0 and META Awards, hosted at the grand Al Habtoor Palace in Dubai. The event was a spectacular showcase of cybersecurity excellence, recognizing the heroes who fortify our digital world.
As you read through this issue, we hope you feel the same sense of purpose and inspiration that drives our contributors.
We welcome your feedback at editorial@thecyberexpress.com
Stay Informed, Stay Secure.
Augustin Kurian
Editor-in-Chief
The Cyber Express
ADVISORY BOARD
Mohammad khaled
VP Growth and Business Transformation, Reach Digital
Dina ALSALAMEN
VP, Head of Cyber and Information Security, Bank ABC
Saeed AlShebli
Deputy Director of Digital Security, Ministry of Interior, UAE
Prashant Warankar
CTO & CISO, Sterlington PLLC
Satnam Narang
Senior Staff Research Engineer, Security Response,
Albalas CISO, ADQCC
Irene Corpuz
Co-Founder & Board Member, Women in Cyber Security Middle East
Talal
Jo Mikleus
Advisory Board Convenor, The Cyber Express
Celia Mantshiyane CISO, MTN South Africa
Lanx Goh
Senior Director & Global Head of Privacy, Prudential plc
Jennifer Cox Director for Ireland, Women in CyberSecurity (WiCyS) UK & Ireland
David B. Cross Senior Vice President and CISO, Oracle
Chuck Brooks President, Brooks Consulting International
Holly Foxcroft Head of Neurodiversity, Cyber Research and Consulting, Stott and May Consulting
Asmae E. CISRCO, HPS
Jane Teh SEA Cybersecurity Director - Risk Advisory, Public Speaker & Educator
Vice President, Research and Cyber Threat Intelligence, Cyble Inc
Pooja Shimpi Founder, SyberNow
Mel Migrino
Southeast Regional Director and Adviser, Gogolook
Mentorship: Building the Next Generation of Cybersecurity Leaders
- By Irene Corpuz
Co-Founder & Board Member, Women
in Cyber Security Middle East
Mentorship is a powerful tool for cultivating leadership skills. I can personally attest to this, as I’ve had the privilege of being mentored by some of the industry’s top professionals and being a mentor, especially young women newly entering the sector or transitioning from their previous industries.
Through mentorship, experienced leaders have imparted technical knowledge and soft skills like communication, critical thinking, and decision-making. These skills are essential for future leaders who must guide teams, make strategic decisions, and communicate effectively
with stakeholders. By nurturing these skills, mentors help prepare mentees for leadership roles, ensuring the cybersecurity field has capable leaders for the future.
Moreover, mentorship allows mentees to observe and learn from their mentors’ leadership styles and strategies. This observational learning helps mentees understand the distinctions of effective leadership, such as how to handle crises, motivate team members, and manage conflicts. As mentees progress in their careers, they can adapt and refine these strategies, developing their unique leadership approaches.
VIEWPOINT
Leadership development through mentorship also includes fostering a sense of responsibility and ethical behavior. Cybersecurity leaders must uphold high standards of integrity and moral conduct, as they are often entrusted with sensitive information and critical decision-making responsibilities.
But it’s not just about the leaders; it’s about the mentors who shape them. Mentors can model these values and guide their mentees in understanding the moral implications of their actions, thus shaping a generation of leaders who prioritize ethical considerations in their professional conduct. This is the power of mentorship in cybersecurity, and it’s a power that you, as a mentor, hold.
Inspiring Innovation
Mentorship encourages innovative thinking by exposing mentees to diverse perspectives and problemsolving approaches. Mentors can inspire their mentees to think creatively and explore new ideas, fostering an environment where innovation thrives. This innovative
mindset is crucial in cybersecurity, where novel solutions are often needed to address complex and emerging threats.
Cybersecurity innovation involves technological advancements, new strategies, and methodologies to counteract evolving cyber threats.
For instance, with their wealth of experience, mentors can share insights into past challenges and how unconventional thinking led to practical solutions.
One example is when a mentor shared a unique approach to phishing prevention that had not been widely used before.
This perspective, combined with current trends, helps mentees develop a well-rounded approach to innovation.
Furthermore, mentors can encourage mentees to pursue continuous learning and professional development. This commitment to lifelong learning is essential in cybersecurity,
where staying ahead of threats requires a constant influx of new knowledge and skills.
By promoting an innovative mindset and continuous education, mentors help mentees stay adaptable and proactive in their careers and enhance their skills and knowledge. This reciprocal learning process is a crucial benefit of mentorship, making it a rewarding experience for both parties.
Successful Mentorship Programs
Several successful mentorship programs illustrate the impact of effective mentorship in cybersecurity. These programs have helped mentees advance their careers and strengthened the cybersecurity community.
For instance, one mentorship program pairs experienced cybersecurity professionals with mentees seeking career development, certification preparation, and skill enhancement guidance.
This program has been instrumental in helping mentees gain confidence, achieve professional certifications, and secure meaningful employment opportunities in cybersecurity.
Another example is a mentorship program supporting women in cybersecurity by connecting them with experienced mentors. This program addresses the unique challenges faced by women in the industry, providing them with tailored guidance and support. The success of these mentees has not only contributed to their personal and professional growth but has also helped increase diversity and inclusion in the cybersecurity workforce. This is a testament to the power of mentorship in breaking down barriers and creating a more inclusive industry, and it’s a cause that we should all be committed to.
Best Practices
To start and maintain effective mentorship relationships, consider the following best practices:
• Define Clear Goals: Both mentors and mentees should establish clear objectives for the mentorship relationship. These goals should be specific, measurable, achievable, relevant, and time-bound (SMART). Clear goals help both parties understand the mentorship’s purpose and expected outcomes.
• Regular Communication: Consistent and open communication is critical to a successful mentorship. Regular in-person or virtual meetings allow mentors and mentees to discuss progress, address challenges, and adjust goals as needed. Effective communication builds trust and ensures both parties remain engaged and committed to the mentorship process.
• Mutual Respect: Both parties should respect each other’s time, opinions, and expertise. Mutual respect creates a positive and productive mentorship
environment where mentors and mentees feel valued and supported.
• Continuous Feedback: Providing and receiving constructive feedback helps mentors and mentees grow. Feedback should be specific, actionable, and delivered in a supportive manner. Regular feedback sessions help identify areas for improvement and celebrate successes, fostering a culture of continuous development.
• Commitment: Mentors and mentees should be committed to and take the mentorship process seriously. This commitment involves being punctual for meetings, preparing for discussions, and actively participating in mentorship activities. A strong commitment from both parties ensures that the mentorship relationship remains focused and productive.
The Future of Cybersecurity: A Collaborative Effort Call to Action
The future of cybersecurity depends on the collective effort of its community members. Professionals are encouraged to participate in mentorship programs, share their knowledge, and contribute to the field’s growth and strength.
We can build a safer and more resilient digital world by supporting each other and fostering a culture of continuous learning and collaboration.
Final Thought
The strength of the cybersecurity field lies in its community. Mentorship and knowledge sharing are beneficial and essential for building the next generation of cyber leaders.
By nurturing talent, fostering innovation, and cultivating leadership, we can ensure a robust and dynamic cybersecurity landscape for the future. Join us in this vital effort and make a lasting impact on cybersecurity.
Together, we can create a community where knowledge and expertise are shared freely, and the next generation of cyber leaders is well-equipped to tackle the challenges of tomorrow.
About Author:
Irene Corpuz is a seasoned IT leader and cyber strategist with over 30 years of experience in project management, information security, and IT operations. She is the Co-Founder and Board Member of Women in Cyber Security Middle East and serves on the Global Advisory Board of EC-Council. She holds a Master’s in IT and Business Management and multiple professional certifications.
STAYING COMPETITIVE THROUGH CYBER THEFT: HOW CHINA SECURES SHARES IN GLOBAL MARKETS
- By Ian Thornton-Trump CISO, Cyjax
“There are three ways to make a living in this business: be first, be smarter, or cheat.” So says Jeremy Irons’ CEO at the climactic meeting in financial crisis drama Margin Call. “Now, I don’t cheat.”
While we should be wary of taking moral lessons from someone who, in this fictionalised recounting, kickstarts the 2008 financial crash, there are those who do cheat to be better at business. Not a person, or a corporation, but the People’s Republic of China.
China’s domestic market is kept strong and competitive by a strategy with hacking and cybercrime as key elements. Why does it do this, and how?
Slowing Growth
China is rightly regarded as an economic powerhouse, but there are indications that growth is slowing down. In 2020, a plan was put in place to double the size of the economy in fifteen years. But the IMF estimates that China’s GDP growth will be below 4% in the coming years, well below ambitions. Other estimates put growth as low as 3%, and likely to fall to 2% by 2030.
We can see the problem by looking specifically at the property sector, which contributes around a quarter of China’s GDP. The early 2000s saw a boom following the privatisation of property, but at least 60 developers have collapsed since 2020. The most valuable real estate company in the world was ordered to liquidate in early 2024, and there are fears that others are overleveraged and may meet the same fate.
Manufacturing has also fallen. Factory activity has fallen. In 2023, the Purchasing Managers Index, a useful indicator of manufacturing activity, fell for five consecutive months, then fell again after a short rise. Consumer prices are also close to deflation.
It’s difficult to evaluate these figures, as there is no independent verification of Chinese government statistics, but the outlook is not as hoped. But with the People’s Bank of China suggesting that it will step up policy adjustments to promote a rebound in prices, it’s safe to assume that not all is going to plan.
There are other challenges: unemployment figures are high, at least until June 2023, when publication ceased. Jobs for university graduates are scarce, and salaries are down. There is also a demographic problem in the offing, with low
birth rates despite the abolishment of the One Child Policy in 2015. China is faced with a problem many countries are facing—an ageing population supported by a declining workforce.
In short: the Chinese economy is struggling. But that isn’t holding back its sophistication when it comes to cyber espionage.
The Secret Ingredient is Cybercrime
China has used cyber capabilities to further its interests since at least 2006. In the popular imagination, this is used to “disrupt the west”, and there is some truth in this. For example, it was reported last year that hackers had infiltrated water utilities, oil pipelines, and ports.
These attacks were, according to some, state-backed Chinese hackers targeting US critical infrastructure in order to lay the technical groundwork for the disruption of communications between the US and Asia during future crises.
But there is more to these hacking attempts than disruption. It’s often about information, specifically business information that can help support the Chinese economy. There have been several high profile examples of this type of attack linked to China.
Operation Soft Cell targets internet-facing Microsoft Exchange servers, particularly in the telecoms, financial, and government sectors in an attempt to steal information. Sandman delivers malware in an attempt to subvert systems. VoltTyphoon in particular targets organisations with the intent of gathering information.
China’s approach to cybercrime is not just to disrupt, but to steal information that can further its economic interests. It is pursuing a strategy of extracting technologies from Western Companies, which it can then put to use.
This is backed up by creating a protected domestic market—by using subsidies and nontariff barriers to build national leaders, China has an advantage as it competes globally.
The control of businesses in China is highly regulated, making it difficult for foreigners to control businesses or for foreign-owned businesses to operate within the country.
This protectionism could easily mean that Chinese businesses would find it difficult to be competitive in an international market, but the use of cybercrime to steal information helps to redress the balance.
Expect More of The Same
According to security think tank CSIS, China has carried out a twenty-year campaign of cyber and non-cyber espionage, the result described by General Keith Alexander as a theft of industrial information and intellectual property through cyber espionage which constitutes the “greatest transfer of wealth in history.”
The head of the Australian Security Intelligence Organisation has described China’s approach to cyber espionage as “well beyond traditional espionage and…the most sustained, scaled and sophisticated theft of intellectual property and acquisition of expertise that is unprecedented in human history”.
China’s current economic woes are only likely to make the problem worse.
As growth targets are missed and deflation becomes a real possibility, it’s very likely that we will see official policies that will aim to address the problem—along with an increase in sanctioned but unofficial cyber espionage.
This year, we’re likely to see disruptive activity from Chinaaffiliated threat groups, especially with so many elections taking place across the globe. Nation states will continue to test their cyber capabilities for disruption just as they test other defensive capabilities.
But China’s cybercrime programme will continue to have another aim, embracing espionage to support a growth economy, while also developing market-based economies in Africa and South America.
About Author:
Ian Thornton-Trump CD is the CISO at Cyjax, with 25 years of IT security experience. A former Military Intelligence Officer and RCMP Criminal Intelligence Analyst, he now advises on cybersecurity for various sectors. Ian specializes in security operations, vCISO roles, and cyber threat intelligence for businesses of all sizes.
The Empathetic CISO: Building Customer Trust with Cybersecurity
- By Kaustubh Medhe Vice President, Research and Cyber Threat Intelligence, Cyble Inc.
Empathy is not a trait that generally comes to mind when thinking about a typical persona of a Chief Information Security Officer.
Traditionally, boards and executive management have leaned towards prioritizing knowledge and technical
acumen, operational experience and delivery, decisiveness, critical and analytical thinking and a risk and compliance mindset, while making a CISO hire.
While this approach may have served a company well in the past,
times have changed. Unlike the past, where cybersecurity was mostly an internal operations function, CISOs of today must be adept at managing a complex web of internal and external pressures and be willing to operate out of their zone to support the business.
These pressures have come from living in an era were
• Cybersecurity talent is in short supply, employee burn out is a reality and security staff turn-over is at record highs.
• Average consumers are becoming extremely well informed through social media and keep a tab on every little development, feature or incident related to their companies of interest; they have become more demanding and expect transparency and accountability from organizations.
• The media has increasingly adopted an activist stance, amplifying nearly every minor security lapse, subjecting companies to intense scrutiny.
• Regulators have hardened their approach, imposing stringent compliance requirements and tough penalties for data breaches.
• A single cybersecurity breach has the potential to cause material damage to a company’s business and reputation.
According to a global security research report published by Fastly, businesses reported an average revenue loss of 10% due to cyber-attacks in the past year and on average, businesses take about 8 months to recover customer trust after experiencing a successful cyber-attack.
To thrive and succeed in such an environment and keep their companies out of bad press, CISOs need to adopt a more empathetic approach - one that prioritizes
security and privacy concerns of consumers, meets the transparency and ethics related expectations of all the stakeholders and also looks after employee well-being.
To incorporate empathy in their approach, CISOs need to focus on the following key principles:
Building Trust with Transparent Communication:
A CISOs mettle is tested during a publicized cybersecurity incident or a data breach. Immediate, continuous and transparent communication is crucial as it helps maintain trust with customers, employees and stakeholders by demonstrating that the organization is taking the incident seriously and is committed to resolving the problem expeditiously.
Timely and transparent communication with all interested parties (including regulators) also reduces the chances of disinformation, panic amongst the affected entities, helps alleviate uncertainty and elevates the perception of the organization as being accountable and integrity driven, which are essential for safeguarding business reputation.
A good example of this principle in action is the attack on Twilio in 2022. This attack involved a sophisticated social engineering campaign where attackers sent phishing messages to employees, impersonating trusted sources. The messages contained links to fake websites that captured employee login credentials. Once the attackers obtained these credentials, they accessed Twilio’s internal systems and customer data.
Twilio chose to publish a live blog post about the social engineering attack in August 2022 and continued to post updates to it till the final resolution of the incident in October 2022, which demonstrates the transparency and openness by detailing the incident, its impact, and their response efforts.
They promptly acknowledged the breach, explained how it occurred, and described steps taken to mitigate the damage. Twilio provided regular updates, engaged with affected customers, and shared lessons learned and improvements made to prevent future incidents. This thorough communication helped build trust and showed Twilio’s commitment to security and accountability.
Implementing Customer Centric Security and Privacy Measures
A powerful way that product CISOs can enhance trust for their business through cybersecurity is by ensuring that security and privacy requirements of users are baked in the functional specifications of the product and then working closely with product engineering teams to help test and attest these features before launch. CISOs can play the role of a trusted advisor and the voice of the customer while advocating for their security and privacy.
Apple has really differentiated its product and service offerings by making user security and privacy as a primary value proposition. With its recently launched Private Cloud Compute (PCC), a new cloud intelligence system designed for private AI processing.
Apple promises to extend the security and privacy
features of Apple devices into the cloud, ensuring that personal user data remains inaccessible to anyone, including Apple itself. This system is built with custom Apple silicon and a specialized operating system tailored for privacy and AI workloads.
Apple has introduced several measures such as
• Stateless computation that ensures data is not retained after processing.
• There are no interfaces that allow bypassing of privacy guarantees, even for Apple’s staff.
Allowing security researchers to verify the system’s guarantees, with Apple providing access to software images and tools for inspection.
Another example is that of CloudFlare.
Cloudflare has set an example of prioritizing customer security through the launch of several key security features such as free unmetered DDOS mitigation, free Web Application Firewall protection and even post quantum cryptography security features for all its customers.
On the other hand, Microsoft faced a lot of flak after they announced the launch of the Recall feature that was designed for Copilot+ PCs. While the feature was aimed to be a helpful tool using AI to search a PC for things a user had seen previously by taking periodic screenshots of users onscreen activity; the constant recording of screen activity was seen as a major privacy intrusion.
Security researchers raised concerns that the collected data, if not properly secured, could be vulnerable to malware or hacking attempts. Microsoft’s initial intention to keep the feature “ON” by default, raised further concerns as being seen as way to take advantage of user naivete. This led to a huge backlash in the media social media platforms compelling Microsoft to publicly announce security measures to quell the backlash.
While Microsoft scrambled and made specific product changes such as:
Making the Recall feature as “ opt-in”, requiring user activation instead of being on by default and
• Implementing “just-in-time” decryption and proof of presence requirements to access Recall data.
Its initial actions put them in bad light and raised questions about the effectiveness of their internal governance processes and led customers to question their motives and intent. Such actions erode customer trust and CISOs should strive to ensure that they do not see the light of the day without a security review.
Prioritizing Employee Well-Being
The exponential increase in cyber-attacks, coupled with the expectation from cybersecurity incident responders for being in an “always on” mode, alert fatigue, and an ever-increasing compliance burden is putting the cybersecurity workforce under tremendous stress.
According to a survey published by Gartner in 2023, approximately 45%
of information security professionals were considering quitting the profession within 5 years due to workplace related issues.
Chief Information Security Officers that do not address these mental health issues will struggle to retain or motivate their cybersecurity talent and as a result end up increasing the risk of a cybersecurity failure for their business and their customers.
There are a few key initiatives CISOs can drive to address these issues:
1. Advocating for adequate staffing – If the teams feel that the assigned work is disproportionately high as compared to their available capacity, they will experience burn out and fatigue and a dip
in their motivation, so having the right sized team and the necessary budget approvals are crucial to employee health and well-being.
2. Allocating official time and budgets for skill enhancement – Cybersecurity is a dynamic and a complex field with new threats, technologies and vulnerabilities. Most cybersecurity staff are hard pressed for time due to work pressure and rarely able to
undertake any meaningful self-development or upskilling projects to keep pace with the evolving field. Investment in new skill and knowledge is vital to the security of the organization, and not just their own personal career growth. CISOs should recognize this need and seek management support for adequate time and budget allocation to provide ample skill development opportunities for the team.
3. Providing visibility and credit for the team’s cybersecurity achievements – Most organizations have unsung heroes in the cybersecurity team – their work is instrumental securing the company business, but often invisible to the top
management. There is a general practice to celebrate an increase in revenues, profits and sales achievements of individuals in a company; but rarely is the work of an application security engineer in finding and fixing a critical vulnerability or a cyber incident responder’s presence of mind in neutralizing a high severity breach, recognized and celebrated in office all-hands calls. This needs to change and CISOs have an opportunity and an obligation to demonstrate the value of the cybersecurity team to the business and thus improve employee well being.
Implementing these measures and then bringing them into public view will help customers understand the commitment and seriousness of the
organization towards securing their information. This will in turn help in elevating the level of trust that customers have in the organization.
As our cybersecurity landscape continues to evolve in sophistication, empathy will become a “must have” personality trait for CISOs.
By adopting transparent communication, implementing customer-centric security measures, and prioritizing employee well-being, empathetic CISOs can build trust with stakeholders and enhance their organization’s resilience thus becoming a key enabler for the business.
About Author:
Kaustubh Medhe is a Cybersecurity and Privacy leader known for driving operational excellence and innovation. With a passion for leading diverse teams and managing complex projects, Kaustubh excels in strategic program execution and customer success. An empathetic communicator, he consistently delivers results in dynamic environments with a client-centric approach.
10 Essential Practices for Cybersecurity and Data Protection
- By Eng. Dina Alsalamen VP, Head of Cyber and Information Security Department at Bank ABC
In today’s digital landscape, ensuring the security of your personal and organizational data is more critical than ever. From financial information to sensitive business data, the threats posed by cybercriminals are diverse and ever evolving. To mitigate these risks, it’s essential to adopt proactive cybersecurity measures and adhere to best practices for data protection.
DEFENSE
1. Strong Password Management: One of the foundational pillars of cybersecurity is using strong, unique passwords for each online account. Avoid using easily guessable passwords and consider employing a reputable password manager to generate and store complex passwords securely.
2. Enable Two-Factor Authentication (2FA): Two-factor authentication adds an extra layer of security by requiring users to provide two forms of verification before accessing an account. Whether it’s through SMS codes, authenticator apps, or biometric authentication, 2FA significantly reduces the risk of unauthorized access.
3. Regular Software Updates: Software updates often contain patches for known vulnerabilities, making them a crucial component of cybersecurity hygiene. Ensure that all devices and applications are regularly updated to protect against potential exploits and security flaws.
4. Data Encryption: Encrypting sensitive data both at rest and in transit helps safeguard it from unauthorized access. Utilize encryption protocols such as SSL/ TLS for securing communications over the internet and implement encryption tools to protect stored data from prying eyes.
5. Vigilance Against Phishing Attacks: Phishing remains one of the most common and effective tactics used by cybercriminals to trick individuals into divulging sensitive information. Be cautious of unsolicited emails, messages, and links, and educate yourself and your team on how to recognize and avoid phishing attempts.
6. Secure Device Management: From smartphones to laptops, ensuring the security of all devices is paramount in today’s interconnected world. Implement robust security measures such as
antivirus software, firewalls, and device encryption to protect against malware and unauthorized access.
7. Regular Data Backups: In the event of a cybersecurity incident or data breach, having up-to-date backups can be a lifesaver. Establish a routine backup schedule for critical data and store backups securely, preferably in an offsite location or on a separate network.
8. Employee Training and Awareness: Human error remains a significant factor in many cybersecurity breaches. Provide comprehensive training to employees on cybersecurity best practices, including how to spot potential threats, securely handle data, and respond to security incidents.
9. Network Security Measures: Secure your network infrastructure with robust security measures such as firewalls, intrusion detection/ prevention systems, and VPNs. Regularly monitor network activity for signs of suspicious behavior and promptly investigate and address any anomalies.
10. Stay Informed and Adapt: Cybersecurity threats are constantly evolving, so it’s essential to stay informed about the latest trends, tactics, and technologies. Subscribe to reputable cybersecurity news sources, participate in industry forums, and continually reassess and adapt your security strategies to stay one step ahead of cybercriminals.
In an era where cyber threats are omnipresent, implementing robust cybersecurity and data protection practices is not just a best practice, it’s a necessity. By following these essential guidelines, individuals and organizations can better safeguard their digital assets and mitigate the risks posed by cybercriminals. Remember, cybersecurity is a shared responsibility and every proactive measure counts in the ongoing battle against cyber threats.
About Author:
Eng. Dina Al.Salamen is Vice President and Head of Cyber and Information Security with over 17 years of experience at Arab Bank and Bank ABC. She serves on the EC-Council International Advisory Board and is a PECB Trainer. Dina is a keynote speaker on cybersecurity and passionate about blockchain, big data, and AI.
Security Best Practices in the SaaS Shared Responsibility Model
- By David B. Cross Senior Vice President and CISO at Oracle
The cloud software-as-a-service (SaaS) environment has a shared security model, as opposed to an onpremises application deployment.
Organizations should implement several best practices as part of their responsibilities in a cloud application deployment to optimize their security and compliance posture.
Most importantly, an organization has the responsibility of identities, user access, and data security in
the SaaS application environment. Let’s discuss the best practices that should always be performed, monitored, and audited on a regular basis to mitigate any risks or threats for the customer responsibilities.
FIREWALLS
Password Rotation
Organizations should implement a password rotation policy to continuously maintain their security posture.
Based on your security and compliance requirements, the rotation can be set to a specific time period, but the industry best practice maximum is 90 days. Administrators should also create strong, unique passwords each time to ensure the effectiveness of this security measure.
This regular rotation of administrative passwords helps to protect against unauthorized access and potential compromise.
Multifactor Authentication (MFA)
Multifactor authentication (MFA) is a method of verifying a user’s identity by requiring more than just one log-in method. In addition to a password, it can be a confirmation sent to a mobile device or a code delivered to their email.
We strongly recommend using multifactor authentication for all user and administrator accounts in cloud-based SaaS application environments, and we recommend implementing MFA enforcement, logging, and monitoring in all identity management systems.
Identity and Application Logging
As noted in the introduction, one major responsibility area for organizations is identity and data controls. You should not only
configure and enforce strong authentication based on MFA, but you should also collect and retain all identity and application access logs. We recommend that you collect all identity and application specific calls at regular, frequent intervals because not all logs in all applications and services have the same availability, retention, and storage for extended periods of time.
Location and Devicebased Access Controls
To reduce the risks of a mobile workforce accessing major applications, sensitive data, or holding significant privileges, organizations should limit, and control access based on locations and/or devices.
One recommended best practice is to enable and configure restricted access, or to remove entitlement for various roles that shouldn’t be permitted from less-trusted locations or devices.
Role and Privilege Management
SaaS applications often have numerous roles, entitlements, and privileges as part of their access controls and workflows. It is recommended to have automated analysis, monitoring, and control of roles, configurations, and entitlements using predefined policies and workflows.
Organizations should have continuous monitoring of user access and activity data as a best practice from a security and compliance standpoint in their SaaS applications.
Security Training and Awareness
Users should always be aware of risks, threats, phishing attacks, and best practices to ensure safe browsing and access in a SaaS environment.
Annual training, reminders, and endpoint protection tools are recommended practices for all users to reduce potential risks.
To Wrap Up
As organizations migrate their data and adopt SaaS based applications in the Cloud, they should always have proactive planning, configuration, and adoption of security best practices in these environments.
The SaaS shared security model is a shared responsibility, and the overall security fabric is made stronger through deep collaboration and the adoption of recommend security controls.
About Author:
David B. Cross, Senior Vice President and Chief Information Security Officer (CISO) at Oracle, is a seasoned cloud security engineering executive. With a focus on world-class execution, he leads the implementation of nextgeneration cloud platforms globally.
Renowned for his expertise in encryption, PKI, and authentication, David consistently builds highperformance engineering teams and integrates acquisitions seamlessly.
The Race for QUANTUM CYBERSECURITY
- By Chuck Brooks President, Brooks Consulting International
While the variety of cybersecurity applications of artificial intelligence has significantly impacted computing in the digital ecosystem, there are more disruptive technologies in the pipeline that are on the horizon.
This includes quantum technologies, which may arrive sooner than expected as new developments are putting quantum computing closer to reality by making it more efficient to scale and easier to build.
Quantum computing and physics are meshed. The unique qualities of atoms and subatomic particles are used to make quantum computing work. In simple terms, quantum computers use qubits instead of the more common binary bits of ones and zeros for digital communication.
This is done by processing data using the unique properties of subatomic particles. It becomes possible for an atom to be in both a 0 and a 1 state at the same time, which is why it is used in quantum computers.
Emerging Threats and Opportunities in Quantum Technology
The benefits to society of quantum computing are many. Quantum computing will make it possible to handle data at speeds that have never been seen before and use predictive analytics to help solve problems.
The potential for quantum technology, especially quantum computing, to completely change many fields is huge. Specifically, quantum technologies are predicted to influence the optimization of computing power, computing models, network latency, interoperability, artificial intelligence (human/computer interface), real-time analytics and predictive analytics, catalyze data memory power, help secure cloud computing, enable better virtualization, a. and benefit biological and material science research.
But like every technological tool, there are two sides to the coin. Quantum computers, if placed in the wrong hands, have the potential to constitute geopolitical cyber threats due to their superior speed and accuracy over classical computers.
Additionally, the same computational power that makes it possible to tackle complicated problems can also be used to compromise cybersecurity. Current cybersecurity protocols usually encrypt sensitive data, like passwords and personal information, using pseudorandom numbers.
However, quantum computers have the capability to break the techniques used by traditional computers to generate random numbers, which poses a serious risk to any organization that uses standard encryption tools.
The IBM Institute for Business Value put out a study called Security in the
Quantum Era. In the paper, the reality of quantum risk is talked about along with the need for “enterprise adoption of quantum-safe capabilities to safeguard the integrity of critical applications and infrastructure as the risk of decryption increases.”
The IBM report says that cybercriminals may already be stealing encrypted data so that they can decrypt it when quantum computers get better. The report also says that quantum computing is an “existential risk” to traditional computer encryption protocols.
The risks are plentiful. According to quantum experts, on what they call “Q-Day,” large quantum computers will be able to use Shor’s method to break all public key systems that use integer factorization-based (and other) cryptography.
The Shor algorithm is widely regarded as the first quantum algorithm that demonstrated the potential of an ‘exponential’ speeding-up over its equivalent classical algorithms. Shor’s algorithm’s ability to break public key cryptography could have a big effect on banking, healthcare, transportation, and other important systems.
In concrete cybersecurity terms, with the RSA-2048 standard encryption used currently, a classical computer could take a billion years to break it. If you had a working quantum computer, it could break it in less than two minutes.
To prepare for the possibility of a Q-Day, the US government’s NSA, DOD, DHS, and NIST have all made new guidelines for quantum-proof technology for algorithms. Beyond quantum key sharing, the NSA believes that postquantum encryption, also known as quantum-resistant encryption, is a better and more practical option.
Government Initiatives and Legislative Action
The United States Congress is also advancing measures to make sure that enemies cannot decrypt confidential data they steal from businesses, data centers, government agencies, and networks.
“The Quantum Computing Cybersecurity Preparedness Act” was established by Congress in December 2022. Its purpose is “to prioritize the migration of federal information technology systems to post-quantum cryptography and come up with guidance for the federal assessment of critical systems based on the standards that the National Institute of Standards and Technology will issue for post-quantum cryptography.”
There are substantive reasons for the US government initiatives. There is a global race to Q-Day and the stakes are high. In 2021, Booz Allen Hamilton (BAH) analysts surmised that China will surpass Europe and the US in quantumrelated research and development and that Chinese hackers could soon target heavily encrypted datasets such as weapon designs or details of undercover intelligence officers with a view to unlocking them at a later date when quantum computing makes decryption possible
In the BAH report titled “Chinese threats in the quantum era,” it was noted that “encrypted data with intelligence longevity, like biometric markers, covert intelligence officer and source identities, social security numbers, and weapons’ designs, may be increasingly stolen under the expectation that they can eventually be decrypted.”
Europe is not sitting idle. In a big step toward using quantum technologies to protect its communication networks, the European Union (EU) has asked a group of companies called Nostradamus to build the test infrastructure for quantum key distribution (QKD). The change is meant to make it possible to test QKD devices made in Europe.
Deutsche Telekom (DT), a partner of the EU in going digital and a network provider for many EU agencies, is in charge of the group. The Austrian Institute of Technology, the French tech company Thales, and experts from business and education are also partners.
Other allied nations such as Japan are pursuing their own quantum initiatives. The Japanese government recently said that it wants to take part in the global race in quantum computing by building its first quantum computer. The
Japanese government strategy aims to create an environment where quantum technology can be used in such varied fields as medicine, banking, and new materials development by 2030, with a target of 10 million users in Japan.
The momentum for quantum technologies is growing. Many private sector big companies, including Intel, Google, IBM, D-Wave, and others, are spending a lot of money to improve quantum capabilities and technologies. Furthermore, quantum is gaining more interest in the academic world.
The University of Chicago’s Pritzker School of Molecular Engineering is home to the Chicago Quantum Exchange (CQE).
Researchers recently made a big announcement: they have set up a quantum network that connects labs in the suburbs to the city of Chicago. Students and businesses will both be able to use the Chicago network. It is one of the first places in the country where quantum security technology can be tested by the public.
Robert Liscouski, Chairman of the Board of Quantum Computing Inc believes that we will see practical applications of quantum computing this year and beyond. He is confident that the state of the technology is at a point today where end users—business users, medical researchers, and cybersecurity professionals—will change the conversation from “What can quantum computing do” to “Look what I can achieve with quantum computing.” The accelerated investment in quantum technologies by both the public and private sectors is an affirmation of what lies ahead on the quantum digital horizon.
As quantum computing evolves there will also be a need for a corresponding ecosystem of policy Issues. These will include ethics, interoperability protocols, privacy/ surveillance, complex autonomous systems, and best commercial practices.
Q-Day may be coming closer and cybersecurity professionals need to take a proactive approach and begin to thoroughly prepare now for a post-quantum world.
About Author:
Chuck Brooks, President of Brooks Consulting International, brings over 25 years of expertise in cybersecurity, emerging technologies, and government relations. An Adjunct Professor at Georgetown University, he teaches on cyber risk management. Chuck is recognized globally for his cybersecurity advocacy and has authored the upcoming book “Inside Cyber.”
THE ROLE OF INTERIM CISOS IN DRIVING
CYBERSECURITY MATURITY AND BUSINESS OBJECTIVES
- By Jane Teh
SEA Cybersecurity Director - Risk Advisory, Public Speaker & Educator, Deloitte
The Role of Interim Chief Information Security Officers (CISOs) in driving Cybersecurity Maturity and Business Objectives in today’s digital landscape, the role of Chief Information Security Officers (CISOs) has evolved significantly over time.
Organizations face increasingly persistent and sophisticated cyber threats that require not only robust defense mechanisms but also strategic leadership to align cybersecurity efforts with business objectives.
Interim CISOs play a crucial role in this context, offering specialized expertise and leadership during transitional periods or when specific cybersecurity challenges arise.
CISO STRATEGIES
Role of a CISO is to be responsible for overseeing an organization’s information security strategy and implementation. This includes identifying potential risks, developing policies and procedures, implementing security controls, and ensuring compliance with regulatory requirements.
The CISO also collaborates closely with other departments to integrate cybersecurity into business operations seamlessly. The need for Interim CISOs step into organizations during critical periods such as leadership transitions, sudden departures of permanent CISOs, swift change management and mindset after a serious breach, when there is an urgent need to address cybersecurity gaps.
Their temporary tenure allows them to focus intensely on immediate challenges while preparing the organization for long-term security success.
Driving Cybersecurity Maturity Assessment and Strategy Development
Interim CISOs typically begin by conducting comprehensive assessments of the organization’s current cybersecurity posture. This involves identifying vulnerabilities, evaluating existing security measures, and understanding the organization’s risk tolerance. Based on these assessments, they develop a strategic cybersecurity roadmap aligned with the organization’s goals and regulatory requirements.
Implementation of Security Controls
A crucial aspect of cybersecurity maturity is the implementation of robust security controls. Interim CISOs lead the deployment of these controls, which may include network security measures, endpoint protection, data encryption protocols, threat detection and incident response plans. They ensure that these measures are integrated across all levels of the organization to provide a cohesive defense against cyber threats.
Culture of Security Awareness
Building a culture of cybersecurity awareness is essential for long-term maturity. Interim CISOs engage with employees at all levels to promote best practices, conduct training sessions, and foster a vigilant attitude towards potential threats. By embedding security awareness into the organizational culture, they reduce the likelihood of human error leading to security breaches.
Continuous Improvement and Adaptation
Cyber threats evolve rapidly, requiring cybersecurity strategies to adapt accordingly. Interim CISOs facilitate continuous improvement by monitoring emerging threats, evaluating the effectiveness of existing security measures, and recommending adjustments as needed. This proactive approach ensures that the organization remains resilient in the face of evolving cyber risks aligning with Business Objectives
Risk Management and Business Continuity:
1. Effective cybersecurity is integral to business continuity and risk management. Interim CISOs collaborate closely with executive leadership to align cybersecurity efforts with broader business objectives. They provide insights into how cybersecurity investments contribute to mitigating risks, protecting assets, and maintaining operational continuity, thereby demonstrating the strategic value of cybersecurity initiatives.
2. Regulatory Compliance: Many industries are subject to stringent regulatory requirements regarding data protection and cybersecurity. Interim CISOs ensure that the organization complies with relevant regulations and standards, minimizing legal and financial risks associated with non-compliance. Their expertise in regulatory frameworks enables them to implement necessary controls and processes efficiently.
3. Supporting Digital Transformation: As organizations undergo digital transformation, cybersecurity becomes increasingly intertwined with innovation and growth initiatives. Interim CISOs facilitate secure digital initiatives by advising on security
implications, integrating security into new technologies and processes, and ensuring that cybersecurity considerations are prioritized from the outset of transformation projects.
Conclusion
Interim CISOs play a pivotal role in enhancing cybersecurity maturity and driving business objectives. Through their expertise in cybersecurity strategy, risk management, and regulatory compliance, they help organizations navigate complex cyber landscapes while aligning security efforts with overarching business goals.
By fostering a culture of security awareness, implementing robust security measures, and supporting digital innovation securely, interim CISOs contribute significantly to the long-term resilience and success of organizations in today’s interconnected world.
Their role exemplifies the critical intersection between cybersecurity leadership and strategic business management, highlighting the importance of proactive and adaptive cybersecurity practices in safeguarding organizational assets and reputation.
About Author:
Jane Teh brings over 18 years of expertise in cybersecurity, risk management, and digital transformation across diverse industries. She has advised major verticals in SEA, ensuring compliance with international standards and enhancing cyber-business risk planning. Jane has served as interim CISO for financial sectors and startups, pioneering strategic cybersecurity initiatives. She’s also a respected judge, author, and speaker in computer forensics and cybersecurity.
‘Pwned’ to Pioneer: How a Mishap Launched a Cybersecurity Star
- By Paul Shread
Caitlin Sarian, best known as “Cybersecurity Girl,” an online influencer with more than 700,000 followers across TikTok and other social media platforms, took an unusual route in her cybersecurity career.
After studying aerospace engineering in college, she was on a corporate fast track in cybersecurity.
How did she veer off that path to become a widely followed social media influencer?
In a candid conversation with Paul Shread, International Editor at The Cyber Express, Caitlin talked about all that and more including opportunities for women in cybersecurity, her own initiatives, and the future of cybersecurity.
HOT SEAT
Unusual Career Path
After a string of interesting internships, Caitlin wasn’t sure she’d found her “forever kind of place,” so she decided to go into consulting for its variety of assignments, and that’s when EY recruited her for their new cybersecurity practice.
“I was very intrigued,” she told The Cyber Express. “I absolutely love learning. I love challenges. And I just fast tracked it from there. I was really working crazy hours learning everything I could learn about cybersecurity, and I ended up loving it.
My first project was Cisco, helping them with ISO 27001. So I got to look at everything across the Cisco environment, and assess them, and then tell them where their gaps are.
I got a good handle on what cybersecurity was about from that really broad-spectrum type of assessment and continued to do similar assessments at large companies. I got to work at Experian after the data breach. I got a lot of really, really cool, unique opportunities.
And I just kept taking them and running with them. And I started
getting into data privacy specifically. I was able to move to London because of that for GDPR. And that’s when I got the opportunity to work with DLA Piper.”
Despite her success, Caitlin “was not as satisfied as I wanted,” a realization that hit during the COVID pandemic. “I always thought I was going to give back to the community in some way, shape, or form. I actually went into school as an elementary education major and I switched along the way.
And so I was like, I really want to inspire the next generation of people to get into cybersecurity. And the best way to reach the next generation is to go on TikTok. I also wanted to get more women in STEM fields as a whole, because mechanical engineering, it’s 5% woman.
“I was really passionate about those things, and I went in to doing this social media thing with three pillars in mind. One was to get more women into STEM and cyber.
The other was to get more people interested in cybersecurity as a career and really demystify what that looks like.
And then the third, which was kind of an afterthought, was like, let’s just educate people along the way that
don’t know what cybersecurity is and how to protect themselves.”
She was still at DLA, but made the commitment to try her social media experiment for a year. “I was going to post three times a day, and if nothing happened, then that’s probably not what I should do, but I wanted to give myself that chance, and then it just blew up within a few months.
And then it just kept going. And I never thought I would be an influencer. I still, like, giggle and am semi-embarrassed that I have to say that I’m a cybersecurity influencer, because I think there’s a stigma around that. But I’m so excited about the impact that it’s making with the community that I just continued to go.”
She got an opportunity to work at TikTok but left after about 10 months. “I realized I was building someone else’s dream,” she said. “I’m so passionate about that platform, still, and other platforms as well.
But I wanted to continue to build my dream, which is to help consumers with their cybersecurity, make it easier and make it more fun and transparent, and clear. So I’ve been doing that for the last like eight months, and I haven’t looked back.”
‘Consistency
and Relatability’ – and a Viral Mistake
Asked what made her so successful on social media, Caitlin said, “I think it’s the consistency and it’s the relatability.
And it was bringing cybersecurity to an understandable and relatable point. What I started realizing is that people aren’t taught cybersecurity at all, they don’t understand why it’s important, and so, one, it was making content that was relatable to people, and understandable and educational. It was getting people’s attention as to why they should consider cybersecurity before they make big decisions.
And then the other was just making it quick, easy, relatable. We don’t have a long attention span. I’ll speak for myself – I don’t have a long attention span anymore because of social media. And so it’s fun to be able to try to give clear concepts of cybersecurity in a short digestible manner.”
But it was a mistake that made her audience really take off.
“My first viral video only went viral because I mispronounced a word,” she said.
That word was pwned, pronounced “powned.”
It was late at night and she was tired, but she wanted to stick to her commitment of making three videos a day, and in her rush said “pawned” rather than “powned.”
“I woke up the next morning and it was like a mad, crazy comments, like how can this person ever say they’re in cybersecurity when she doesn’t even know how to pronounce pwned. And I was so tempted to delete that video because I was mortified. I was like, I don’t know how I mispronounced that.
But I didn’t do it. I was like, You know what, it’s still going to the right people. It’s bringing more awareness even if I mispronounced one word. And then I started really using that as like a way to do guerilla marketing.
So sometimes I do mispronounce words just to piss people off. And it’s not to piss people off, but it’s to get more attention and get more people because everyone wants to prove that they’re smarter than the other.
So they’re always writing in the comments. But there’s some crazy fun guerilla marketing that you could do with social media that people don’t realize is like a marketing tactic.”
Women in Cybersecurity
Women currently comprise about 25% of the cyber workforce, but Caitlin notes that while that number is growing, “they actually start dropping off after like three or four years because they want to have a family.”
The demands of a cybersecurity career can be hard on relationships and families, she said. “Ideally we’d like to have 50% women, but at this point, I don’t think corporations are flexible enough to have women be able to be mothers or good family members while also doing a cybersecurity job, because the women I’ve seen that are crushing it, you can’t, it’s really hard to be both.”
Ideally, corporations would address this issue with more flexibility toward part-time roles that allow young families the balance they need, she said.
“I just want the woman that want to get into cybersecurity to get into cybersecurity,” she said. “I don’t think we need to hit a number. I think we need to hit a balance of like, are the appropriate people that want to get in – not just women, but like in general – are the appropriate people that want to get in that are working really hard getting in?”
HOT SEAT
Optimism About the Future
Caitlin’s own future plans include a book on cybersecurity basics and an accompanying app, which, with her significant marketing base, should be pretty successful. She’s building a cybersecurity community for people who want to get started in the field.
She’s also building her own training course to help people get started in security careers, with a focus on narrower areas like privacy. “Right now, people are doing too broad, and they need to kind of niche down into which areas they want to get into,” she said.
She plans to start with an overview of all the areas where there are entry-level jobs, followed by specialized courses aimed at teaching the skill sets needed for those entry-level roles. “The homework assignments actually help build your resume.”
She hopes to partner with a staffing company to help place those students. “There’s a lot of issues in that whole funnel process, and none of them are being addressed, really.”
Asked if she’s optimistic or pessimistic about the future of cybersecurity, Caitlin replied, “I think the future for cybersecurity from a jobs project perspective is very optimistic. I mean, it’s never gonna go away, we are constantly getting more and more ingrained into the online and interconnected culture, which just means there’s more and more availability to get careers in cyber.”
She highlighted access management, data protection and privacy, and AI as areas of future promise and demand.
As far as the big cybersecurity picture, Caitlin concluded our conversation with this take:
“In terms of threats, and, you know, potentially like World War Three, that’s already happening. I don’t think people realize that cyber warfare has been going on for years, which is why cybersecurity started back in the in the 70s and 80s. So they’re gonna keep being more persistent.
But I have faith in the people and our training, that if we are able to use AI for good and other platforms for good, that we’ll be able to combat the bad actors in this world. I want to live my life and enjoy my life and not be in a state of panic and fear. And as long as I feel like I’m doing my part and doing my best to protect myself and others, that’s all I can do.”
SUPPLY CHAIN SECURITY:
INTERNAL CONTROLS, EXTERNAL DEMANDS MAKE A DIFFERENCE
- By Paul Shread
One of the most disturbing trends in cybersecurity in recent years has been the growing awareness of just how dependent organizations are on other people’s security. The SolarWinds attack in 2020 drove home the vulnerability of the software supply chain like never before.
Threat actors don’t need to inject malicious code into a tech company’s code base to hack the digital supply chain – they only need to exploit a zero-day or unpatched flaw that already exists, as happened in recent attacks hitting customers of MOVEit.,and Ivanti. And “software dependences,” like an open-source component used in proprietary software, can also introduce vulnerabilities.
The digital supply chain falls under the broader category of third-party risk management (TPRM), the partners, vendors, service providers, suppliers and contractors who can unwittingly introduce risk into your environment.
A number of studies have found that more than half of all organizations have experienced a third-party breach, and these breaches tend to be more costly than incidents that occur within an organization.
So what can organizations do to protect themselves against these growing third-party risks?
DIGEST
THE COVER
Zero Trust Helps Protect Against Supply Chain Risks
The unfortunate thing about cybersecurity is that you should always “assume breach,” as the saying goes, and nothing drives that point home more than a software supply chain attack. If MITRE can be hacked, your organization can be hacked too.
And that’s how the term “zero trust” evolved – if you assume that no one can be trusted and that no one is safe, you architect accordingly, with your most critical systems and data isolated as much as possible, with ransomwareresistant backups on top of that.
That means walling off your most critical applications and data with practices such as:
Network microsegmentation
• Strong access controls, allowing no more access than is required, with frequent verification
• A strong source of user identity and authentication, including multi-factor authentication and biometrics, and machine authentication with device compliance and health checks
• Encrypt data at rest and in transit
MITRE and others have been stressing the concept of cyber resilience in recent years. It’s a concept very similar to zero trust – if you assume you can be breached, how can you protect your most important assets to the greatest extent possible?
Strong microsegmentation, access control and authentication are very good places to start. “Honeypots” can help you detect intruders early by luring attackers to fake assets that appear critical. But there’s still a missing piece –the ability to recover if your most critical assets get hit.
That’s where ransomware-resistant backups come into play – and we say
“resistant” rather than “ransomwareproof” because there may always be a small opening for the cleverest of adversaries, perhaps during a brief backup window.
That’s where true immutable, ransomware-resistant backup services and architecture come into play. Rubrik seems to be one such service. Another option is still more segmentation –segmenting your server, storage and backup environments with VLANs, with all inter-VLAN traffic going through a firewall. That gives your backups their best chance of remaining uncorrupted by intruders.
Many of these controls will help protect against third-party risks in general, but for specific use cases, such as connecting to an API or a cloud service, proper configuration and access control will be particularly important. Always assume breach, and limit your exposure by applying best practices to every connection.
When it comes to your most critical assets, you can’t be paranoid enough, but that security doesn’t need to cost a fortune – well implemented security controls and best practices can go a long way toward protecting your most critical assets.
Demand Good Security from Partners
Carefully vetting your partners and suppliers and requiring good security controls in contracts are other ways to improve third-party security. Threat intelligence services like Cyble can help you assess partner and vendor risk –and alert you to places where you may want to shore up your own security defenses.
NIST, the U.S. National Institute of Standards and Technology, offers a number of guides on supply chain risk management and best practices. Make security reviews and requirements part of your procurement process from the start.
Here are some questions you should ask vendors and service providers as part of a digital supply chain risk assessment, according to NIST and other sources:
• Is the vendor’s software and hardware design process documented, repeatable and measurable?
• Does the vendor maintain a software component inventory such as a software bill of materials (SBOM) that spells out the components and other attributes of software developed by the vendor and third parties? Is the mitigation of known vulnerabilities factored into product design through product architecture, run-time protection techniques, and code review?
• How does the vendor stay current on emerging vulnerabilities? What are vendor capabilities to address new “zero day” vulnerabilities?
• What controls are in place to manage and monitor production processes?
• How is configuration management performed? Quality assurance? How is testing done for code quality and vulnerabilities?
• What levels of malware protection and detection are performed?
• What steps are taken to make sure products are tamper-proof? Are the back doors closed?
• Are physical security measures documented and audited?
• What access controls, both cyber and physical, are in place? Are they documented and audited?
How is customer data protected, stored, retained, and destroyed?
• What type of employee background checks are conducted and how frequently?
• What security practice expectations are there for upstream suppliers, and how is adherence to these standards assessed?
How secure is the distribution process? Have approved and authorized distribution channels been clearly documented?
• Services like Cyble’s third-party risk intelligence can help you get started on this process. As more organizations make security a buying criterion, vendors will be forced to respond with better security controls and documentation.
Internal Controls and Partner Demands Boost Supply Chain Security
Securing the digital supply chain starts with a mindset of Zero Trust. Isolating critical workloads and assets through microsegmentation, strict access controls and permissions, ransomware-resistant backups, and encryption of data both in transit and at rest should be core cybersecurity practices of every organization by now.
Make sure every connection is configured and secured properly, whether it’s an API, cloud service, partner, vendor, or remote employee. And demand better from your suppliers by building security risk assessments into your buying process.
The unfortunate truth is that every organization is likely to be breached to some degree at some point. Assume breach – and prepare to be resilient.
Cyber Insurance for Supply Chains: Is It Worth the Investment?
- By Samiksha Jain
Imagine waking up to discover that hackers have breached your company’s defenses, accessed sensitive customer data and crippled your operations. This nightmare became a reality for Snowflake on May 31, 2024, when attackers infiltrated customer accounts using single-factor authentication.
Leveraging credentials obtained through infostealing malware, these cybercriminals launched data breaches starting in April 2024. Snowflake initially downplayed the impact, calling it “limited,” but a deeper investigation by Mandiant revealed a much graver scenario: 165 customers, including giants like Ticketmaster, Advance Auto Parts, and Santander, were affected.
Snowflake’s ordeal is far from an isolated incident. The infamous SolarWinds attack saw hackers inject a backdoor into a software update of this popular networking tool,
granting them remote access to thousands of corporate and government servers worldwide. This massive breach led to numerous security incidents and exposed critical data. Similarly, British Airways found itself in hot water when a Magecart supply chain attack compromised its trading system, leaking sensitive customer information.
These high-profile cyberattacks shine a spotlight on the escalating vulnerabilities within supply chains, underlining the dire need for robust cybersecurity measures. As these threats continue to grow, businesses are left pondering a critical question: Is investing in cyber insurance worth it?
This article explores the potential benefits and challenges of cyber insurance, helping businesses determine if it’s a worthy investment for safeguarding their operations against the ever-evolving cyber threat landscape.
SCOOP
Understanding Cyber Insurance
Cyber insurance, also known as cyber liability or cybersecurity insurance, is a specialized contract designed to mitigate the financial risks associated with online business operations. By paying a monthly or quarterly fee, businesses can transfer some of their cyber risk to an insurer.
Unlike traditional insurance plans, cyber insurance policies are highly dynamic, often changing from month to month to keep pace with the evolving nature of cyber threats. This variability is due to the limited historical data available to underwriters, making it challenging to create stable risk models for determining coverage, rates, and premiums.
So, From Where Did It Origin?
The origins of cyber insurance trace back to the late 1990s when the growing reliance on technology and the rise in cyber threats necessitated a new type of protection.
Initially focused on data breaches and computer attacks, cyber insurance has since expanded to cover a wide range of cybercrimes, including ransomware, cyber extortion, social engineering attacks, system failures, and business interruptions resulting from cybersecurity incidents.
The increasing popularity of cyber insurance is well-founded.
The financial impact of cyberattacks on businesses can be devastating, encompassing direct financial losses, operational disruptions, and severe damage to reputation and customer trust. For instance, a cyberattack can lead to halted production lines, breached customer data, and a significant loss of market confidence.
As the cyber insurance market rapidly grows—it was valued at approximately
$13 billion in 2023, nearly double its size in 2020—forecasts suggest it will continue to expand, reaching an estimated $22.5 billion by 2025.
This growth highlights the necessity of cyber insurance in today’s digital landscape, where the true cost of cyberattacks can be staggering. With 70 percent of businesses experiencing a cyberattack, the importance of having cyber insurance cannot be overstated.
Components of Cyber Insurance Relevant to Supply Chains
Cyber insurance tailored for supply chains encompasses critical components designed to mitigate the multifaceted risks posed by cyber threats. Coverage details typically include protection against data breaches, crucial for safeguarding sensitive information compromised during cyber incidents.
This coverage extends to forensic expenses, covering the costs of hiring external forensic teams to investigate and ascertain the extent of data breaches—a vital step in understanding and mitigating the damage.
Business interruption coverage is equally pivotal, offering compensation for revenue losses incurred due to cyber incidents disrupting normal operations. This aspect of cyber insurance becomes indispensable, especially considering that supply chain disruptions last year led to an average annual loss of $82 million per company across key industries.
Third-party liability coverage shields businesses from legal and financial repercussions arising from breaches affecting external stakeholders. This includes expenses for legal representation to navigate regulatory fines, penalties, and compliance requirements mandated by federal and state authorities.
Additionally, cyber insurance often covers credit monitoring and identity theft repair services, not only to mitigate legal liability but also as a proactive measure to rebuild customer trust and uphold ethical business practices.
Exclusions and limitations in cyber insurance policies are essential considerations. Common exclusions may include certain types of cyber incidents or inadequate coverage for specific losses, necessitating careful review and customization of policies to align with supply chain vulnerabilities and risk tolerance.
Limitations and caps on coverage are also critical, outlining the maximum financial assistance available for various aspects of cyber incident response and recovery.
The benefits of cyber insurance for supply chains extend beyond financial protection to encompass enhanced risk management strategies. Policies often include comprehensive support services such as incident response teams and legal assistance, pivotal in minimizing the impact of cyber incidents on business continuity and reputation.
Moreover, investing in cyber insurance can confer a competitive advantage by demonstrating proactive risk management to customers, partners, and stakeholders— crucial in differentiating businesses in today’s hyper-connected marketplace.
Challenges and Considerations
Cyber insurance presents a myriad of challenges, reflecting the complex and evolving nature of cyber threats. One of the primary hurdles is the lack of mandatory reporting for cyber breaches that don’t directly impact consumer data, leaving a significant number of attacks unreported.
This data gap undermines insurers’ ability to accurately assess the full costs of cyber incidents, complicating the development of effective cyber insurance policies tailored to diverse risks.
Another significant challenge stems from organizations’ varying levels of preparedness and awareness regarding
cyber threats. Many businesses lack comprehensive knowledge about their internal cybersecurity readiness, posing difficulties for insurers in accurately underwriting cyber risks. This uncertainty makes it challenging to formulate precise policies that adequately cover potential vulnerabilities and exposures.
Public awareness and perception of cyber insurance also play a critical role. While a substantial portion of U.S. adults are familiar with cyber insurance, there remains a disparity in understanding between those who have experienced cybercrime and those who haven’t.
Concerns about the perceived cost of premiums and the need for more research deter many organizations from investing in cyber insurance, despite the growing necessity in today’s digital age.
Moreover, defining and categorizing cyber threats accurately present ongoing challenges for insurers. The rapid evolution of technologies like IoT complicates risk assessment and policy formulation, as insurers grapple with defining and quantifying the impact of emerging cyber risks. This ambiguity can lead to gaps in coverage and potentially expose organizations to significant financial and reputational damage in the event of a major cyber \attack.
Geographical limitations further complicate cyber insurance coverage, unlike traditional insurance which typically defines risks based on physical locations. In the world of cyber insurance, where attacks can originate and propagate globally with minimal regard for physical boundaries, insurers face complexities in determining the scope and extent of coverage across diverse operational environments.
Finally, the “actuarial paradox” poses a unique conundrum in cyber insurance. Unlike traditional insurance where historical data can reliably predict future risks, the response to a cyber breach can potentially mitigate future vulnerabilities. Insurers must grapple with assessing whether companies that have experienced breaches and responded effectively are indeed lower risks deserving of reduced premiums—an intricate balancing act in the ever-changing cybersecurity landscape.
Addressing these challenges requires collaboration between insurers, businesses, and cybersecurity experts to develop innovative solutions that effectively mitigate cyber risks while enhancing the accessibility and efficacy of cyber insurance policies in safeguarding organizations against the evolving threat landscape.
Making the Decision: Is It Worth The Investment?
Investing in cyber insurance tailored for supply chain attacks demands a careful cost-benefit analysis to determine its viability. As the cyber insurance market continues its rapid expansion—nearly tripling in size over the past five years—the landscape of cyber threats grows increasingly complex.
Conducting a thorough evaluation involves weighing the potential costs of cyber incidents, such as data breaches and operational disruptions, against the premiums and coverage offered by cyber insurance policies. For businesses, particularly small and medium-sized enterprises (SMEs), the decision hinges on customizing policies to align with specific supply chain risks.
This customization not only requires a keen understanding of internal vulnerabilities but also necessitates a comprehensive risk assessment to identify potential exposures.
While large companies dominate the cyber insurance market, SMEs often shoulder their cyber risks independently due to perceived complexities and costs associated with cyber insurance. However, recent trends indicate a growing commitment from reinsurers and emerging interest from capital markets in mitigating cyber risks.
Despite these developments, a significant portion of cyber risks remains uninsured, highlighting the need for broader adoption and tailored solutions to protect supply chains effectively.
In conclusion, the decision to invest in cyber insurance for supply chain attacks is not merely about financial protection but also strategic resilience. It entails proactive risk management, enhanced operational continuity, and bolstered customer trust—all critical components in navigating today’s digital landscape.
By aligning insurance investments with specific risk profiles and leveraging tailored policies, businesses can fortify their defenses against cyber threats while positioning themselves for sustainable growth and resilience in an increasingly interconnected world.
COMPLIANCE IS KEY:
HOW GDPR & CCPA SHAPE SECURE SUPPLY CHAINS
- By Ashish Khaitan
In the modern, globalized business environment, data security and privacy measures are not just necessary but essential, as supply chains cut across borders and digital networks. These technologies power millions of transactions and commerce every day, forming the foundation of the supply chain sector.
From the early days of the internet to the present age, the supply chain industry has undergone significant reform over the last few decades.
Today’s society relies heavily on
internet-related services, making the safeguarding and control of supply chains a global governmental responsibility.
It wasn’t until 2018 that comprehensive legal frameworks were established, significantly enhancing the security of transactions for both suppliers and end users, enabling them to conduct transactions with ease and safety at the touch of a button.
The General Data Protection
Regulation (GDPR) and the California Consumer Privacy Act (CCPA), two important legislative frameworks, have played critical roles in changing how corporations manage and secure personal data to facilitate global commerce and supply chains.
Explaining how important these regulatory frameworks are, The Cyber Express brings a new perspective on strategies, foundations, and practices essential for enhancing supply chain security in accordance with GDPR and CCPA guidelines.
CYBERVILLE
Understanding GDPR and CCPA: Foundations of Data Privacy
GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act) play crucial roles in enhancing data privacy and security within supply chains. These regulations establish legal frameworks that require businesses to protect personal data, impacting how companies manage and share information across their supply networks.
Enforced in May 2018, GDPR harmonizes data protection laws across the European Union (EU) and extends its reach globally to any organization handling EU residents’ personal data. GDPR mandates stringent requirements for data processing, storage, and transfer, emphasizing principles like data minimization, transparency, and accountability.
Compliance with GDPR involves implementing security measures, conducting data protection impact assessments (DPIAs), and appointing Data Protection Officers (DPOs) where necessary.
Similarly, CCPA grants California residents rights over their personal information and imposes obligations on businesses operating in California. For supply chains, CCPA necessitates transparency in data collection practices and provides consumers with rights to access, delete, and opt out of the sale of their data.
Businesses falling under CCPA’s scope must disclose data collection practices, secure consumer consent for data use, and provide mechanisms for consumers to exercise their privacy rights. Compliance with CCPA necessitates comprehensive data management strategies, transparency in data handling practices, and stringent security controls.
Strategies for Strengthening Supply Chain Security
Effective strategies for strengthening supply chain security not only help protect sensitive data but also ensure compliance with regulatory frameworks like GDPR and CCPA. This section explores proactive measures and best practices essential for enhancing security across supply chain networks, mitigating risks, and fostering trust in digital transactions.
Data Encryption and Secure Data Transfers
Implementing encryption protocols ensures that sensitive data remains protected throughout its journey across the supply chain network. Encryption secures data both at rest and in transit, mitigating risks associated with unauthorized access or interception.
Vendor Due Diligence and Contractual Obligations
Conducting thorough assessments of third-party vendors’ security practices is crucial. Establishing stringent contractual clauses that align with GDPR and CCPA requirements ensures that vendors adhere to data protection standards and facilitate secure data processing and sharing.
Regular Auditing and Compliance Monitoring
Routine audits and assessments help identify vulnerabilities within the supply chain infrastructure. Continuous monitoring for compliance with GDPR and CCPA enables timely detection of deviations from data protection standards, facilitating prompt remediation and mitigation of security risks.
Employee Training and Awareness Programs
Educating employees on data privacy best practices, security protocols, and compliance obligations under GDPR and CCPA is essential. Building a culture of data protection awareness minimizes the likelihood of human error contributing to data breaches and enhances overall organizational readiness to respond to security incidents.
Establishing a Strong Security Foundation
Building a resilient supply chain security framework begins with fostering a culture of compliance and accountability throughout the organization. Some of the foundational elements of supply chain frameworks include establishing comprehensive policies and procedures for data handling, breach response, and incident reporting to ensure consistent adherence to GDPR and CCPA requirements.
Another major factor in supply chain security is conducting regular risk assessments and developing mitigation strategies tailored to supply chain dynamics to strengthen overall resilience against online cyber threats. From the government’s perspective, central and state governments should appoint designated roles such as DPOs or Privacy Officers responsible for overseeing GDPR and CCPA compliance to reinforce accountability and ensure strategic alignment with regulatory objectives.
Best Practices for Enhanced Security Measures
The GDPR and CCPA represent significant milestones in supply chain management, setting high standards for data privacy and security. Adhering to these regulations requires
businesses to adopt proactive measures that go beyond mere compliance, focusing on enhancing data protection frameworks to safeguard sensitive information from unauthorized access and breaches.
Incident Response Planning and Execution
Developing and testing detailed incident response plans enables organizations to promptly detect, contain, and mitigate the impact of data breaches. Effective response strategies include clear communication protocols, stakeholder engagement, and compliance with regulatory reporting obligations.
Continuous Improvement through Audits and Assessments
Regularly conducting internal and external audits helps identify areas for improvement and ensures ongoing compliance with GDPR and CCPA. Audits provide insights into supply chain vulnerabilities, enabling proactive measures to strengthen data protection frameworks.
Collaborative Partnerships and Information Sharing
Establishing collaborative relationships with supply chain partners fosters collective efforts in addressing cybersecurity challenges. Sharing best practices, threat intelligence, and compliance insights enhances overall supply chain resilience and ensures alignment with regulatory expectations.
Summing Up!
Understanding the regulations of GDPR and CCPA is essential for protecting data integrity, maintaining consumer trust, and achieving operational resilience in global supply chains. By implementing robust security strategies, fostering a culture of compliance, and embracing best practices for data protection, organizations can mitigate risks associated with data breaches and non-compliance penalties.
Investing in supply chain security not only enhances regulatory compliance but also fortifies business continuity and fosters competitive advantage in an increasingly regulated digital ecosystem.
The journey towards enhanced supply chain security involves continuous adaptation to evolving regulatory requirements, proactive risk management, and a steadfast commitment to protecting consumer data across global operations. By aligning with GDPR and CCPA principles, organizations can understand complexities, mitigate vulnerabilities, and uphold the highest standards of data privacy in today’s interconnected marketplace.
Why Protecting Your Cloud Supply Chain is More Important than Ever
- By Mihir Bagwe
In today’s world, cloud computing has become a fundamental part of how we live and work. Businesses and individuals are increasingly relying on cloud supply chains for their convenience and efficiency. However, with this growing dependency also comes a heightened awareness of the importance of cloud supply chain security.
Let’s dive into why securing the cloud supply chain is more critical than ever.
BOTTOMLINE
Rising Data Breach Incidents
One of the main reasons for the focus on cloud supply chain security is the increasing number of data breaches. As technology advances, cybercriminals are becoming more sophisticated. Tactics like ransomware, phishing, and social engineering have evolved, making it easier for cybercriminals to exploit vulnerabilities and gain unauthorized access to sensitive data.
A strong security system is essential to counter these threats. Implementing a Cloud Access Security Broker (CASB) can significantly enhance cloud security by bridging the gap between on-premises security measures and cloud-based services.
CASBs monitor the gateways between user devices, networks, and cloud services, ensuring data protection beyond traditional perimeters. Additionally, regular data backups can ensure business continuity in the event of data loss or a security incident.
Regulatory Compliance and Data Privacy
Awareness of supply chain and data security has grown as people recognize the potential harm if their personal and sensitive information falls into the wrong hands. Consequently, there is a demand for greater transparency in how businesses handle data in their supply chains.
Organizations must uphold data confidentiality to foster customer trust and loyalty. This has led governments worldwide to implement stricter data privacy and security measures.
Non-compliance with these standards can result in hefty fines and penalties, posing a significant risk to businesses. Multinational companies face additional challenges, as they must navigate data sovereignty regulations that require data to be stored and processed within specific geographic boundaries.
Using the same data across different jurisdictions can lead to breaches and penalties, making stringent security measures essential.
The Remote Work Revolution
The shift to remote work has brought numerous advantages, such as allowing simultaneous access to and collaboration on data.
Cloud-base supply chain systems enable real-time updates and scalability to accommodate growing data needs. This flexibility and cost-effectiveness have led many organizations to adopt cloud technology, particularly those embracing remote work.
However, this shift also raises concerns about network and data security. With increased data exposure risk, it is crucial to provide remote employees with proper cybersecurity training.
Alongside robust cloud security measures, ensuring employees are aware of necessary cybersecurity practices helps protect data. Additionally, securing data shared with external partners can mitigate cyberattack risks.
Financial Implications of Cyberattacks
Data breaches and cyberattacks can
have severe financial consequences for businesses. Beyond direct losses, companies may face legal fees, regulatory fines, and compensation costs.
Indirect costs such as reputational damage and loss of opportunities can also arise from compromised cloud systems. Therefore, ensuring a robust cloud security system is imperative to protect against financial strain caused by cyberattacks. Implementing emerging technologies can help businesses leverage cost-effective benefits while managing new security considerations seamlessly.
Implementing Cloud Supply Chain and Data Security
Understanding the importance of cloud security is the first step in securing your supply chain. Here are some essential security measures for businesses and organizations:
• Data Encryption: Encrypting data transmitted over the cloud using robust algorithms ensures that even if data is accessed by unauthorized individuals, they cannot decipher the contents without the appropriate decryption keys.
• Access Control: Implementing access control ensures that only authorized users can access data within the network and cloud system. Granting permissions based on user roles and regularly reviewing these permissions can help maintain security.
• Multi-Factor Authentication (MFA): Enforcing MFA adds an extra layer of security. Beyond a strong password, MFA requires users to undergo multiple identity verifications before
accessing the cloud system. For example, sending a one-time PIN code to a user’s mobile device adds an additional security step.
• Cloud Supply Chain Risk Management: It involves overseeing the entire production flow, from raw materials to final product delivery, using cloud services.
It is crucial for handling unforeseen events like natural disasters, unpaid bills, and transportation disruptions.
This management strategy helps prevent issues and provides loss mitigation solutions, ensuring company success.
Cloud-Based Supply Chain Risk Management: Key to Future-Proofing Your Company
Disruptions in the supply chain are inevitable. From natural disasters to cyber-attacks, these unexpected events can severely impact operations. However, cloud-based supply chain risk management provides the tools needed to identify and mitigate potential risks, ensuring a company’s resilience and stability.
Identifying Risk Exposure
Proactive risk identification is crucial for mitigating losses. Cloud-based systems enable companies to foresee potential disruptions, whether natural or cyber-related, and take necessary
precautions. Early identification of risks allows for the implementation of strategies to prevent or minimize their impact, safeguarding the company’s operations and reputation.
Vetting Suppliers with Aggregate Data
Vetting suppliers is challenging but essential. Cloud-based supply chain management software aggregates supplier risk scores from internal and third-party data, providing access to vendor information, contracts, and expenditures. This comprehensive data accumulation enables companies to select less risky suppliers, reducing the likelihood of future disruptions and fostering a more reliable supply chain.
BOTTOMLINE
Reducing Risk Spend in Real-Time
Real-time risk mitigation is a fundamental benefit of cloud-based systems. Organizations use large-scale data to address issues, prepare for cyber-attacks, and protect equipment.
Having all necessary information readily available facilitates quick decision-making and action planning, helping companies respond effectively during crises.
Addressing Supply Chain Risk Management Concerns
To effectively address supply chain risk management challenges, adopting cloud computing standards is advisable. Cloud-based systems secure access points, limit risks, and allow business processes to be conducted securely.
This approach not only mitigates risks but also ensures smooth and secure operations across the supply chain.
Implementing cloud-based supply chain risk management is a strategic move towards future-proofing a company. By identifying risks early, vetting suppliers with aggregated data, reducing risk spend in real-time, and addressing risk management concerns securely, companies can navigate disruptions with greater confidence and resilience.
In today’s interconnected digital ecosystem, the security of a business’s supply chain is utmost important. A breach in a supplier’s system can have a cascading effect, compromising the entire supply chain.
Therefore, businesses must ensure that their partners and vendors also adhere to stringent security standards. This involves conducting regular security assessments, establishing clear security protocols, and fostering collaboration to address potential vulnerabilities.
As technology continues to evolve, so too will the nature of cyber threats. Businesses must adopt a proactive approach to security, anticipating future threats and continuously updating their security measures.
This includes staying informed about the latest security trends, investing in new security technologies, and fostering a culture of security awareness within the organization.
Conclusion
Several factors make cloud supply chain security more critical than ever. The increasing threat of data breaches, regulatory compliance requirements, the rise of remote work, and the financial implications of unsecured data all underscore the importance of securing cloud systems.
For businesses considering cloud solutions, implementing robust security measures is vital to fully harness the benefits of cloud technology while ensuring relevant protection.
By prioritizing cloud supply chain security, businesses can protect their assets, maintain customer trust, and thrive in the digital age.
World CyberCon 3.0 META Awards
Crown Cybersecurity Leaders in the Middle East
- By Samiksha Jain
The Cyber Express World CyberCon 3.0 META cybersecurity conference in Dubai was a standout event, showcasing significant achievements in cybersecurity with its prestigious META Awards.
Hosted at Al Habtoor Palace, the awards ceremony gathered top talent from the cybersecurity sector, honoring individuals and organizations that have significantly enhanced cyber defenses across the META region.
Among the esteemed awardees, Thomas Heuckeroth from Emirates Group and Dr. Hoda A. Alkhzaimi from EMaratsec were recognized as The Cyber Express Cybersecurity Persons of 2024 for their exceptional contributions.
Here is the complete list of all other winners:
The Cyber Express Cybersecurity Person of 2024 (META): Man
The Cyber Express Cybersecurity Person of 2024 (META): Woman
Thomas Heuckeroth, SVP IT Infrastructure & Digital Platforms, Emirates Group
Dr. Hoda A Alkhzaimi, President, Emirates Digital Association for Women & Co-Chair for Global Future Council for Cyber Security, World Economic Forum
GLITZ & GLAMOUR
The Cyber Express Cybersecurity Diversity and Inclusion Advocates of 2024
The Cyber Express Infosec Guardians of 2024 (BFSI)
Yana Li
WebBeds
Dina AlSalamen
Bank ABC (Jordan)
Rudy Shoushany
DxTalks
Aus Alzubaidi
MBC Group
Saltanat Mashirova
Honeywell
Anthony Sweeney
Deribit
Bipin Mehta
HSBC Bank
Syed Muhammad Ali Naqvi
HBL Bank
Kiran Kumar PG
Alpheya
Ahmed Nabil Mahmoud
Abu Dhabi Islamic Bank
The Cyber Express Infosec Guardians of 2024 (Government & Critical Entities)
The Cyber Express Top Cybersecurity Influencers of 2024
Talal AlBalas from Abu Dhabi Quality and Conformity Council (ADQCC)
Abdulwahab Abdullah Algamhi
UAE ICP
Vinoth Inbasekaran
Dubai Government Entity – Alpha Data
Dr Hamad Khalifa Alnuaimi
Abu Dhabi Police
Dr Saeed Almarri
Dubai Police
Dr. Mohammad Al Hassan
Abu Dhabi University
Maryam Eissa Alhammadi Ministry of Interior
Hadi Anwar
CPX
Waqas Haider
HBL Microfinance Bank
Red Sea International
Nishu Mittal
Emirates NBD Chenthil Kumar
Nisha Rani
Emirates Leisure Retail
The Cyber Express Top Cybersecurity Influencers of 2024
The Cyber Express
Top InfoSec Leaders
2024
Mohamad Mahjoub
Veolia Near and Middle East
Ankit Satsangi
Beeah Group
Gokul Vasudev
Dubai Health Authority
Ashish Khanna
SHARAF GROUP
Abhilash Radhadevi
Oq Trading
Prashant Nair
Airtel Africa PLC
Jasim Al Abdouli
Sharjah Cooperative Society
May Brooks Kempler
Helena
Illyas Kooliyankal
CyberShelter
Kazi Monirul
Spider Digital
The Cyber Express Top Infosec Entrepreneurs
2024
Muneeb Anjum
AHAD
Craig Bird
CloudTech24
Zaqiuddin Khan
Tech Experts LLC
Alireza Shaban Ghahrod
Diyako Secure Bow
Loic Falletta
Yinkozi, Ltd
The Cyber Express Top Infosec Entrepreneurs 2024
To Wrap Up
The Cyber Express World Cybercon 3.0 META Cybersecurity conference successfully raised the bar for the collective dedication of cybersecurity professionals in the META region.
By fostering dialogue, sharing insights, and recognizing excellence, the event played an important
role in advancing cybersecurity resilience and shaping the future of cybersecurity across industries.
The Cyber Express awards recognized the hard work and innovative solutions of the finest brains in cybersecurity, emphasizing the message that collaborative and proactive actions are critical to protecting our digital future.
The Role of Automation in IT: Enhancing Efficiency and Innovation
- By Prashant Warankar
CTO & CISO at Sterlington
As we stand on the brink of a technological revolution, automation in Information Technology (IT) is becoming a pivotal force driving efficiency and innovation. From sophisticated AI-driven systems to
seamless workflow integrations, automation is reshaping the IT landscape, unlocking new potentials, and setting the stage for a future defined by unprecedented advancements.
article explores how automation is transforming IT, enhancing operational efficiency, and fostering groundbreaking innovations, painting a futuristic and insightful picture of what’s to come.
FORESIGHT
The Evolution of Automation in IT
Automation in IT has evolved from simple script-based tasks to complex systems powered by artificial intelligence (AI) and machine learning (ML). Today, we are witnessing the integration of advanced technologies that enable systems to self-optimize, learn, and adapt, pushing the boundaries of what automation can achieve.
Key Drivers of Automation
Artificial Intelligence and Machine Learning: AI and ML algorithms enable systems to analyze vast amounts of data, identify patterns, and make intelligent decisions without human intervention.
• Robotic Proce
ss Automation (RPA): RPA tools automate repetitive, rule-based tasks, freeing up human resources for more strategic and creative work.
• Cloud Computing: The scalability and flexibility of cloud services facilitate the deployment and management of automated systems across diverse environments.
• Internet of Things (IoT): IoT devices generate real-time data that automated systems can use to enhance efficiency and drive innovation.
Enhancing Efficiency Through Automation
Automation is revolutionizing IT operations by enhancing efficiency, reducing costs, and improving reliability. The following sections highlight how automation achieves these goals.
Streamlined IT Operations: Automated systems perform tasks with greater speed and precision than human counterparts. For instance, automated deployment tools can update software across thousands of devices in minutes, minimizing downtime and ensuring consistent performance. This level of efficiency is crucial for maintaining business continuity and delivering seamless user experiences.
Proactive Maintenance and Support: Automation enables proactive monitoring and maintenance of IT infrastructure. AI-powered systems can predict potential issues, such as hardware failures or security vulnerabilities, before they occur, allowing for timely interventions. This proactive approach reduces downtime, enhances system reliability, and minimizes the impact of IT disruptions on business operations.
Cost Reduction: By automating repetitive and laborintensive tasks, organizations can significantly reduce operational costs. Automation eliminates the need for manual intervention, lowering labor costs and reducing the risk of errors. Additionally, automated systems operate 24/7 without the need for breaks or overtime pay, further enhancing cost efficiency.
Driving Innovation with Automation: Beyond enhancing efficiency, automation serves as a powerful catalyst for innovation, enabling organizations to explore new frontiers and develop cutting-edge solutions.
Accelerated Development and Deployment: Automation tools in software development, such as continuous integration and continuous deployment (CI/CD) pipelines, enable faster and more frequent releases. This agility allows organizations to rapidly respond to market demands, experiment with new ideas, and deliver innovative products and services with unprecedented speed.
Advanced Data Analytics: Automation facilitates sophisticated data analysis by processing and analyzing vast datasets in real-time. AI-powered analytics tools can uncover hidden patterns, generate actionable insights, and support data-driven decision-making. These insights drive innovation by revealing new opportunities and guiding strategic initiatives.
Enhanced Customer Experiences: Automated customer service solutions, such as chatbots and virtual assistants, provide instant and consistent support to customers. These systems leverage AI to understand and respond to customer queries, offering personalized assistance and resolving issues efficiently. By enhancing customer experiences, organizations can build stronger relationships and drive loyalty, ultimately fostering innovation in service delivery.
The Futuristic Vision of IT Automation
Looking ahead, the future of IT automation promises even more transformative advancements, driven by emerging technologies and innovative approaches.
AI-Driven Autonomous Systems: The next generation of automation will feature AI-driven autonomous systems capable of self-learning and self-optimization. These systems will continuously improve their performance by learning from past experiences and adapting to new challenges autonomously. This level of intelligence will enable organizations to tackle complex problems and explore innovative solutions with minimal human intervention.
Quantum Computing: Quantum computing has the potential to revolutionize IT automation by solving problems that are currently intractable for classical computers. Quantum algorithms can optimize complex processes,
enhance security protocols, and accelerate data analysis, driving unprecedented levels of efficiency and innovation in IT operations.
Human-AI Collaboration: The future will see a seamless collaboration between humans and AI, where AI augments human capabilities rather than replacing them. This symbiotic relationship will enable IT professionals to focus on creative and strategic tasks, leveraging AI to handle routine and complex operations. This collaboration will unleash a new wave of innovation, driving progress across industries.
Conclusion
Automation is not just enhancing efficiency in IT but also unlocking new avenues for innovation. By automating routine tasks, organizations can reduce costs, minimize errors, and improve reliability.
More importantly, automation frees up human talent to focus on creative and strategic initiatives, driving the development of innovative solutions that propel businesses forward. As we look to the future, the role of automation in IT will continue to grow, shaping a world where efficiency and innovation are seamlessly intertwined, leading to a future that is both exciting and transformative.
About Author:
Prashant Warankar, CTO & CISO at Sterlington, leverages 18 years of expertise driving IT strategy, business transformation, and technology initiatives across diverse sectors. A seasoned leader in digital transformation and information security, he excels in IT governance, strategic digital initiatives, and managing multi-million-dollar projects globally.
The Future of Secure Coding Lies in Preventive Cybersecurity
- By Peter Marelas Chief Architect and Head of Technical Specialists, APAC, New Relic.
Generative AI is transforming the way businesses operate, promising improved productivity and operational efficiency. However, businesses are worried about the cybersecurity implications of generative AI, and its capacity to expand the attack surface further.
The vast majority of Indian businesses (91%) say employees’ personal use of generative AI will lead to a tangible increase in productivity within the next 12 months, and 73% also say generative AI will lead to catastrophic cyberattacks.
Malicious actors could exploit large language models (LLMs) to craft advanced cyber-attacks, disseminate misinformation, access sensitive data without authorisation, or compromise the integrity of AI training datasets.
As generative AI tools become ubiquitous and integrated into everyday workflows, the most effective risk mitigation approach is to detect risks early in the software development lifecycle, ensuring vulnerabilities are identified and addressed promptly.
TRENDS
Challenges in Shifting Left
Traditionally, peer code reviews and static code analysis are key strategies employed to address cybersecurity risks in software development. However, peer reviews may not scale effectively with the increased productivity brought by generative AI, leaving static code analysis as the primary option. While useful, these tools, which rely on pattern matching to identify insecure code, are not perfect and may miss vulnerabilities.
When code isn’t secure, generative AI tools may inadvertently produce more insecure code. The absence of stringent regulations and guardrails around the use of generative AI in software development poses a risk for organisations. Establishing robust governance protocols and ensuring generated code adheres to security standards is essential.
This involves regular security assessments, such as penetration testing, and the continuous application monitoring to detect and mitigate risks promptly.
How Can Organisations Adopt Secure Coding Practices?
In the fast-paced world of tech development, developers often face immense pressure to deliver software quickly, which may lead to neglect in addressing all security vulnerabilities.
Integrating security practices throughout the software development lifecycle is essential for securing code. This includes using automated tools like Interactive Application Security Testing (IAST) in concert with full-stack observability platforms.
These platforms subject non-production application environments to real world adversarial conditions and use the collected telemetry data to provide proof of exploit when vulnerabilities are identified.
It’s important to have the right cybersecurity tools and secondary systems that can identify the most critical vulnerabilities. Furthermore, fostering a security-first culture from the top-down is imperative.
By instilling a mindset focused on security at the executive level, organisations can ensure that security considerations are prioritised and that potential security issues are addressed before they escalate into more severe problems.
Threat actors need only one vulnerability to perpetrate an attack, while organisations must get it right 100% of the time to stay secure. While it is challenging to mitigate all cyber risks, it’s important for organisations to build moats around their most critical assets to make it more challenging and time consuming for cybercriminals to perpetrate an attack. Deterrence in the cybersphere begins with secure coding. Organisations need to adopt secure coding practices if they want to thrive now, and into the future.
About Author:
Peter Marelas has over 25 years of experience leading transformative programs and teams, solving complex technical and business challenges. As the GTM thought leader and Chief Architect for New Relic APAC, he leads a team of technical experts. He holds multiple qualifications and patents in data science, deep learning, and cloud engineering.
THE IMPORTANCE OF GRC IN MODERN
CYBERSECURITY STRATEGIES OBJECTIVES
- By Pooja Shimpi Founder. SyberNow
Nowadays, cybersecurity has become a critical priority for organizations of all sizes and sectors. With the increasing complexity of cyber threats, the need for a comprehensive, integrated approach to governance, risk, and compliance
(GRC) is more important than ever. GRC frameworks help organizations align their IT and business objectives while ensuring that risks are managed and compliance requirements are met. Before we start, lets understand the basics of GRC.
GOVERNANCE
Understanding GRC: Governance, Risk Management, and Compliance
Governance in the context of cybersecurity refers to the framework, policies, and procedures that ensure an organization’s information security strategies align with its overall business objectives. It involves setting clear security goals, defining roles and responsibilities, and establishing accountability mechanisms.
Risk Management involves identifying, assessing, and prioritizing risks to the organization’s information systems. This process includes developing strategies to mitigate, transfer, accept, or avoid risks. Effective risk management ensures that potential threats are systematically addressed before they can cause significant damage.
Compliance refers to adhering to relevant laws, regulations, standards, and internal policies. In cybersecurity, this includes complying with data protection laws like GDPR, industry standards like ISO 27001, and internal security policies. Compliance helps organizations avoid legal penalties, reputational damage, and financial losses.
The Integration of GRC in Cybersecurity
1. Holistic Risk Management
One of the primary benefits of integrating GRC into cybersecurity is the development of a holistic approach to risk management. Instead of addressing risks in isolation, GRC provides a comprehensive view of all potential threats, including cyber risks, operational risks, financial risks, and regulatory risks.
This integrated approach ensures that risk management is not siloed but is embedded into the organizational culture, leading to more effective identification and mitigation of threats.
2. Strategic Alignment
GRC frameworks ensure that cybersecurity initiatives are aligned with the organization’s strategic goals. By linking security objectives with business objectives, GRC helps in prioritizing cybersecurity investments based on their impact on the organization’s mission and strategic direction.
This alignment ensures that resources are allocated efficiently, and security measures support the overall business strategy.
3. Enhanced Decision Making
Effective governance provides a structured decisionmaking process. By establishing clear policies and procedures, GRC frameworks facilitate informed decisionmaking regarding cybersecurity issues. Risk management processes provide valuable insights into potential threats and their impact, enabling organizations to make proactive decisions. Compliance ensures that all decisions are within legal and regulatory boundaries, reducing the risk of legal complications.
4. Improved Incident Response
A well-integrated GRC framework enhances an organization’s ability to respond to cybersecurity incidents. Governance policies define clear roles and responsibilities during an incident, ensuring a coordinated response. Risk management processes identify critical assets and potential vulnerabilities, enabling quicker detection and mitigation of attacks. Compliance with standards and regulations often requires incident response plans, ensuring that organizations are prepared for breaches and can minimize their impact.
5. Regulatory Compliance and Avoidance of Penalties
In today’s regulatory landscape, non-compliance can lead to severe penalties, including fines, legal action, and reputational damage. GRC frameworks help organizations stay compliant with relevant laws and regulations. By systematically managing compliance, organizations can avoid costly penalties and protect their reputation. Moreover, a proactive approach to compliance demonstrates a commitment to security and trustworthiness, which can enhance stakeholder confidence.
6. Continuous Improvement
GRC is not a one-time activity but an ongoing process. Regular audits, risk assessments, and compliance checks ensure that the organization’s cybersecurity posture is continuously monitored and improved. This iterative process helps in adapting to new threats, changing regulations, and evolving business needs. Continuous improvement through GRC ensures that cybersecurity strategies remain effective and relevant over time.
GOVERNANCE
Implementing GRC: Best Practices
1. Establish a GRC Framework
The first step in implementing GRC is to establish a comprehensive framework that outlines governance policies, risk management processes, and compliance requirements. Frameworks such as COBIT (Control Objectives for Information and Related Technologies), ISO 31000 (Risk Management), and ISO 27001 (Information Security Management) provide structured approaches to GRC.
2. Integrate GRC with Business Processes
GRC should not be an isolated function but should be integrated with existing business processes. This integration ensures that GRC activities support business objectives and are embedded into the organizational culture. Collaboration between cybersecurity teams, business units, and top management is crucial for successful integration.
3. Leverage Technology
Modern GRC tools and technologies can streamline and automate many GRC activities. Solutions like GRC software platforms provide centralized dashboards for managing governance policies, risk assessments, and compliance documentation.
Automation reduces the administrative burden, ensures consistency, and enhances the accuracy of GRC activities.
4. Conduct Regular Training and Awareness Programs
A robust GRC framework requires the active participation of all employees. Regular training and awareness programs ensure that employees understand their roles and responsibilities regarding cybersecurity.
We at SyberNow specializes in engaging cybersecurity awareness trainings for employees which not only improve their engagement levels but help build a strong cybersecurity culture within an organization.
5. Monitor and Review
Continuous monitoring and regular reviews are essential for maintaining an effective GRC framework. Regular audits, risk assessments, and compliance checks help in identifying gaps and areas for improvement.
Monitoring also ensures that the GRC framework adapts to new threats, regulatory changes, and evolving business requirements.
Conclusion
In the face of increasingly sophisticated cyber threats and a complex regulatory environment, a robust GRC framework is indispensable for modern cybersecurity strategies.
By integrating governance, risk management, and compliance into a cohesive framework, organizations can enhance their resilience, ensure regulatory adherence, and build trust with stakeholders.
Overcoming the challenges associated with GRC implementation requires a strategic approach, leveraging technology, and fostering a risk-aware culture. The risks of neglecting GRC are too significant to ignore, making it a critical component of any organization’s cybersecurity strategy.
About Author:
Pooja Shimpi is the Founder and CEO of SyberNow, a global cybersecurity expert specializing in human aspects of cybersecurity. She leads cybersecurity awareness and mindfulness trainings for corporations, elevating their security culture. An award-winning DEI advocate, Pooja has held senior roles at major banks and is an international speaker and mentor.
Fostering Inclusivity: Empowering Women in the Field of Technology
- By Anjali Amar Vice President & Country Head India and SAARC, Cloudflare
Technology has become a driving force in global innovation and economic growth. Over the years, it has played a significant role in revolutionizing various industries and sectors.
However, according to data from NASSCOM, women make up only 36% of India’s tech workforce. A significant decline in their presence in the workforce is observed as one moves up the corporate hierarchy.
In 2023, AIM reported the percentage of women in tech leadership roles standing at 8% across sectors.
Despite the progress made by tech companies in increasing female representation among their employees, it is still crucial to ask why we have not had significant progress in changing these statistics.
Addressing this disparity requires concerted efforts to create an environment that is welcoming and
supportive of women’s participation and advancement in the technology ecosystem.
The empowerment of women in technology and nurturing innovations that promote gender equality are essential to achieving true gender equality and fostering diversity and inclusivity. Some of the measures that can be adopted by the tech workforce in achieving this includes the following:
TRAILBLAZERS
Providing a Supportive Workplace Culture
A company’s culture can contribute significantly to attracting and retaining talent across a variety of industries and sectors. To foster a supportive environment for women, tech companies can prioritize diversity and inclusion initiatives.
This may involve promoting flexible work schedules, providing mentorship programs, and actively addressing unconscious biases within the workplace. By adopting these measures, there could be a possibility of creating a supportive workplace culture for women in the tech industry.
Enhancing Family-Friendly Policies
Discriminatory distribution of household roles in terms of childcare and household responsibilities that are a direct result of cultural norms, lead to women dropping out in careers after 3-4 years, as reported by a research by Analytics India Magazine. They usually return when these responsibilities are reduced.
As balancing professional and personal responsibilities can be a common challenge for women, companies can take steps to address this by implementing family-friendly policies, such as maternity and paternity leave, flexible working hours, and on-site childcare facilities.
These measures create a more inclusive workplace that accommodates the diverse needs of employees, especially women.
Cultivating Openness and Awareness
Cultivating openness and awareness in the workplace requires continuous efforts to foster an environment where all voices are heard and valued. This includes actively promoting diversity and inclusion initiatives, such as diversity training programs and affinity groups, that provide opportunities for employees to engage in discussions and
activities centered around inclusion. Likewise, creating channels for feedback and dialogue can help ensure that the concerns and perspectives of women and other underrepresented groups are heard and addressed. By prioritizing transparency and communication, organizations can build trust and cohesion among employees, ultimately fostering a culture where everyone feels empowered to contribute and succeed.
Investing in Skills Development
Empowering women in technology extends beyond hiring practices to include ongoing support and skills development. Organizations can provide resources and opportunities tailored to women’s needs, equipping them with the necessary skills and confidence to thrive in tech-related careers. Encouraging girls and young women to pursue technology education from an early age further strengthens the pipeline of female talent in the industry.
According to Skillsoft’s 2023 Women in Tech Report, only 34% of respondents claimed to have access to coaching, mentoring, and career counseling services, while 82% cited this benefit as extremely or very important.
Moreover, the report also revealed that ‘Women in Tech’ care about how they are learning. According to a Skillsoft report on Women in Tech, 40% of women are looking for training opportunities that offer handson practice. The report also reveals that 37% of women choose training programs based on their preferred delivery formats, such as instructor-led sessions or on-demand content.
Room for Improvement
Addressing the underrepresentation of women in technology requires a multifaceted approach that prioritizes diversity, combats bias, fosters openness, and invests in skills development. By adopting these strategies, individuals, businesses, and organizations can work towards creating a more inclusive and equitable work environment within the technology industry.
About Author:
Anjali Joneja Amar is the Vice President and Country Head at Cloudflare, leading the company’s strategy, culture, and vision in India. With over 25 years of experience in IT, she excels in revenue expansion, digital transformation, and customer success. Anjali is also a passionate mentor for women leaders and a recognized industry expert.
Role of the CISO in Private Equity Portfolio Companies
- By Ankur Ahuja Senior Vice President (SVP) and CISO, Billtrust
The Chief Information Security Officer (CISO) in private equity portfolio companies plays a vital role in safeguarding assets, ensuring compliance, and supporting growth.
Their responsibilities span strategic, operational, and compliance aspects of information security, which are critical in today’s complex digital landscape.
NUGGETS
Strategic Responsibilities
Security Strategy: The CISO develops adaptable security strategies aligned with business goals. This involves understanding the company’s objectives and designing security frameworks that support these goals without hindering operational efficiency. A well-crafted security strategy ensures that the organization can achieve its business objectives while maintaining a robust security posture.
Risk Management: Identifying and mitigating security risks is a core responsibility of the CISO. They must continuously assess the threat landscape, identify vulnerabilities, and implement measures to mitigate potential risks. Effective risk management ensures that the company can preemptively address security threats before they can impact operations.
Leadership Collaboration: Communicating risks and strategies to executives and stakeholders is crucial. The CISO must ensure that the leadership team is aware of the security risks and the strategies in place to address them. This involves regular reporting and collaboration with other executives to integrate security into the overall business strategy.
Operational Responsibilities
Policy Enforcement: Implementing security policies to protect data is a key operational responsibility. The CISO ensures that all employees and systems adhere to established security protocols to safeguard sensitive information. This includes the creation and enforcement of policies related to data access, usage, and storage.
Security Operations: Overseeing daily security tasks and incident response is another critical function. The CISO manages the security operations center (SOC), which monitors for threats and coordinates responses to security incidents. Ensuring that security operations run smoothly is essential for protecting the company’s assets.
Incident Management: Developing and leading incident response plans is a core duty. The CISO must prepare the organization to respond effectively to security breaches. This involves creating incident response protocols, training staff on these procedures, and conducting regular drills to ensure readiness.
Compliance and Governance
Regulatory Compliance: Ensuring adherence to regulations like GDPR and CCPA is a major aspect of the CISO’s role.
They must keep abreast of relevant laws and regulations, ensuring that the company’s security practices comply with legal requirements. This helps avoid legal penalties and builds trust with customers and partners.
Third-Party Management: Monitoring the security of vendors and partners is crucial. The CISO must evaluate the security practices of third parties and ensure that they meet the company’s standards. This includes conducting regular audits and requiring third parties to adhere to specific security protocols.
Governance Reporting: Reporting security status to the board and stakeholders is essential for transparency and accountability. The CISO provides regular updates on the security landscape, current risks, and the effectiveness of security measures. This ensures that the leadership is informed and can make data-driven decisions regarding security.
Awareness and Training
Employee Training: Conducting security awareness programs and training is vital. The CISO must ensure that all employees understand the importance of security and are trained to recognize and respond to potential threats. Regular training sessions help maintain a high level of security awareness across the organization.
Cultural Integration: Promoting a culture of security within the organization is another key responsibility. The CISO works to embed security into the company’s culture, making it a fundamental part of everyday operations. This cultural shift helps ensure that security is a priority for all employees, not just the IT department.
Technology and Innovation
Security Architecture: Designing secure IT infrastructures is a crucial task. The CISO ensures that the company’s IT systems are designed with security in mind, incorporating the latest technologies and best practices to protect against threats.
Data Protection: Implementing robust data protection measures is essential for safeguarding sensitive information. The CISO deploys technologies and processes to protect data from unauthorized access, ensuring that it remains secure both in transit and at rest.
Key Challenges
Balancing Security and Business Needs: Ensuring security measures support business agility is a significant challenge. The CISO must find a balance between implementing stringent security measures and allowing the business to operate efficiently and adapt to changing market conditions.
Scalability: Developing scalable security solutions for growing companies is essential. The CISO must ensure that security measures can scale with the company’s growth,
providing adequate protection as the organization expands.
Change Management: Managing the impact of security changes on business processes is critical. The CISO must ensure that new security measures are integrated smoothly into existing processes, minimizing disruption to operations.
Security Teams in Private Equity Portfolio Companies
Security teams must adapt their strategies to meet each company’s unique needs. This involves:
Customized Approach: Tailoring security to specific risks and regulations. Each company in the portfolio has unique security requirements, and the security team must adapt their approach accordingly.
Centralized Oversight: Maintaining consistent security standards across the portfolio. Centralized oversight ensures that all companies adhere to a common set of security practices.
Resource Sharing: Using shared resources to optimize efficiency. Shared resources allow for costeffective security measures and
access to specialized expertise.
Risk-Based Prioritization: Focusing on critical assets and vulnerabilities. Prioritizing the protection of the most critical assets ensures that resources are allocated where they are needed most.
Scalability: Ensuring solutions can grow with the company. Scalable security solutions ensure that companies can maintain robust security as they expand.
By adopting these strategies, security teams can effectively manage diverse security needs across the portfolio, ensuring comprehensive protection for all companies.
About Author:
Ankur Ahuja, Senior Vice President (SVP) and CISO at Billtrust, is a results-oriented leader with over 17 years of experience in cybersecurity consulting and industry leadership. He excels in securing digital businesses, advising tech-driven corporations, and investing in security startups, with a proven record in managing complex incidents and breaches.
