Can you describe your current role, and what responsibilities do you undertake?
I define strategic vision and lead business planning for technology systems, as well as establish project management and IT governance/prioritization to achieve organizational objectives. I also led business transformation initiatives to create business value, building next-level IT capabilities in the organization. My key strengths include strategic IT and digital transformation experience. I am passionate about data & analytics, problem-solving, and innovative thinking. I use digitalization & social media management to engage CRM, and implementation of complex business solutions on supply chain management, SD, FICO, BIW, power BI, QS, and Tableau. However, I also build and maintain reliable technology systems throughout the organization to provide vision and leadership for all aspects of the organization’s information and technology systems.
How will you describe your journey in the cybersecurity Industry?
Although some may question the value of a cybersecurity degree, it provides structured learning, access to resources, and valuable networking opportunities that can greatly enhance your career in this high-demand field.
In cybersecurity, learning about basic attacks and their prevention provides essential foundational knowledge, helping you understand and tackle more complex and emerging threats effectively. People who make websites rely on templates that have guarded themselves against these kinds of attacks. You don’t need to program a backend that stores your passwords hashed and salted because the solution for those backends is open source and only needs to be applied.
To be a cyber security specialist, you need deep knowledge about how certain things work. And by knowing how these things work you can formulate a unique angle of attack. In small and mid-sized companies, you don’t see someone tasked to do only cyber security. Most of the time the guy works in IT and when there is a security flaw revealed he fixes the flaw. And in big companies where the guy is tasked to do only cyber security, the guy is not a cyber security (under)graduate but someone with years of experience.
If you could make one recommendation to the next generation of cybersecurity leaders, what would it be?
Supporting the next generation of cybersecurity professionals is like being a guide on a stargazing adventure. You point out the constellations like opportunities and challenges in cybersecurity and share captivating stories of the night sky like the impact and value of cybersecurity. By igniting their curiosity and showcasing the beauty of the cosmos, you inspire them to grab their telescopes pursue goals, and explore the vast universe of cybersecurity. Just as a thrilling stargazing event captivates aspiring astronomers, your engagement and inspiration set the stage for the next generation to reach for the stars in their cybersecurity journey.
How do you stay current with the latest security threats and technologies?
Staying ahead of the latest security threats involves a proactive and multi-faceted approach. Here are some strategies:
(1) Continuous Education and Awareness: Stay informed about the latest cybersecurity trends, threats, and best practices. Follow reputable sources, and attend conferences, webinars, and training sessions to keep up-to-date with evolving threats.
(2) Regular Updates and Patching: Ensure all software, including operating systems, applications, and security tools, are regularly updated with the latest patches and security fixes to address known vulnerabilities.
(3) Implement Strong Security Measures: Utilize strong, unique passwords or passphrase combinations, enable multi-factor authentication, and use encryption where possible. Employ firewalls, antivirus software, intrusion detection/prevention systems, and other security tools.
(4) Risk Assessments and Vulnerability Scans: Conduct regular risk assessments and vulnerability scans to identify weaknesses in systems and applications. This enables preemptive actions to address potential threats.
(5) Monitoring and Incident Response Planning: Employ robust monitoring systems to detect potential security incidents in real time. Develop and regularly update an incident response plan to effectively and promptly address any security breaches.
Can you discuss a time when you had to handle a security incident, and what steps you took to resolve it?
Yes, we need to follow the security incident response process, it is centered on the preparation, detection and analysis, containment, investigation, eradication, recovery, and post-incident activity surrounding such an incident.
