Can you describe your current role, and what responsibilities do you undertake?
I am the CIO for group of companies digitalization in education, healthcare, hotel, retail, telco, E-Money operator, consulting, construction, F&B and automotive.
How will you describe your journey in the cybersecurity Industry?
Handholding University’s Computer Science Faculty offers a Bachelor’s Degree in Cybersecurity that integrates the PaloAlto syllabus into the course curriculum. The program includes implementing a Security Information and Event Management (SIEM) system and a mini Security Operations Center (SOC) within the campus data center. Additionally, we focus on enhancing API security through tokenization and session control, ensuring compliance with penetration testing (Pentest) and Payment Card Industry Data Security Standard (PCIDSS) requirements. This comprehensive approach equips students with practical skills to address real-world cybersecurity challenges.
If you could make one recommendation to the next generation of cybersecurity leaders, what would it be?
Embrace Continuous Learning, Integration and Collaboration with Cybersecurity partners and vendors. In the ever-evolving landscape of cybersecurity, staying up-to-date is crucial. Continuously learn & train my team about emerging threats, technologies, and best practices. Engage with the community by attend conferences and contribute as speaker, participate in forums, and collaborate with peers. Share knowledge openly, as collective intelligence strengthens our defenses. I strongly believe cybersecurity is a team effort, and together, we can build a more secure digital infrastructure and applications.
How do you stay current with the latest security threats and technologies?
1. Continuous Learning:
a) Read industry cybersecurity blogs, cybersecurity research papers, and security news.
b) Follow cybersecurity experts on social media for updates.
2. Training and Certifications:
a) Attend workshops, webinars, and conferences.
b) Pursue relevant certifications (e.g., CISSP, CEH, OSCP).
3. Hands-On Practice:
a) Set up a lab environment to experiment with tools and techniques.
4. Industry Collaboration:
a) Engage in communities (e.g., forums, Slack channels).
b) Share knowledge and learn from peers.
Can you discuss a time when you had to handle a security incident, and what steps you took to resolve it?
1. Detection and Analysis:
Isolate impacted systems promptly to prevent further spread. Use out-of-band communication (e.g., phone calls) to coordinate actions discreetly.
Power down devices if network disconnection isn’t feasible.
2. System Restoration:
Prioritize critical systems for restoration on a clean network. Getting backup image snapshot for forensic investigation. Identify the unaffected systems for efficient recovery.
3. Learn and Preventive Measures:
Develop an incident recovery plan with defined roles. Implement a robust data backup (Veeam) and restoration strategy. Get Cybersecurity team to prepare, limit, and prevent future attacks
