Can you describe your current role, and what responsibilities do you undertake?
I am presently working as Group CIO (SFO Technologies-NeST Group) with more than 25 years of working experience. As the technology leader, I drive digital transformation by leveraging emerging technology and innovations and establishing a strong ENTERPRISE/INFORMATION/CYBER-SECURITY poster for the enterprise. My business exposure spans industry verticals such as hospitality, airline and airport operations, travel and tour, supply chain, logistics, transportation, manufacturing, R&D, and IT services. I believe in continuous learning and look to leverage expertise in PMI/PMP/Scrum-Agile/ITIL/Dev-Ops/BA/EA principles with a proven track record in rolling out D365, F&O, SCM, CRM, SAP FICO, MM, and SuccessFactors. Winner of over 20+ awards for leadership in innovation, data analytics, strategic project delivery, and value creation.
How will you describe your journey in the cybersecurity industry?
My journey in the cybersecurity industry began in the early 2000s, when I was the first mobile and wireless engineer at Emirates Airline. I played a key role in designing and documenting a Wireless Security Standard, which at the time already incorporated advanced concepts like multi-factor authentication, device authentication, personal authentication, and a strong AAA (Authentication, Authorization, and Accounting) framework. Since then, I have continuously evolved with the industry, gaining expertise in various security technologies, refining processes, and adhering to evolving standards and certifications. Today, I oversee enterprise security, managing both internal and external threats, implementing layered security architectures, and working closely with regulatory bodies to ensure compliance. It’s been an exciting and challenging journey, navigating the ever-changing landscape of cybersecurity.
If you could make one recommendation to the next generation of cybersecurity leaders, what would it be?
If I could offer one recommendation to the next generation of cybersecurity leaders, it would be to stay alert, adaptable, and committed to continuous learning. The threats you’ll face in the future are constantly evolving, and many won’t have established solutions or any books written on them yet. It’s crucial to embrace uncertainty, think critically, and devise innovative solutions when conventional methods fall short. Collaboration across teams and industries will be essential, as cybersecurity is a collective effort. Focus on building resilient systems that prioritize detection and rapid recovery rather than striving for perfection.
How do you stay current with the latest security threats and technologies?
I stay current with the latest security threats and technologies through a combination of strategies. First, I actively engage with a strong partner ecosystem, collaborating with vendors and industry experts who provide valuable insights into emerging threats and solutions. Attending cybersecurity conferences and seminars allows me to learn from thought leaders and gain exposure to cutting-edge technologies. I also maintain a daily watch on cybersecurity news portals, staying informed on the latest vulnerabilities, breaches, and defense mechanisms. Networking with peers in the industry, as well as learning from internal experiences, provides practical perspectives on handling threats in real-world scenarios. Additionally, ongoing security awareness and risk assessments within my organization help identify potential gaps and reinforce our defense strategies.
Can you discuss a time when you had to handle a security incident, and what steps you took to resolve it?
Throughout my career, I have handled numerous security incidents, from the Nimda attack in 2001 to more recent ransomware threats. While specifics cannot be disclosed, the approach has always been consistent: follow a proven methodology of identify, isolate, communicate, and resolve, often leveraging frameworks like MITRE ATT&CK. The key steps include preparing with a solid Incident Response Plan (IRP), detecting anomalies through continuous monitoring, containing threats by isolating affected systems, eradicating the root cause through patching and removal, and recovering systems to their pre-incident state. Post-incident, it’s critical to document the process, communicate with stakeholders, and update the IRP based on lessons learned. Speed, coordination, and communication are vital, ensuring that each incident is handled swiftly and effectively to minimize impact.