“My journey in cybersecurity is a dynamic and evolving path,” said Farina Mutia, SVP, Information Security Head (Country CISO Indonesia), UOB

Can you describe your current role, and what responsibilities do you undertake?

I am leading a team of more than 40 staff and 7 departments from implementation of Cyber Security Project and Strategy, handling Cyber Security Incidents, Security Surveillance Activities, Information Security Governance, etc

How will you describe your journey in the cybersecurity industry?

My journey in cyber security is a dynamic and evolving path that demonstrates the ability to adapt, strategize, and improve cyber security posture within the company. From establishing security foundation, implementation of security controls, improving baseline controls and adaptation of controls of new security threats

If you could make one recommendation to the next generation of cybersecurity leaders, what would it be?

1. Always evolve with new cybersecurity technology, specifically in Zero Trust Technology, Machine Learning, Behavioral Analysis, etc.

2. Stay alert to new cyber threats, zero-day vulnerabilities, and IOCs (IPs and hashes), and implement new critical and high-security patches.

3. Implement end-to-end control protection from Identify, Protect, Detect, Response, Recover, and Govern (using NIST CSF Framework 2.0) and combine with Red Team, Blue Team, and Purple Team.

4. Focus on revamping obsolescence technology and increasing compensating controls surrounding it.

How do you stay current with the latest security threats and technologies?

1. Working together with multiple Cyber Threat Intelligence for identifying zero-day vulnerabilities, critical and high-security patches, and IOCs.

2. For security technology, it depends on the needs of the cybersecurity landscape, framework, and architecture within the company.

Can you discuss a time when you had to handle a security incident, and what steps you took to resolve it?

Notification from EDR endpoints, isolate the end points and connected network devices, disable the IP from the network (including MAC address), and reimage the end point.

In addition, monitor via NDR and EDR if there is any lateral movement from affected devices.