Emerging from a black hole with human-centred security

As we move closer to Black Hat MEA 2023, we spoke to upcoming speaker Bjørn R. Watne (SVP and CSO at Telenor Group) to get his perspective on uncertain times, security in an increasingly connected world, and the value of international cybersecurity conferences.

Watne has two decades of experience in the industry, and he’s skilled at bridging the gap between cybersecurity and business strategy.

Here’s what he told us.

Could you share your career journey so far, and any pivotal moments along the way?

“I actually ended up in information security by chance. Graduating with an engineering degree in computer science, my initial goal was to get into systems administration of some sort and build computers and networks hands on.

“Then there were some friends of mine who had just left their jobs to start an information security company, as they believed that to be something for the future. Being a startup they needed more people on board, and there I was.

“Fast forward 23 years and I’m now the Chief Security Officer with one of Norway’s largest technology companies.

“Having been in the industry for so long, it’s difficult to find pivotal moments. Most have happened as an evolution rather than a revolution. That being said, I think there was one point in time a few years back – between 2015-2016 – where we saw the coming of GDPR, and security really took the leap from the server-room to the board-room. Before that time I was seldom visiting the latter, but since then the topic has gotten a lot more attention from top management and the board of directors, and if anything this only seems to increase.”

What are you focused on right now?

“These days geopolitics are playing a much bigger role than before in my field. Sanctions make it difficult to follow up on supply chains, and new regulations like DORA and NIS2 put more strict requirements on how we do initial risk assessments, that we to a larger degree include any involved third-parties, and that we are more diligent in reporting incidents and vulnerabilities.

“Adapting to this new regulatory landscape, and political challenges, takes a lot of focus right now – especially for a global operation like ours. Another element that’s brought along in times like these is better preparations on potential emergencies and crises.

“To cut it short: third-party risk management and crisis management are the key focus areas right now.”

What have you learnt over the last three years or so – both in terms of cybersecurity risk, and in terms of how to handle working through a rapidly changing and uncertain time?

“Well to be honest I personally feel that two of the past three years have been a black hole (and one that I’m trying to forget). The covid-19 pandemic certainly digitalized our society more or less overnight, and we were truly blessed here in the Nordic region being quite advanced in the roll-out of digital tools already, before March 2020.

“The key learnings I took from navigating through a pandemic in terms of security, I would say, are the vulnerability of human beings, and the importance of addressing each individual, and not just processes and technology.

“Coming out of the pandemic we see a huge uptake in credential theft and attacks targeting humans and endpoints, as so many people were working from home – many not even having fully returned to the office yet. This will certainly need to be addressed going forward.”

Is there anything you believed about cybersecurity at the beginning of your career that you no longer think is true or relevant?

“That 640K of memory should be enough for everyone? Jokes aside – at the beginning of my career, around 2000, we were aiming to block any attackers from entering the systems we were protecting. That has long since proven to be utopia. «Assume breach» is what everyone should be thinking, and adapt accordingly. You can never fully protect yourself from being hacked and at the same time operate a connected business. What’s important is that you have good mechanisms in place to detect when it happens, and likewise to restore the business to an operational state and evict the attackers.”

Finally, why is Black Hat MEA valuable to you/your industry?

“Events like Black Hat MEA are highly relevant in the way they bring together top researchers, subject matter experts, and thought leaders – and create an arena where ideas can be exchanged and discussed.

“Often at your daily job you’re so occupied with everything that’s going on that it’s impossible to lift your head and have a look around. Attending one of the bigger conferences once or twice a year and just shutting down your emails for a few hours is very valuable in terms of gaining new inputs, knowledge and perspective. Security professionals being a lively bunch, it’s often very possible you’ll make a friend or two as well.”
Thanks to Bjørn Watne at Telenor Group. Want to learn more? Register now for Black Hat MEA 2023.