Interview: AI regulation and cybersecurity recruitment

As #BHMEA23 gets a little closer, we caught up with upcoming speaker Matt Lemon PhD (CISO and VP of Cybersecurity at Huawei) for a quick glimpse at his career journey. Lemon holds a Doctorate in CyberForensics and Counter-terrorism and a Masters in Digital Security and Forensics – and over two decades working in the industry. He also mentors new talent in cybersecurity; and sometimes acts as an expert witness for court cases that require digital forensics.

We asked him about the biggest challenges in running security for a global ICT company, and what he thinks about generative AI. Here’s what he told us.

Could you briefly share your career journey so far?

“I started out over 25 years ago as an IT architect, designing systems and networks at a time where the internet wasn’t really a thing and very few businesses had connections to anything else. As networks started to get connected I was involved in the design of those connections and began to get more interested in making those connections secure.  

“That led me to learn about security when it was in its infancy, and I gradually got more and more involved in security until it was my full time job. When applications and systems became more and more connected and as cloud started to evolve, security turned into cybersecurity – and there was even more to learn.

“The key thing to staying relevant in cybersecurity is that there is always something new to learn. And that’s what keeps me interested.”

What are you/your team focused on right now?

“There are several areas of focus; keeping an eye on changes to regulations and making sure that we stay ahead of them and trying to automate security and incident response which often means embracing AI/AL.”

What are the greatest challenges involved in running cybersecurity for a truly global ICT company?

“Currently the biggest challenges are recruiting and retaining the best people. It’s an employee's market at the moment, and losing people after a year to another business is a costly event. It takes time for people to get up to speed in a new business and it is sometimes like a revolving door of team members.  

“We also have the same challenge as many other multinationals: the cultural differences within the different areas of the business. If people work in a truly collaborative way then that challenge is often more of a benefit than anything else, helping people to see and understand things with a different perspective.”

Are you seeing a growth in any novel form of cyber threat; or a resurgence in forms of attack that have been around for a while?

“I think it’s too early to tell if generative AI will materialize into a significant threat; it certainly appears to have the potential for abuse. At the moment the main threats are the same that they have been for a couple of years – and that is ransomware usually combined with phishing attacks.”

Are you worried about generative AI and its potential use by threat actors?

“I think that there will be legislation coming to limit public AI systems and help prevent the level of damage that they may be capable of. We have to be careful not to over regulate though as there are huge benefits for security and business in general when taking AI/ML onboard.  This is an area to continue to watch carefully and to continue with R&D for both implementation and detection techniques.”

Why are events like Black Hat MEA important to the industry, and/or to your work specifically?

“I have been attending events like this for many years and I’ve made great connections and friends at them. There is always an opportunity to learn from peers, from the talks and panels as well as to get to talk with vendors face-to-face and see what’s on offer. It’s much easier to walk the expo floor and see products than try to arrange demos over video. Black Hat attracts the best presenters and attendees which provides an excellent opportunity to learn – which is hard to beat by any other method.”

Thanks to Matt Lemon at Huawei. Discover Black Hat MEA to learn more.