
New VEC attack data shows why cybersecurity awareness needs a reboot
New research on vendor email compromise attacks shows that nearly half of employees fall for malicious emails, and 98.5% go unreported.
Read MoreWhat is the hot topic of the year in the current cyber landscape?
The global pressure to extend and improve existing regulations pushes everyone to invest in cybersecurity. All businesses are now competing for the same resources and talent pool.
What are some of the biggest threats, that are not being talked about enough?
When you look at cyber insurance premiums this year, clearly, we see that there is a sea change in 2022. The insurance cost is getting an ever growing % of the security budget, and many companies are at threat to commit too large a % of their security budget in insurance, failing to invest on proper controls.
How do you react to constantly changing threats in the market?
The only constant is change. It keeps the job interesting!
What are some of your favorite "new" technologies or tools?
CSPM Cloud Security Posture Management has been a very good investment for a multi-cloud company like Tokopedia. Regarding Application Security/DAST, we think BurpSuite Enterprise is punching way above its weight (cost!).
What are some of the key components to succeeding as a CISO in today’s business environment?
First, don't be the enemy of business, don't play the security dictator. Create a positive culture about security and make friends in the C-Suite and the board. Mentor your leadership team.
What are the three things that you as CISO look at first to assess an organization’s cybersecurity readiness?
- Look at time-to-resolution across several security controls
- End-of-life situation across the environment
- Access controls with a focus on privileged accounts.
If you had a time machine, what advice would you give yourself at the beginning of your career in cyber?
The best opportunities and learning experiences are often abroad, change is good: relocate early.
You are set to the stage at Black Hat MEA this November, what can our audience expect from your session, and what are you most excited about?
The audience can expect some pointers on how to build good security in developing countries, and what to expect when you merge giant companies with different security approaches and cultures.
Join the newsletter to receive the latest updates in your inbox.
New research on vendor email compromise attacks shows that nearly half of employees fall for malicious emails, and 98.5% go unreported.
Read MoreWith new data from Arkose Labs, learn why psychology, business strategy and timing are just as important as technology for cyber defence.
Read MoreThe latest in a long line of attacks against IoT devices that highlights the vulnerability of the Internet of Things.
Read More